Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
MIpuuSiSZ4.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x9bd413be, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_MIp_773949b15a9dc27bfcd3f791ccbc8dda8da3511_ceeedb37_116bd172\Report.wer
|
Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_rundll32.exe_MIp_aa8bb9fdf8d32e2840ca8df43968d536d04b9a9_ceeedb37_1a1fcd1c\Report.wer
|
Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER940B.tmp.dmp
|
Mini DuMP crash report, 15 streams, Fri Jul 22 20:58:11 2022, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER9FD2.tmp.dmp
|
Mini DuMP crash report, 15 streams, Fri Jul 22 20:58:12 2022, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB4E2.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB764.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB89A.tmp.csv
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERBB5A.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERBE49.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC0F8.tmp.csv
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC28F.tmp.txt
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WERC6A7.tmp.txt
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, 61712 bytes, 1 file
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
ASCII text, with no line terminators
|
dropped
|
There are 7 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\MIpuuSiSZ4.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\MIpuuSiSZ4.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\MIpuuSiSZ4.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\MIpuuSiSZ4.dll,AddStroke
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\MIpuuSiSZ4.dll,AddWordsToWordList
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\MIpuuSiSZ4.dll,AdviseInkChange
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\FmCnbLJkOlaRytmc\QMbXoKRooU.dll"
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\YbTPHZsAWIZFUi\eAeQcUPg.dll"
|
|
|
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\MIpuuSiSZ4.dll",#1
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k WerSvcGroup
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -pss -s 484 -p 6160 -ip 6160
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -pss -s 516 -p 3896 -ip 3896
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 6160 -s 336
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 3896 -s 328
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
There are 10 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://174.138.33.49/7
|
unknown
|
|
|
|
https://174.138.33.49:7080/temy
|
unknown
|
|
|
|
https://174.138.33.49:7080/Numv
|
unknown
|
|
|
|
https://www.disneyplus.com/legal/your-california-privacy-rights
|
unknown
|
||
|
https://www.disneyplus.com/legal/privacy-policy
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing
|
unknown
|
||
|
https://174.138.33.49:7080/
|
unknown
|
||
|
https://www.hotspotshield.com/terms/
|
unknown
|
||
|
https://www.pango.co/privacy
|
unknown
|
||
|
https://disneyplus.com/legal.
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://www.tiktok.com/legal/report/feedback
|
unknown
|
||
|
http://help.disneyplus.com.
|
unknown
|
||
|
https://support.hotspotshield.com/
|
unknown
|
||
|
https://174.138.33.49/
|
unknown
|
There are 5 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
32.7.0.0
|
unknown
|
United States
|
|
|
|
174.138.33.49
|
unknown
|
United States
|
|
|
|
128.7.0.0
|
unknown
|
Germany
|
|
|
|
192.168.2.7
|
unknown
|
unknown
|
|
|
|
20.7.0.0
|
unknown
|
United States
|
|
|
|
108.7.0.0
|
unknown
|
United States
|
|
|
|
80.7.0.0
|
unknown
|
United Kingdom
|
|
|
|
92.7.0.0
|
unknown
|
United Kingdom
|
|
|
|
244.6.0.0
|
unknown
|
Reserved
|
|
|
|
240.69.242.0
|
unknown
|
Reserved
|
|
|
|
184.6.0.0
|
unknown
|
United States
|
|
|
|
192.6.0.0
|
unknown
|
United States
|
|
|
|
112.7.0.0
|
unknown
|
China
|
|
|
|
64.6.0.0
|
unknown
|
United States
|
|
|
|
214.112.3.0
|
unknown
|
United States
|
|
|
|
4.7.0.0
|
unknown
|
United States
|
|
|
|
76.7.0.0
|
unknown
|
United States
|
|
|
|
96.7.0.0
|
unknown
|
United States
|
|
|
|
240.6.0.0
|
unknown
|
Reserved
|
|
|
|
243.112.3.0
|
unknown
|
Reserved
|
|
|
|
200.6.0.0
|
unknown
|
Ecuador
|
|
|
|
241.112.3.0
|
unknown
|
Reserved
|
|
|
|
124.7.0.0
|
unknown
|
India
|
|
|
|
16.7.0.0
|
unknown
|
United States
|
|
|
|
36.7.0.0
|
unknown
|
China
|
|
|
|
244.26.0.0
|
unknown
|
Reserved
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
127.0.0.1
|
unknown
|
unknown
|
There are 18 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{0ce580c3-9356-6b11-5fcc-934541472052}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProgramId
|
||
|
\REGISTRY\A\{0ce580c3-9356-6b11-5fcc-934541472052}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
FileId
|
||
|
\REGISTRY\A\{0ce580c3-9356-6b11-5fcc-934541472052}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{0ce580c3-9356-6b11-5fcc-934541472052}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LongPathHash
|
||
|
\REGISTRY\A\{0ce580c3-9356-6b11-5fcc-934541472052}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Name
|
||
|
\REGISTRY\A\{0ce580c3-9356-6b11-5fcc-934541472052}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Publisher
|
||
|
\REGISTRY\A\{0ce580c3-9356-6b11-5fcc-934541472052}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Version
|
||
|
\REGISTRY\A\{0ce580c3-9356-6b11-5fcc-934541472052}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinFileVersion
|
||
|
\REGISTRY\A\{0ce580c3-9356-6b11-5fcc-934541472052}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinaryType
|
||
|
\REGISTRY\A\{0ce580c3-9356-6b11-5fcc-934541472052}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductName
|
||
|
\REGISTRY\A\{0ce580c3-9356-6b11-5fcc-934541472052}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
ProductVersion
|
||
|
\REGISTRY\A\{0ce580c3-9356-6b11-5fcc-934541472052}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
LinkDate
|
||
|
\REGISTRY\A\{0ce580c3-9356-6b11-5fcc-934541472052}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
BinProductVersion
|
||
|
\REGISTRY\A\{0ce580c3-9356-6b11-5fcc-934541472052}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Size
|
||
|
\REGISTRY\A\{0ce580c3-9356-6b11-5fcc-934541472052}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
Language
|
||
|
\REGISTRY\A\{0ce580c3-9356-6b11-5fcc-934541472052}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsPeFile
|
||
|
\REGISTRY\A\{0ce580c3-9356-6b11-5fcc-934541472052}\Root\InventoryApplicationFile\rundll32.exe|c8d854bf61fafc41
|
IsOsComponent
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug
|
ExceptionRecord
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
00180008F3870B0F
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\Debug
|
ExceptionRecord
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
|
00180008F3870B0F
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-100
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-101
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
There are 24 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1A6C0911000
|
direct allocation
|
page execute read
|
|
|
|
16A80010000
|
direct allocation
|
page execute and read and write
|
|
|
|
1411000
|
direct allocation
|
page execute read
|
|
|
|
1000000
|
direct allocation
|
page execute and read and write
|
|
|
|
1A6C0911000
|
direct allocation
|
page execute read
|
|
|
|
21313901000
|
direct allocation
|
page execute read
|
|
|
|
16A80071000
|
direct allocation
|
page execute read
|
|
|
|
2861000
|
direct allocation
|
page execute read
|
|
|
|
1A6C08B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
1942A671000
|
direct allocation
|
page execute read
|
|
|
|
21313901000
|
direct allocation
|
page execute read
|
|
|
|
21313760000
|
direct allocation
|
page execute and read and write
|
|
|
|
195C58D1000
|
direct allocation
|
page execute read
|
|
|
|
1A6C08B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
13B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
1A6C0911000
|
direct allocation
|
page execute read
|
|
|
|
1A6C08B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
21313901000
|
direct allocation
|
page execute read
|
|
|
|
195C5870000
|
direct allocation
|
page execute and read and write
|
|
|
|
21313760000
|
direct allocation
|
page execute and read and write
|
|
|
|
E78000
|
heap
|
page read and write
|
|
|
|
21313760000
|
direct allocation
|
page execute and read and write
|
|
|
|
1942A5D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
3048000
|
heap
|
page read and write
|
||
|
E587BFB000
|
stack
|
page read and write
|
||
|
3875DBF000
|
stack
|
page read and write
|
||
|
147607A0000
|
heap
|
page read and write
|
||
|
138F000
|
heap
|
page read and write
|
||
|
19428CAA000
|
heap
|
page read and write
|
||
|
19428C60000
|
heap
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
213137C0000
|
heap
|
page readonly
|
||
|
1476078E000
|
heap
|
page read and write
|
||
|
1475FD02000
|
heap
|
page read and write
|
||
|
18005D000
|
unkown
|
page readonly
|
||
|
300D000
|
heap
|
page read and write
|
||
|
21313900000
|
direct allocation
|
page read and write
|
||
|
1476078E000
|
heap
|
page read and write
|
||
|
227B6000000
|
heap
|
page read and write
|
||
|
1800D5000
|
unkown
|
page readonly
|
||
|
1475FCF3000
|
heap
|
page read and write
|
||
|
14760781000
|
heap
|
page read and write
|
||
|
1060000
|
heap
|
page readonly
|
||
|
23C76800000
|
heap
|
page read and write
|
||
|
1A6BEE40000
|
unkown
|
page read and write
|
||
|
10B0000
|
heap
|
page read and write
|
||
|
227AF800000
|
heap
|
page read and write
|
||
|
14760770000
|
heap
|
page read and write
|
||
|
74FF6FE000
|
stack
|
page read and write
|
||
|
22D5FF7C000
|
heap
|
page read and write
|
||
|
147607A5000
|
heap
|
page read and write
|
||
|
227B5063000
|
heap
|
page read and write
|
||
|
1942A660000
|
heap
|
page read and write
|
||
|
2AAFBB90000
|
heap
|
page read and write
|
||
|
1260000
|
heap
|
page readonly
|
||
|
97D61FF000
|
stack
|
page read and write
|
||
|
21313A00000
|
heap
|
page read and write
|
||
|
14760787000
|
heap
|
page read and write
|
||
|
97D56CB000
|
stack
|
page read and write
|
||
|
195CB7D0000
|
heap
|
page read and write
|
||
|
4AF47C000
|
stack
|
page read and write
|
||
|
F08000
|
heap
|
page read and write
|
||
|
2972C3DB000
|
heap
|
page read and write
|
||
|
1942A665000
|
heap
|
page read and write
|
||
|
1A6BEEB0000
|
heap
|
page read and write
|
||
|
22D5FD20000
|
trusted library allocation
|
page read and write
|
||
|
17771A50000
|
heap
|
page read and write
|
||
|
1476079A000
|
heap
|
page read and write
|
||
|
2972C3E2000
|
heap
|
page read and write
|
||
|
1476078C000
|
heap
|
page read and write
|
||
|
227B0823000
|
trusted library allocation
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
21313808000
|
heap
|
page read and write
|
||
|
B20000
|
remote allocation
|
page read and write
|
||
|
F75C77B000
|
stack
|
page read and write
|
||
|
328F000
|
stack
|
page read and write
|
||
|
A5B9D7F000
|
stack
|
page read and write
|
||
|
EE3000
|
heap
|
page read and write
|
||
|
213151B8000
|
heap
|
page read and write
|
||
|
302C000
|
heap
|
page read and write
|
||
|
F71636E000
|
stack
|
page read and write
|
||
|
29BB000
|
stack
|
page read and write
|
||
|
E5876DB000
|
stack
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
227B4F74000
|
trusted library allocation
|
page read and write
|
||
|
1762A7B000
|
stack
|
page read and write
|
||
|
1475FCAB000
|
heap
|
page read and write
|
||
|
1A6BEEB0000
|
heap
|
page read and write
|
||
|
180073000
|
unkown
|
page readonly
|
||
|
2972C402000
|
heap
|
page read and write
|
||
|
14760786000
|
heap
|
page read and write
|
||
|
2B73AC81000
|
heap
|
page read and write
|
||
|
303F000
|
heap
|
page read and write
|
||
|
147607C0000
|
heap
|
page read and write
|
||
|
3875CBC000
|
stack
|
page read and write
|
||
|
2972C3B0000
|
heap
|
page read and write
|
||
|
29822E00000
|
unkown
|
page read and write
|
||
|
2F1E000
|
stack
|
page read and write
|
||
|
16A85F68000
|
heap
|
page read and write
|
||
|
1A6BF270000
|
heap
|
page read and write
|
||
|
227B5290000
|
remote allocation
|
page read and write
|
||
|
213136E0000
|
heap
|
page read and write
|
||
|
97D617F000
|
stack
|
page read and write
|
||
|
288F000
|
direct allocation
|
page readonly
|
||
|
1A6C0970000
|
heap
|
page readonly
|
||
|
17630FF000
|
stack
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
1762EF7000
|
stack
|
page read and write
|
||
|
2131392F000
|
direct allocation
|
page readonly
|
||
|
147607A0000
|
heap
|
page read and write
|
||
|
3196000
|
heap
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
23C76913000
|
heap
|
page read and write
|
||
|
1476078C000
|
heap
|
page read and write
|
||
|
18005D000
|
unkown
|
page readonly
|
||
|
1476078D000
|
heap
|
page read and write
|
||
|
2F40000
|
remote allocation
|
page read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
213135A0000
|
heap
|
page read and write
|
||
|
1A6C0A80000
|
heap
|
page read and write
|
||
|
3043000
|
heap
|
page read and write
|
||
|
2AAFBE63000
|
heap
|
page read and write
|
||
|
180073000
|
unkown
|
page readonly
|
||
|
143E000
|
direct allocation
|
page read and write
|
||
|
227B4DA0000
|
trusted library allocation
|
page read and write
|
||
|
F0F000
|
heap
|
page read and write
|
||
|
F52000
|
heap
|
page read and write
|
||
|
29822E0D000
|
unkown
|
page read and write
|
||
|
4AF4FF000
|
stack
|
page read and write
|
||
|
16AD7DD7000
|
heap
|
page read and write
|
||
|
17771A02000
|
heap
|
page read and write
|
||
|
1800D5000
|
unkown
|
page readonly
|
||
|
2AAFBF08000
|
heap
|
page read and write
|
||
|
195C5980000
|
heap
|
page read and write
|
||
|
14760781000
|
heap
|
page read and write
|
||
|
1475FC5C000
|
heap
|
page read and write
|
||
|
14760C44000
|
heap
|
page read and write
|
||
|
1A6BEF10000
|
heap
|
page read and write
|
||
|
2131B116000
|
heap
|
page read and write
|
||
|
3056000
|
heap
|
page read and write
|
||
|
139D000
|
heap
|
page read and write
|
||
|
2AAFBE64000
|
heap
|
page read and write
|
||
|
227B0215000
|
heap
|
page read and write
|
||
|
22D5FF7C000
|
heap
|
page read and write
|
||
|
2F40000
|
remote allocation
|
page read and write
|
||
|
E58807A000
|
stack
|
page read and write
|
||
|
227B5080000
|
trusted library allocation
|
page read and write
|
||
|
227B5200000
|
trusted library allocation
|
page read and write
|
||
|
3197000
|
heap
|
page read and write
|
||
|
B20000
|
remote allocation
|
page read and write
|
||
|
227B4F51000
|
trusted library allocation
|
page read and write
|
||
|
1A6BEF1E000
|
heap
|
page read and write
|
||
|
F08000
|
heap
|
page read and write
|
||
|
1A6C0910000
|
direct allocation
|
page read and write
|
||
|
1475FC49000
|
heap
|
page read and write
|
||
|
195C3FD8000
|
heap
|
page read and write
|
||
|
29822CB0000
|
heap
|
page read and write
|
||
|
143F000
|
direct allocation
|
page readonly
|
||
|
2B73AD02000
|
heap
|
page read and write
|
||
|
2D0E000
|
stack
|
page read and write
|
||
|
14760798000
|
heap
|
page read and write
|
||
|
1395000
|
heap
|
page read and write
|
||
|
EDB000
|
heap
|
page read and write
|
||
|
E716FC000
|
stack
|
page read and write
|
||
|
2DAF17F000
|
stack
|
page read and write
|
||
|
1762DFB000
|
stack
|
page read and write
|
||
|
18005D000
|
unkown
|
page readonly
|
||
|
EB2000
|
heap
|
page read and write
|
||
|
1476078C000
|
heap
|
page read and write
|
||
|
180070000
|
unkown
|
page read and write
|
||
|
22D60DB0000
|
heap
|
page readonly
|
||
|
227B4F54000
|
trusted library allocation
|
page read and write
|
||
|
A5B9A7B000
|
stack
|
page read and write
|
||
|
1A6C08A0000
|
direct allocation
|
page execute and read and write
|
||
|
F75CB7F000
|
stack
|
page read and write
|
||
|
2AAFBE5F000
|
heap
|
page read and write
|
||
|
1762B7D000
|
stack
|
page read and write
|
||
|
227AF790000
|
heap
|
page read and write
|
||
|
227AF890000
|
heap
|
page read and write
|
||
|
13A5000
|
heap
|
page read and write
|
||
|
14760C19000
|
heap
|
page read and write
|
||
|
14760793000
|
heap
|
page read and write
|
||
|
2AAFBE60000
|
heap
|
page read and write
|
||
|
303F000
|
heap
|
page read and write
|
||
|
22D5FF00000
|
trusted library allocation
|
page read and write
|
||
|
74FF7FE000
|
stack
|
page read and write
|
||
|
1762CFE000
|
stack
|
page read and write
|
||
|
2972C40E000
|
heap
|
page read and write
|
||
|
227B509B000
|
heap
|
page read and write
|
||
|
213137C0000
|
heap
|
page readonly
|
||
|
14760781000
|
heap
|
page read and write
|
||
|
1A6BEF18000
|
heap
|
page read and write
|
||
|
29822E69000
|
heap
|
page read and write
|
||
|
14760786000
|
heap
|
page read and write
|
||
|
29822E13000
|
unkown
|
page read and write
|
||
|
288D000
|
direct allocation
|
page readonly
|
||
|
227B4E20000
|
trusted library allocation
|
page read and write
|
||
|
1475FCD0000
|
heap
|
page read and write
|
||
|
29823113000
|
heap
|
page read and write
|
||
|
2131392D000
|
direct allocation
|
page readonly
|
||
|
2972C402000
|
heap
|
page read and write
|
||
|
13A5000
|
heap
|
page read and write
|
||
|
227AF88B000
|
heap
|
page read and write
|
||
|
227AF829000
|
heap
|
page read and write
|
||
|
227B50F8000
|
heap
|
page read and write
|
||
|
304B000
|
heap
|
page read and write
|
||
|
97D637A000
|
stack
|
page read and write
|
||
|
2AAFBE5C000
|
heap
|
page read and write
|
||
|
21313A00000
|
heap
|
page read and write
|
||
|
E71B7F000
|
stack
|
page read and write
|
||
|
18005D000
|
unkown
|
page readonly
|
||
|
195C3F90000
|
direct allocation
|
page execute and read and write
|
||
|
3875DBF000
|
stack
|
page read and write
|
||
|
23C76878000
|
heap
|
page read and write
|
||
|
227B5020000
|
heap
|
page read and write
|
||
|
12BB000
|
heap
|
page read and write
|
||
|
177721A0000
|
trusted library allocation
|
page read and write
|
||
|
F7167FC000
|
stack
|
page read and write
|
||
|
1476079A000
|
heap
|
page read and write
|
||
|
2B73AC5F000
|
heap
|
page read and write
|
||
|
194305D3000
|
heap
|
page read and write
|
||
|
1A6BF275000
|
heap
|
page read and write
|
||
|
17771B13000
|
heap
|
page read and write
|
||
|
16A80000000
|
direct allocation
|
page execute and read and write
|
||
|
14760778000
|
heap
|
page read and write
|
||
|
227AF877000
|
heap
|
page read and write
|
||
|
180070000
|
unkown
|
page read and write
|
||
|
3056000
|
heap
|
page read and write
|
||
|
17771A55000
|
heap
|
page read and write
|
||
|
21313900000
|
direct allocation
|
page read and write
|
||
|
21313A05000
|
heap
|
page read and write
|
||
|
14760C02000
|
heap
|
page read and write
|
||
|
227B4F30000
|
trusted library allocation
|
page read and write
|
||
|
1308000
|
heap
|
page read and write
|
||
|
E71977000
|
stack
|
page read and write
|
||
|
1476079C000
|
heap
|
page read and write
|
||
|
3875D3F000
|
stack
|
page read and write
|
||
|
F52000
|
heap
|
page read and write
|
||
|
12B0000
|
heap
|
page read and write
|
||
|
16AD80A0000
|
heap
|
page read and write
|
||
|
14760788000
|
heap
|
page read and write
|
||
|
14760C02000
|
heap
|
page read and write
|
||
|
2B73AAD0000
|
heap
|
page read and write
|
||
|
2AAFBBA0000
|
heap
|
page read and write
|
||
|
1A6BF270000
|
heap
|
page read and write
|
||
|
F75C1CB000
|
stack
|
page read and write
|
||
|
227B4F70000
|
trusted library allocation
|
page read and write
|
||
|
31DF000
|
heap
|
page read and write
|
||
|
2B73AD08000
|
heap
|
page read and write
|
||
|
2131380E000
|
heap
|
page read and write
|
||
|
1476073F000
|
heap
|
page read and write
|
||
|
1A6C093F000
|
direct allocation
|
page readonly
|
||
|
2A6A000
|
heap
|
page read and write
|
||
|
22D60DA0000
|
trusted library allocation
|
page read and write
|
||
|
16A8009F000
|
direct allocation
|
page readonly
|
||
|
6534BBF000
|
stack
|
page read and write
|
||
|
1A6C0910000
|
direct allocation
|
page read and write
|
||
|
227B0200000
|
heap
|
page read and write
|
||
|
23C76700000
|
heap
|
page read and write
|
||
|
320E000
|
stack
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
16AD7CB0000
|
heap
|
page read and write
|
||
|
1476074F000
|
heap
|
page read and write
|
||
|
22D5FF37000
|
heap
|
page read and write
|
||
|
227AF720000
|
heap
|
page read and write
|
||
|
227AF874000
|
heap
|
page read and write
|
||
|
304B000
|
heap
|
page read and write
|
||
|
1800D5000
|
unkown
|
page readonly
|
||
|
14760778000
|
heap
|
page read and write
|
||
|
1800D5000
|
unkown
|
page readonly
|
||
|
3171000
|
heap
|
page read and write
|
||
|
2B73AB70000
|
trusted library allocation
|
page read and write
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
147607DB000
|
heap
|
page read and write
|
||
|
1A6BEE40000
|
heap
|
page read and write
|
||
|
3057000
|
heap
|
page read and write
|
||
|
1475FC5B000
|
heap
|
page read and write
|
||
|
F69000
|
stack
|
page read and write
|
||
|
2972C41A000
|
heap
|
page read and write
|
||
|
16A8009D000
|
direct allocation
|
page readonly
|
||
|
2972C3F4000
|
heap
|
page read and write
|
||
|
1475FC39000
|
heap
|
page read and write
|
||
|
F71667F000
|
stack
|
page read and write
|
||
|
2972C3FE000
|
heap
|
page read and write
|
||
|
2DAF07C000
|
stack
|
page read and write
|
||
|
180070000
|
unkown
|
page read and write
|
||
|
14760793000
|
heap
|
page read and write
|
||
|
14760713000
|
heap
|
page read and write
|
||
|
21313980000
|
remote allocation
|
page read and write
|
||
|
14760C02000
|
heap
|
page read and write
|
||
|
227B5270000
|
trusted library allocation
|
page read and write
|
||
|
2B73B602000
|
trusted library allocation
|
page read and write
|
||
|
1476079A000
|
heap
|
page read and write
|
||
|
19428C30000
|
trusted library allocation
|
page read and write
|
||
|
1475FC27000
|
heap
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
1475FD16000
|
heap
|
page read and write
|
||
|
31BF000
|
heap
|
page read and write
|
||
|
227B4F3E000
|
trusted library allocation
|
page read and write
|
||
|
195C3FA0000
|
heap
|
page read and write
|
||
|
2131380E000
|
heap
|
page read and write
|
||
|
E713FE000
|
stack
|
page read and write
|
||
|
2E1D000
|
stack
|
page read and write
|
||
|
1475FC00000
|
heap
|
page read and write
|
||
|
2AAFBF13000
|
heap
|
page read and write
|
||
|
195C3F20000
|
heap
|
page read and write
|
||
|
2F40000
|
remote allocation
|
page read and write
|
||
|
1475FCC5000
|
heap
|
page read and write
|
||
|
180073000
|
unkown
|
page readonly
|
||
|
2A3C000
|
stack
|
page read and write
|
||
|
19428C68000
|
heap
|
page read and write
|
||
|
1475FCB5000
|
heap
|
page read and write
|
||
|
227B50FA000
|
heap
|
page read and write
|
||
|
29823102000
|
heap
|
page read and write
|
||
|
195C58FD000
|
direct allocation
|
page readonly
|
||
|
1476079A000
|
heap
|
page read and write
|
||
|
195C5872000
|
heap
|
page read and write
|
||
|
F75CA7D000
|
stack
|
page read and write
|
||
|
21313700000
|
heap
|
page read and write
|
||
|
14760793000
|
heap
|
page read and write
|
||
|
EC4000
|
stack
|
page read and write
|
||
|
227AF8FB000
|
heap
|
page read and write
|
||
|
17772202000
|
trusted library allocation
|
page read and write
|
||
|
3056000
|
heap
|
page read and write
|
||
|
3170000
|
heap
|
page read and write
|
||
|
2B73AD00000
|
heap
|
page read and write
|
||
|
16AD7DD0000
|
heap
|
page read and write
|
||
|
2972C41F000
|
heap
|
page read and write
|
||
|
1475FC29000
|
heap
|
page read and write
|
||
|
F7162EA000
|
stack
|
page read and write
|
||
|
21313A05000
|
heap
|
page read and write
|
||
|
227B5250000
|
trusted library allocation
|
page read and write
|
||
|
2972C40E000
|
heap
|
page read and write
|
||
|
14760C20000
|
heap
|
page read and write
|
||
|
97D5FFF000
|
stack
|
page read and write
|
||
|
3053000
|
heap
|
page read and write
|
||
|
1A6C0970000
|
heap
|
page readonly
|
||
|
22D60B70000
|
trusted library allocation
|
page read and write
|
||
|
21313A05000
|
heap
|
page read and write
|
||
|
2972C5A0000
|
heap
|
page read and write
|
||
|
31BF000
|
heap
|
page read and write
|
||
|
1A6C0A80000
|
heap
|
page read and write
|
||
|
180070000
|
unkown
|
page read and write
|
||
|
A5B9B7C000
|
stack
|
page read and write
|
||
|
227B50F6000
|
heap
|
page read and write
|
||
|
21313750000
|
direct allocation
|
page execute and read and write
|
||
|
23C76802000
|
heap
|
page read and write
|
||
|
22D5FEA9000
|
heap
|
page read and write
|
||
|
1A6BF275000
|
heap
|
page read and write
|
||
|
2AAFBE67000
|
heap
|
page read and write
|
||
|
1475FD08000
|
heap
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
330B000
|
stack
|
page read and write
|
||
|
1475FC38000
|
heap
|
page read and write
|
||
|
180073000
|
unkown
|
page readonly
|
||
|
E587E7F000
|
stack
|
page read and write
|
||
|
2B73AC80000
|
heap
|
page read and write
|
||
|
14760788000
|
heap
|
page read and write
|
||
|
18005D000
|
unkown
|
page readonly
|
||
|
14A5000
|
heap
|
page read and write
|
||
|
227B4F30000
|
trusted library allocation
|
page read and write
|
||
|
22D60030000
|
trusted library allocation
|
page read and write
|
||
|
F51000
|
heap
|
page read and write
|
||
|
3043000
|
heap
|
page read and write
|
||
|
2131392D000
|
direct allocation
|
page readonly
|
||
|
1476079E000
|
heap
|
page read and write
|
||
|
1475FC13000
|
heap
|
page read and write
|
||
|
A5B952B000
|
stack
|
page read and write
|
||
|
213136E0000
|
heap
|
page read and write
|
||
|
1800D5000
|
unkown
|
page readonly
|
||
|
2131392F000
|
direct allocation
|
page readonly
|
||
|
E587F7C000
|
stack
|
page read and write
|
||
|
4AF57F000
|
stack
|
page read and write
|
||
|
23C7686B000
|
heap
|
page read and write
|
||
|
2972C3F7000
|
heap
|
page read and write
|
||
|
22D60DC0000
|
trusted library allocation
|
page read and write
|
||
|
97D60FF000
|
stack
|
page read and write
|
||
|
29823002000
|
heap
|
page read and write
|
||
|
16AD7DDB000
|
heap
|
page read and write
|
||
|
17771B02000
|
heap
|
page read and write
|
||
|
6534B3C000
|
stack
|
page read and write
|
||
|
180070000
|
unkown
|
page read and write
|
||
|
1A6BEF10000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page read and write
|
||
|
1A6BF270000
|
heap
|
page read and write
|
||
|
19428C00000
|
heap
|
page read and write
|
||
|
147607A1000
|
heap
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
3056000
|
heap
|
page read and write
|
||
|
180073000
|
unkown
|
page readonly
|
||
|
2972C5F5000
|
heap
|
page read and write
|
||
|
14760C03000
|
heap
|
page read and write
|
||
|
3056000
|
heap
|
page read and write
|
||
|
1800D5000
|
unkown
|
page readonly
|
||
|
2131392F000
|
direct allocation
|
page readonly
|
||
|
1A6C093D000
|
direct allocation
|
page readonly
|
||
|
1A6C0AA0000
|
remote allocation
|
page read and write
|
||
|
147604F0000
|
remote allocation
|
page read and write
|
||
|
227AF825000
|
heap
|
page read and write
|
||
|
2B73AAE0000
|
heap
|
page read and write
|
||
|
23C76828000
|
heap
|
page read and write
|
||
|
B71D479000
|
stack
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
22D5FF7C000
|
heap
|
page read and write
|
||
|
14760C02000
|
heap
|
page read and write
|
||
|
16A80070000
|
direct allocation
|
page read and write
|
||
|
17771A00000
|
heap
|
page read and write
|
||
|
2972C412000
|
heap
|
page read and write
|
||
|
2131380E000
|
heap
|
page read and write
|
||
|
97D667E000
|
stack
|
page read and write
|
||
|
17771A3C000
|
heap
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
EB2000
|
heap
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
22D5FD10000
|
heap
|
page read and write
|
||
|
2972C41A000
|
heap
|
page read and write
|
||
|
F0F000
|
heap
|
page read and write
|
||
|
14760786000
|
heap
|
page read and write
|
||
|
304B000
|
heap
|
page read and write
|
||
|
227B504C000
|
heap
|
page read and write
|
||
|
1A6BEF18000
|
heap
|
page read and write
|
||
|
22D5FF74000
|
heap
|
page read and write
|
||
|
1A6C08A0000
|
direct allocation
|
page execute and read and write
|
||
|
14760786000
|
heap
|
page read and write
|
||
|
303C000
|
heap
|
page read and write
|
||
|
17771A13000
|
heap
|
page read and write
|
||
|
227B503F000
|
heap
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
1302000
|
heap
|
page read and write
|
||
|
29823000000
|
heap
|
page read and write
|
||
|
19428C20000
|
direct allocation
|
page execute and read and write
|
||
|
227B0820000
|
trusted library allocation
|
page read and write
|
||
|
E5877DE000
|
stack
|
page read and write
|
||
|
1A6BF275000
|
heap
|
page read and write
|
||
|
1475FCDA000
|
heap
|
page read and write
|
||
|
1A6BEEB0000
|
heap
|
page read and write
|
||
|
17771B08000
|
heap
|
page read and write
|
||
|
227B0DA0000
|
trusted library allocation
|
page read and write
|
||
|
14760C00000
|
heap
|
page read and write
|
||
|
21313800000
|
heap
|
page read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
74FF348000
|
stack
|
page read and write
|
||
|
195C3FA5000
|
heap
|
page read and write
|
||
|
29822CC0000
|
trusted library allocation
|
page read and write
|
||
|
2AAFBD00000
|
trusted library allocation
|
page read and write
|
||
|
1475FC3C000
|
heap
|
page read and write
|
||
|
227AF83D000
|
heap
|
page read and write
|
||
|
14760781000
|
heap
|
page read and write
|
||
|
227B5290000
|
remote allocation
|
page read and write
|
||
|
2AAFBE29000
|
heap
|
page read and write
|
||
|
1A6BEF1E000
|
heap
|
page read and write
|
||
|
17771A4D000
|
heap
|
page read and write
|
||
|
14760602000
|
heap
|
page read and write
|
||
|
14760C02000
|
heap
|
page read and write
|
||
|
14760793000
|
heap
|
page read and write
|
||
|
1476079A000
|
heap
|
page read and write
|
||
|
227AF8AC000
|
heap
|
page read and write
|
||
|
147607B6000
|
heap
|
page read and write
|
||
|
2131392D000
|
direct allocation
|
page readonly
|
||
|
E71A78000
|
stack
|
page read and write
|
||
|
2B73AC13000
|
heap
|
page read and write
|
||
|
E7137E000
|
stack
|
page read and write
|
||
|
2972C350000
|
heap
|
page read and write
|
||
|
21313980000
|
remote allocation
|
page read and write
|
||
|
F75C47F000
|
stack
|
page read and write
|
||
|
180070000
|
unkown
|
page read and write
|
||
|
23C76900000
|
heap
|
page read and write
|
||
|
14760786000
|
heap
|
page read and write
|
||
|
2FF2000
|
heap
|
page read and write
|
||
|
1A6C093F000
|
direct allocation
|
page readonly
|
||
|
14760781000
|
heap
|
page read and write
|
||
|
CEAE51D000
|
stack
|
page read and write
|
||
|
3060000
|
heap
|
page read and write
|
||
|
17771A7E000
|
heap
|
page read and write
|
||
|
1476079C000
|
heap
|
page read and write
|
||
|
3875DBF000
|
stack
|
page read and write
|
||
|
22D5FEA5000
|
heap
|
page read and write
|
||
|
F75C4FE000
|
stack
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
213139D0000
|
heap
|
page read and write
|
||
|
2AAFBE13000
|
heap
|
page read and write
|
||
|
147607B1000
|
heap
|
page read and write
|
||
|
227B0313000
|
heap
|
page read and write
|
||
|
97D627F000
|
stack
|
page read and write
|
||
|
2AAFBF02000
|
heap
|
page read and write
|
||
|
2DAF0FF000
|
stack
|
page read and write
|
||
|
29822E28000
|
heap
|
page read and write
|
||
|
17771A8B000
|
heap
|
page read and write
|
||
|
1325000
|
heap
|
page read and write
|
||
|
2AAFBE7A000
|
heap
|
page read and write
|
||
|
F71677E000
|
stack
|
page read and write
|
||
|
17771890000
|
heap
|
page read and write
|
||
|
6534BBF000
|
stack
|
page read and write
|
||
|
1A6C093D000
|
direct allocation
|
page readonly
|
||
|
16A802C0000
|
heap
|
page read and write
|
||
|
1800D5000
|
unkown
|
page readonly
|
||
|
2B73AC02000
|
heap
|
page read and write
|
||
|
213135A0000
|
unkown
|
page read and write
|
||
|
23C7686A000
|
heap
|
page read and write
|
||
|
1A6BEF1E000
|
heap
|
page read and write
|
||
|
E717F9000
|
stack
|
page read and write
|
||
|
B71D0FC000
|
stack
|
page read and write
|
||
|
2FD1000
|
heap
|
page read and write
|
||
|
17771A4A000
|
heap
|
page read and write
|
||
|
180073000
|
unkown
|
page readonly
|
||
|
227B4F60000
|
trusted library allocation
|
page read and write
|
||
|
89C8000
|
heap
|
page read and write
|
||
|
F75C877000
|
stack
|
page read and write
|
||
|
19428CC4000
|
heap
|
page read and write
|
||
|
2B73AC29000
|
heap
|
page read and write
|
||
|
2972C420000
|
heap
|
page read and write
|
||
|
E71CFF000
|
unkown
|
page read and write
|
||
|
14760781000
|
heap
|
page read and write
|
||
|
19428C9A000
|
heap
|
page read and write
|
||
|
17771A70000
|
heap
|
page read and write
|
||
|
3875D3F000
|
stack
|
page read and write
|
||
|
22D60DD0000
|
trusted library allocation
|
page read and write
|
||
|
180073000
|
unkown
|
page readonly
|
||
|
97D5E7F000
|
stack
|
page read and write
|
||
|
195C58FF000
|
direct allocation
|
page readonly
|
||
|
1A6C6808000
|
heap
|
page read and write
|
||
|
17771900000
|
heap
|
page read and write
|
||
|
F0F000
|
heap
|
page read and write
|
||
|
E71C77000
|
stack
|
page read and write
|
||
|
6534E7F000
|
stack
|
page read and write
|
||
|
97D647A000
|
stack
|
page read and write
|
||
|
1476079C000
|
heap
|
page read and write
|
||
|
318C000
|
stack
|
page read and write
|
||
|
1762AFE000
|
stack
|
page read and write
|
||
|
F75C67E000
|
stack
|
page read and write
|
||
|
23C76857000
|
heap
|
page read and write
|
||
|
29822E3A000
|
heap
|
page read and write
|
||
|
180070000
|
unkown
|
page read and write
|
||
|
2B73AC80000
|
heap
|
page read and write
|
||
|
21313808000
|
heap
|
page read and write
|
||
|
227B50FB000
|
heap
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
18005D000
|
unkown
|
page readonly
|
||
|
227B0A30000
|
trusted library section
|
page readonly
|
||
|
1378000
|
heap
|
page read and write
|
||
|
97D5F7B000
|
stack
|
page read and write
|
||
|
1475FCB1000
|
heap
|
page read and write
|
||
|
21313750000
|
direct allocation
|
page execute and read and write
|
||
|
B71D5F9000
|
stack
|
page read and write
|
||
|
303F000
|
heap
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
21313808000
|
heap
|
page read and write
|
||
|
1762C7C000
|
stack
|
page read and write
|
||
|
1410000
|
direct allocation
|
page read and write
|
||
|
304A000
|
heap
|
page read and write
|
||
|
14760788000
|
heap
|
page read and write
|
||
|
2972C402000
|
heap
|
page read and write
|
||
|
147607A0000
|
heap
|
page read and write
|
||
|
1475FC66000
|
heap
|
page read and write
|
||
|
14A0000
|
heap
|
page read and write
|
||
|
EE3000
|
heap
|
page read and write
|
||
|
147607C1000
|
heap
|
page read and write
|
||
|
22D5FF30000
|
heap
|
page read and write
|
||
|
1942A670000
|
direct allocation
|
page read and write
|
||
|
1942A69D000
|
direct allocation
|
page readonly
|
||
|
2AAFBE85000
|
heap
|
page read and write
|
||
|
23C7683C000
|
heap
|
page read and write
|
||
|
23C77202000
|
trusted library allocation
|
page read and write
|
||
|
6050000
|
trusted library allocation
|
page read and write
|
||
|
2DAF1FE000
|
stack
|
page read and write
|
||
|
1942A675000
|
heap
|
page read and write
|
||
|
195C3FB0000
|
heap
|
page readonly
|
||
|
1A6C0AA0000
|
remote allocation
|
page read and write
|
||
|
97D5D7A000
|
stack
|
page read and write
|
||
|
21313700000
|
heap
|
page read and write
|
||
|
2B73AC3C000
|
heap
|
page read and write
|
||
|
1475FC64000
|
heap
|
page read and write
|
||
|
23C766F0000
|
heap
|
page read and write
|
||
|
3056000
|
heap
|
page read and write
|
||
|
16A8000A000
|
heap
|
page read and write
|
||
|
23C76760000
|
heap
|
page read and write
|
||
|
18005D000
|
unkown
|
page readonly
|
||
|
19428CA7000
|
heap
|
page read and write
|
||
|
227B0830000
|
trusted library allocation
|
page read and write
|
||
|
1475FC54000
|
heap
|
page read and write
|
||
|
227AF730000
|
heap
|
page read and write
|
||
|
2972C3FE000
|
heap
|
page read and write
|
||
|
2972C412000
|
heap
|
page read and write
|
||
|
227AF902000
|
heap
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
14760781000
|
heap
|
page read and write
|
||
|
29822F02000
|
trusted library allocation
|
page read and write
|
||
|
227AF857000
|
heap
|
page read and write
|
||
|
2C8E000
|
stack
|
page read and write
|
||
|
227AF813000
|
heap
|
page read and write
|
||
|
F5A000
|
heap
|
page read and write
|
||
|
29822E69000
|
heap
|
page read and write
|
||
|
14760781000
|
heap
|
page read and write
|
||
|
22D5FEA0000
|
heap
|
page read and write
|
||
|
227B50DB000
|
heap
|
page read and write
|
||
|
2972C5F0000
|
heap
|
page read and write
|
||
|
29823100000
|
heap
|
page read and write
|
||
|
19428B60000
|
heap
|
page read and write
|
||
|
1A6C093D000
|
direct allocation
|
page readonly
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
2AAFBC00000
|
heap
|
page read and write
|
||
|
2972C424000
|
heap
|
page read and write
|
||
|
1475FBC0000
|
trusted library allocation
|
page read and write
|
||
|
22D5FF10000
|
trusted library allocation
|
page read and write
|
||
|
213139D0000
|
heap
|
page read and write
|
||
|
23C76813000
|
heap
|
page read and write
|
||
|
29823117000
|
heap
|
page read and write
|
||
|
1476079A000
|
heap
|
page read and write
|
||
|
227AF7C0000
|
trusted library allocation
|
page read and write
|
||
|
14760781000
|
heap
|
page read and write
|
||
|
309C000
|
heap
|
page read and write
|
||
|
147607CF000
|
heap
|
page read and write
|
||
|
227AF913000
|
heap
|
page read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
6534BBF000
|
stack
|
page read and write
|
||
|
227AF872000
|
heap
|
page read and write
|
||
|
29822E3A000
|
heap
|
page read and write
|
||
|
213136E0000
|
heap
|
page read and write
|
||
|
1A6BEED0000
|
heap
|
page read and write
|
||
|
2B73AC61000
|
heap
|
page read and write
|
||
|
2B73AC00000
|
heap
|
page read and write
|
||
|
14760798000
|
heap
|
page read and write
|
||
|
227B509F000
|
heap
|
page read and write
|
||
|
227B0318000
|
heap
|
page read and write
|
||
|
2EEF000
|
stack
|
page read and write
|
||
|
E587D7F000
|
stack
|
page read and write
|
||
|
1A6BEF18000
|
heap
|
page read and write
|
||
|
227B4F60000
|
trusted library allocation
|
page read and write
|
||
|
227AF86D000
|
heap
|
page read and write
|
||
|
17771A29000
|
heap
|
page read and write
|
||
|
227B5260000
|
trusted library allocation
|
page read and write
|
||
|
14760784000
|
heap
|
page read and write
|
||
|
227B0358000
|
heap
|
page read and write
|
||
|
29822F00000
|
trusted library allocation
|
page read and write
|
||
|
14760700000
|
heap
|
page read and write
|
||
|
1476079A000
|
heap
|
page read and write
|
||
|
180073000
|
unkown
|
page readonly
|
||
|
2D4F000
|
stack
|
page read and write
|
||
|
147607B1000
|
heap
|
page read and write
|
||
|
227B0A10000
|
trusted library section
|
page readonly
|
||
|
227B4F38000
|
trusted library allocation
|
page read and write
|
||
|
B71D4F9000
|
stack
|
page read and write
|
||
|
180070000
|
unkown
|
page read and write
|
||
|
F5F000
|
heap
|
page read and write
|
||
|
2B73AB40000
|
heap
|
page read and write
|
||
|
2972C3F2000
|
heap
|
page read and write
|
||
|
3056000
|
heap
|
page read and write
|
||
|
139D000
|
heap
|
page read and write
|
||
|
1475FC5A000
|
heap
|
page read and write
|
||
|
2AAFBE4D000
|
heap
|
page read and write
|
||
|
1942A69F000
|
direct allocation
|
page readonly
|
||
|
180073000
|
unkown
|
page readonly
|
||
|
EE3000
|
heap
|
page read and write
|
||
|
227B0318000
|
heap
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
16A800D0000
|
heap
|
page readonly
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
3074000
|
heap
|
page read and write
|
||
|
2B73AC65000
|
heap
|
page read and write
|
||
|
1942ABB0000
|
heap
|
page read and write
|
||
|
18005D000
|
unkown
|
page readonly
|
||
|
F75C97F000
|
stack
|
page read and write
|
||
|
1475FCDA000
|
heap
|
page read and write
|
||
|
14760C03000
|
heap
|
page read and write
|
||
|
227B0A00000
|
trusted library section
|
page readonly
|
||
|
227B50F2000
|
heap
|
page read and write
|
||
|
EDB000
|
heap
|
page read and write
|
||
|
227B0A50000
|
trusted library section
|
page readonly
|
||
|
180070000
|
unkown
|
page read and write
|
||
|
14760711000
|
heap
|
page read and write
|
||
|
1A6BEED0000
|
heap
|
page read and write
|
||
|
14760C02000
|
heap
|
page read and write
|
||
|
1475FD13000
|
heap
|
page read and write
|
||
|
195C3F40000
|
heap
|
page read and write
|
||
|
1A6C08A0000
|
direct allocation
|
page execute and read and write
|
||
|
227B4F50000
|
trusted library allocation
|
page read and write
|
||
|
1A6BEE40000
|
unkown
|
page read and write
|
||
|
18005D000
|
unkown
|
page readonly
|
||
|
195C3DE0000
|
heap
|
page read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
F5F000
|
heap
|
page read and write
|
||
|
E70000
|
heap
|
page read and write
|
||
|
147607AD000
|
heap
|
page read and write
|
||
|
A5B9C7B000
|
stack
|
page read and write
|
||
|
227B4E10000
|
trusted library allocation
|
page read and write
|
||
|
1080000
|
trusted library allocation
|
page read and write
|
||
|
1355000
|
heap
|
page read and write
|
||
|
227B5290000
|
remote allocation
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
2972C423000
|
heap
|
page read and write
|
||
|
1A6BEF10000
|
heap
|
page read and write
|
||
|
213139D0000
|
heap
|
page read and write
|
||
|
14760C02000
|
heap
|
page read and write
|
||
|
1318000
|
heap
|
page read and write
|
||
|
227B50E1000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
2AAFBE00000
|
heap
|
page read and write
|
||
|
23C7686C000
|
heap
|
page read and write
|
||
|
FF0000
|
direct allocation
|
page execute and read and write
|
||
|
1475FB30000
|
heap
|
page read and write
|
||
|
227B5000000
|
heap
|
page read and write
|
||
|
6534E7F000
|
stack
|
page read and write
|
||
|
F90000
|
remote allocation
|
page read and write
|
||
|
2FD0000
|
heap
|
page read and write
|
||
|
195C58D0000
|
direct allocation
|
page read and write
|
||
|
74FF9FE000
|
stack
|
page read and write
|
||
|
2A50000
|
heap
|
page read and write
|
||
|
1475FB20000
|
heap
|
page read and write
|
||
|
1476079C000
|
heap
|
page read and write
|
||
|
17771B00000
|
heap
|
page read and write
|
||
|
227B0300000
|
heap
|
page read and write
|
||
|
23C76790000
|
trusted library allocation
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
195C3FD0000
|
heap
|
page read and write
|
||
|
16AD7DF0000
|
heap
|
page read and write
|
||
|
2CCF000
|
stack
|
page read and write
|
||
|
22D5FE50000
|
heap
|
page read and write
|
||
|
23C76873000
|
heap
|
page read and write
|
||
|
6534E7F000
|
stack
|
page read and write
|
||
|
1762FFF000
|
stack
|
page read and write
|
||
|
1475FCE0000
|
heap
|
page read and write
|
||
|
227AF89C000
|
heap
|
page read and write
|
||
|
2B73AD13000
|
heap
|
page read and write
|
||
|
227B50FC000
|
heap
|
page read and write
|
||
|
3875CBC000
|
stack
|
page read and write
|
||
|
1A6C0A80000
|
heap
|
page read and write
|
||
|
16AD80A5000
|
heap
|
page read and write
|
||
|
1080000
|
trusted library allocation
|
page read and write
|
||
|
1475FC60000
|
heap
|
page read and write
|
||
|
19428C9D000
|
heap
|
page read and write
|
||
|
1476079A000
|
heap
|
page read and write
|
||
|
1476078E000
|
heap
|
page read and write
|
||
|
14760C02000
|
heap
|
page read and write
|
||
|
1A6C0910000
|
direct allocation
|
page read and write
|
||
|
2B73AC54000
|
heap
|
page read and write
|
||
|
2B73AC8B000
|
heap
|
page read and write
|
||
|
139D000
|
heap
|
page read and write
|
||
|
E58775E000
|
stack
|
page read and write
|
||
|
2860000
|
direct allocation
|
page read and write
|
||
|
29822E69000
|
heap
|
page read and write
|
||
|
147604F0000
|
remote allocation
|
page read and write
|
||
|
227B5090000
|
trusted library allocation
|
page read and write
|
||
|
1800D5000
|
unkown
|
page readonly
|
||
|
F7163EF000
|
stack
|
page read and write
|
||
|
1A6C093F000
|
direct allocation
|
page readonly
|
||
|
AFA000
|
stack
|
page read and write
|
||
|
288E000
|
direct allocation
|
page read and write
|
||
|
2D23000
|
heap
|
page read and write
|
||
|
F59000
|
heap
|
page read and write
|
||
|
97D5AF8000
|
stack
|
page read and write
|
||
|
2FBF000
|
stack
|
page read and write
|
||
|
12F2000
|
heap
|
page read and write
|
||
|
21313800000
|
heap
|
page read and write
|
||
|
227B0202000
|
heap
|
page read and write
|
||
|
227B50AA000
|
heap
|
page read and write
|
||
|
2972C41A000
|
heap
|
page read and write
|
||
|
1240000
|
direct allocation
|
page execute and read and write
|
||
|
2AAFBF00000
|
heap
|
page read and write
|
||
|
1A6BEED0000
|
heap
|
page read and write
|
||
|
1A6C08AA000
|
heap
|
page read and write
|
||
|
31BE000
|
heap
|
page read and write
|
||
|
2B73AC63000
|
heap
|
page read and write
|
||
|
304B000
|
heap
|
page read and write
|
||
|
A40000
|
heap
|
page read and write
|
||
|
1476079A000
|
heap
|
page read and write
|
||
|
16AD7D20000
|
heap
|
page read and write
|
||
|
E587CF7000
|
stack
|
page read and write
|
||
|
CEAECF9000
|
stack
|
page read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
22D5FEF0000
|
trusted library allocation
|
page read and write
|
||
|
133B000
|
heap
|
page read and write
|
||
|
1475FC8B000
|
heap
|
page read and write
|
||
|
1475FB90000
|
heap
|
page read and write
|
||
|
29822F23000
|
heap
|
page read and write
|
||
|
1475FCC9000
|
heap
|
page read and write
|
||
|
19428C98000
|
heap
|
page read and write
|
||
|
14760793000
|
heap
|
page read and write
|
||
|
227B0801000
|
trusted library allocation
|
page read and write
|
||
|
13A6000
|
heap
|
page read and write
|
||
|
213135A0000
|
unkown
|
page read and write
|
||
|
21313750000
|
direct allocation
|
page execute and read and write
|
||
|
16AD7D40000
|
heap
|
page read and write
|
||
|
2972C3F6000
|
heap
|
page read and write
|
||
|
227B0A20000
|
trusted library section
|
page readonly
|
||
|
1476078E000
|
heap
|
page read and write
|
||
|
3875D3F000
|
stack
|
page read and write
|
||
|
227B5015000
|
heap
|
page read and write
|
||
|
3875CBC000
|
stack
|
page read and write
|
||
|
147607A0000
|
heap
|
page read and write
|
||
|
1A6C0970000
|
heap
|
page readonly
|
||
|
1250000
|
heap
|
page read and write
|
||
|
147607A0000
|
heap
|
page read and write
|
||
|
1475FC5F000
|
heap
|
page read and write
|
||
|
1270000
|
trusted library allocation
|
page read and write
|
||
|
213137C0000
|
heap
|
page readonly
|
||
|
13A5000
|
heap
|
page read and write
|
||
|
21313900000
|
direct allocation
|
page read and write
|
||
|
10B5000
|
heap
|
page read and write
|
||
|
74FF8FE000
|
stack
|
page read and write
|
||
|
227B0A40000
|
trusted library section
|
page readonly
|
||
|
29823013000
|
heap
|
page read and write
|
||
|
29822E02000
|
unkown
|
page read and write
|
||
|
29823102000
|
heap
|
page read and write
|
||
|
21313700000
|
heap
|
page read and write
|
||
|
6534B3C000
|
stack
|
page read and write
|
||
|
2972C3E7000
|
heap
|
page read and write
|
||
|
29822F15000
|
trusted library allocation
|
page read and write
|
||
|
22D5FF98000
|
heap
|
page read and write
|
||
|
22D5FE70000
|
heap
|
page read and write
|
||
|
14760784000
|
heap
|
page read and write
|
||
|
97D607E000
|
stack
|
page read and write
|
||
|
1070000
|
trusted library allocation
|
page read and write
|
||
|
1476079E000
|
heap
|
page read and write
|
||
|
CEAE8F9000
|
stack
|
page read and write
|
||
|
2AAFBE3C000
|
heap
|
page read and write
|
||
|
2972C40E000
|
heap
|
page read and write
|
||
|
143D000
|
direct allocation
|
page readonly
|
||
|
227B0302000
|
heap
|
page read and write
|
||
|
E10000
|
heap
|
page read and write
|
||
|
23C76902000
|
heap
|
page read and write
|
||
|
303F000
|
heap
|
page read and write
|
||
|
14760705000
|
heap
|
page read and write
|
||
|
19428C74000
|
heap
|
page read and write
|
||
|
3196000
|
heap
|
page read and write
|
||
|
1475FC61000
|
heap
|
page read and write
|
||
|
14760786000
|
heap
|
page read and write
|
||
|
147604F0000
|
remote allocation
|
page read and write
|
||
|
22D60E20000
|
trusted library allocation
|
page read and write
|
||
|
2972C412000
|
heap
|
page read and write
|
||
|
302C000
|
heap
|
page read and write
|
||
|
19428C99000
|
heap
|
page read and write
|
||
|
227B502E000
|
heap
|
page read and write
|
||
|
19428BD0000
|
heap
|
page read and write
|
||
|
147607B6000
|
heap
|
page read and write
|
||
|
29822D20000
|
heap
|
page read and write
|
||
|
21313800000
|
heap
|
page read and write
|
||
|
2972C3D0000
|
heap
|
page read and write
|
||
|
1475FC63000
|
heap
|
page read and write
|
||
|
B71D57E000
|
stack
|
page read and write
|
||
|
F90000
|
remote allocation
|
page read and write
|
||
|
E7187E000
|
stack
|
page read and write
|
||
|
132C000
|
heap
|
page read and write
|
||
|
2972C3FE000
|
heap
|
page read and write
|
||
|
227B5240000
|
trusted library allocation
|
page read and write
|
||
|
1475FC5E000
|
heap
|
page read and write
|
||
|
F7166F9000
|
stack
|
page read and write
|
||
|
2972C3E7000
|
heap
|
page read and write
|
||
|
227B0920000
|
trusted library allocation
|
page read and write
|
||
|
2AAFC602000
|
trusted library allocation
|
page read and write
|
||
|
19428C30000
|
trusted library allocation
|
page read and write
|
||
|
1800D5000
|
unkown
|
page readonly
|
||
|
6534B3C000
|
stack
|
page read and write
|
||
|
8BAE000
|
heap
|
page read and write
|
||
|
177718A0000
|
heap
|
page read and write
|
||
|
1476078A000
|
heap
|
page read and write
|
||
|
227AF7D0000
|
trusted library section
|
page read and write
|
||
|
97D5C7C000
|
stack
|
page read and write
|
||
|
E712FB000
|
stack
|
page read and write
|
||
|
21313A00000
|
heap
|
page read and write
|
||
|
1942A69E000
|
direct allocation
|
page read and write
|
There are 853 hidden memdumps, click here to show them.