Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
548IrCt4hj.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\Microsoft\Network\Downloader\edb.chk
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
MPEG-4 LOAS
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0xd83bc39c, page size 16384, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, 61712 bytes, 1 file
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
modified
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log
|
Little-endian UTF-16 Unicode text, with CRLF, CR line terminators
|
modified
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Windows\System32\regsvr32.exe
|
regsvr32.exe /s C:\Users\user\Desktop\548IrCt4hj.dll
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe "C:\Users\user\Desktop\548IrCt4hj.dll",#1
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\548IrCt4hj.dll,DllCanUnloadNow
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\MbnmzGnNg\joXcB.dll"
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\548IrCt4hj.dll,DllGetClassObject
|
|
|
|
C:\Windows\System32\rundll32.exe
|
rundll32.exe C:\Users\user\Desktop\548IrCt4hj.dll,DllRegisterServer
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k NetworkService -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k unistacksvcgroup
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\regsvr32.exe
|
C:\Windows\system32\regsvr32.exe "C:\Windows\system32\ZPLPsNKH\eFntQ.dll"
|
|
|
|
C:\Windows\System32\loaddll64.exe
|
loaddll64.exe "C:\Users\user\Desktop\548IrCt4hj.dll"
|
||
|
C:\Windows\System32\cmd.exe
|
cmd.exe /C rundll32.exe "C:\Users\user\Desktop\548IrCt4hj.dll",#1
|
||
|
C:\Windows\System32\SgrmBroker.exe
|
C:\Windows\system32\SgrmBroker.exe
|
||
|
C:\Program Files\Windows Defender\MpCmdRun.exe
|
"C:\Program Files\Windows Defender\mpcmdrun.exe" -wdenable
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 14 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://174.138.33.49/U
|
unknown
|
|
|
|
https://174.138.33.49:7080/hIn
|
unknown
|
|
|
|
https://174.138.33.49/Q
|
unknown
|
|
|
|
https://174.138.33.49/Z
|
unknown
|
|
|
|
https://174.138.33.49:7080/F
|
unknown
|
|
|
|
https://174.138.33.49:7080/Only
|
unknown
|
|
|
|
https://174.138.33.49:7080/r
|
unknown
|
|
|
|
https://174.138.33.49:7080/p
|
unknown
|
|
|
|
https://dev.ditu.live.com/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Driving
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx
|
unknown
|
||
|
https://t0.tiles.ditu.live.com/tiles/gen
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Walking
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n=
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/logging.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?entry=
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Transit/Schedules/
|
unknown
|
||
|
https://174.138.33.49:7080/
|
unknown
|
||
|
https://www.hotspotshield.com/terms/
|
unknown
|
||
|
https://www.pango.co/privacy
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/mapcontrol/roadshield.ashx?bucket=
|
unknown
|
||
|
http://www.bingmapsportal.com
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx
|
unknown
|
||
|
https://www.disneyplus.com/legal/your-california-privacy-rights
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Traffic/Incidents/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Transit/Stops/
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?
|
unknown
|
||
|
https://www.tiktok.com/legal/report/feedback
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=
|
unknown
|
||
|
https://%s.xboxlive.com
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Locations
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/logging.ashx
|
unknown
|
||
|
https://support.hotspotshield.com/
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://www.disneyplus.com/legal/privacy-policy
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
|
https://dynamic.t
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Transit
|
unknown
|
||
|
https://disneyplus.com/legal.
|
unknown
|
||
|
https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=
|
unknown
|
||
|
https://activity.windows.com
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Locations
|
unknown
|
||
|
http://help.disneyplus.com.
|
unknown
|
||
|
https://%s.dnet.xboxlive.com
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=
|
unknown
|
||
|
https://174.138.33.49/
|
unknown
|
There are 46 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
157.245.111.0
|
unknown
|
United States
|
|
|
|
157.230.99.206
|
unknown
|
United States
|
|
|
|
54.37.106.167
|
unknown
|
France
|
|
|
|
188.165.79.151
|
unknown
|
France
|
|
|
|
196.44.98.190
|
unknown
|
Ghana
|
|
|
|
174.138.33.49
|
unknown
|
United States
|
|
|
|
43.129.209.178
|
unknown
|
Japan
|
|
|
|
103.41.204.169
|
unknown
|
Indonesia
|
|
|
|
5.253.30.17
|
unknown
|
Latvia
|
|
|
|
85.214.67.203
|
unknown
|
Germany
|
|
|
|
103.56.149.105
|
unknown
|
Indonesia
|
|
|
|
83.229.80.93
|
unknown
|
United Kingdom
|
|
|
|
85.25.120.45
|
unknown
|
Germany
|
|
|
|
198.199.70.22
|
unknown
|
United States
|
|
|
|
93.104.209.107
|
unknown
|
Germany
|
|
|
|
188.225.32.231
|
unknown
|
Russian Federation
|
|
|
|
175.126.176.79
|
unknown
|
Korea Republic of
|
|
|
|
139.196.72.155
|
unknown
|
China
|
|
|
|
128.199.242.164
|
unknown
|
United Kingdom
|
|
|
|
103.126.216.86
|
unknown
|
Bangladesh
|
|
|
|
104.248.225.227
|
unknown
|
United States
|
|
|
|
178.238.225.252
|
unknown
|
Germany
|
|
|
|
46.101.98.60
|
unknown
|
Netherlands
|
|
|
|
190.145.8.4
|
unknown
|
Colombia
|
|
|
|
210.57.209.142
|
unknown
|
Indonesia
|
|
|
|
190.107.19.179
|
unknown
|
Colombia
|
|
|
|
202.28.34.99
|
unknown
|
Thailand
|
|
|
|
87.106.97.83
|
unknown
|
Germany
|
|
|
|
103.254.12.236
|
unknown
|
Viet Nam
|
|
|
|
103.85.95.4
|
unknown
|
Indonesia
|
|
|
|
54.37.228.122
|
unknown
|
France
|
|
|
|
88.217.172.165
|
unknown
|
Germany
|
|
|
|
165.22.254.236
|
unknown
|
United States
|
|
|
|
195.77.239.39
|
unknown
|
Spain
|
|
|
|
78.47.204.80
|
unknown
|
Germany
|
|
|
|
118.98.72.86
|
unknown
|
Indonesia
|
|
|
|
139.59.80.108
|
unknown
|
Singapore
|
|
|
|
104.244.79.94
|
unknown
|
United States
|
|
|
|
178.62.112.199
|
unknown
|
European Union
|
|
|
|
37.44.244.177
|
unknown
|
Germany
|
|
|
|
64.227.55.231
|
unknown
|
United States
|
|
|
|
202.29.239.162
|
unknown
|
Thailand
|
|
|
|
37.187.114.15
|
unknown
|
France
|
|
|
|
165.232.185.110
|
unknown
|
United States
|
|
|
|
128.199.217.206
|
unknown
|
United Kingdom
|
|
|
|
103.224.241.74
|
unknown
|
India
|
|
|
|
103.71.99.57
|
unknown
|
India
|
|
|
|
202.134.4.210
|
unknown
|
Indonesia
|
|
|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
127.0.0.1
|
unknown
|
unknown
|
There are 40 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-100
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-101
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f1\52C64B7E
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Usage
|
MonthID
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-100
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\ci.dll,-101
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\dnsapi.dll,-103
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-843
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\fveui.dll,-844
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\System32\wuaueng.dll,-400
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe,-124
|
||
|
HKEY_USERSS-1-5-19\Software\Classes\Local Settings\MuiCache\f0\52C64B7E
|
@%SystemRoot%\system32\NgcRecovery.dll,-100
|
There are 10 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
E40000
|
direct allocation
|
page execute and read and write
|
|
|
|
1C7434E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
EA8000
|
heap
|
page read and write
|
|
|
|
1F26FD71000
|
direct allocation
|
page execute read
|
|
|
|
1F26FD40000
|
direct allocation
|
page execute and read and write
|
|
|
|
E71000
|
direct allocation
|
page execute read
|
|
|
|
2091000
|
direct allocation
|
page execute read
|
|
|
|
2060000
|
direct allocation
|
page execute and read and write
|
|
|
|
1C743541000
|
direct allocation
|
page execute read
|
|
|
|
2414FDE0000
|
remote allocation
|
page read and write
|
||
|
19CEDE15000
|
heap
|
page read and write
|
||
|
19CED6FD000
|
heap
|
page read and write
|
||
|
1F780DE0000
|
heap
|
page read and write
|
||
|
1C00BDF0000
|
heap
|
page read and write
|
||
|
98723FE000
|
stack
|
page read and write
|
||
|
AD0000
|
heap
|
page read and write
|
||
|
7C432FE000
|
stack
|
page read and write
|
||
|
205E000
|
stack
|
page read and write
|
||
|
226FA029000
|
heap
|
page read and write
|
||
|
19CF2E71000
|
heap
|
page read and write
|
||
|
1A110D08000
|
heap
|
page read and write
|
||
|
19CEDF13000
|
heap
|
page read and write
|
||
|
213D6A4E000
|
heap
|
page read and write
|
||
|
1E1FEAF9000
|
heap
|
page read and write
|
||
|
7C436F7000
|
stack
|
page read and write
|
||
|
754977F000
|
stack
|
page read and write
|
||
|
1E1FEAD5000
|
heap
|
page read and write
|
||
|
1A111593000
|
heap
|
page read and write
|
||
|
CC9CAFE000
|
stack
|
page read and write
|
||
|
9871F7E000
|
stack
|
page read and write
|
||
|
1A11158A000
|
heap
|
page read and write
|
||
|
226FA04E000
|
heap
|
page read and write
|
||
|
F6C000
|
heap
|
page read and write
|
||
|
19CF2BF4000
|
trusted library allocation
|
page read and write
|
||
|
19CF2EB2000
|
heap
|
page read and write
|
||
|
6B81BDB000
|
stack
|
page read and write
|
||
|
24093EE0000
|
heap
|
page read and write
|
||
|
1A111590000
|
heap
|
page read and write
|
||
|
24CE000
|
stack
|
page read and write
|
||
|
1E001A40000
|
heap
|
page read and write
|
||
|
213D6B08000
|
heap
|
page read and write
|
||
|
1E1FEAF6000
|
heap
|
page read and write
|
||
|
19CF2EEB000
|
heap
|
page read and write
|
||
|
1A110D13000
|
heap
|
page read and write
|
||
|
1A111593000
|
heap
|
page read and write
|
||
|
D5C011F000
|
stack
|
page read and write
|
||
|
30E4000
|
heap
|
page read and write
|
||
|
1D39784F000
|
heap
|
page read and write
|
||
|
3ED577B000
|
stack
|
page read and write
|
||
|
1A110CEA000
|
heap
|
page read and write
|
||
|
1A11159B000
|
heap
|
page read and write
|
||
|
30F7000
|
heap
|
page read and write
|
||
|
2DBE000
|
stack
|
page read and write
|
||
|
176A9E5B000
|
heap
|
page read and write
|
||
|
4C090FE000
|
stack
|
page read and write
|
||
|
176A9E41000
|
heap
|
page read and write
|
||
|
356EA7E000
|
stack
|
page read and write
|
||
|
F0E000
|
heap
|
page read and write
|
||
|
1F78108E000
|
heap
|
page read and write
|
||
|
2414E3D0000
|
trusted library allocation
|
page read and write
|
||
|
253CB800000
|
trusted library allocation
|
page read and write
|
||
|
1689CE56000
|
heap
|
page read and write
|
||
|
1A111586000
|
heap
|
page read and write
|
||
|
19CF2E00000
|
heap
|
page read and write
|
||
|
1A110C54000
|
heap
|
page read and write
|
||
|
176A9E77000
|
heap
|
page read and write
|
||
|
315D000
|
heap
|
page read and write
|
||
|
30C2000
|
heap
|
page read and write
|
||
|
2010FF8D000
|
heap
|
page read and write
|
||
|
226FA04D000
|
heap
|
page read and write
|
||
|
1F26FDA0000
|
heap
|
page readonly
|
||
|
1A111586000
|
heap
|
page read and write
|
||
|
3ED527C000
|
stack
|
page read and write
|
||
|
987247B000
|
stack
|
page read and write
|
||
|
5BFFE7C000
|
stack
|
page read and write
|
||
|
1F78106F000
|
heap
|
page read and write
|
||
|
213D6A3C000
|
heap
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
4C0907C000
|
stack
|
page read and write
|
||
|
727000
|
heap
|
page read and write
|
||
|
E30000
|
direct allocation
|
page execute and read and write
|
||
|
1E1FEA10000
|
heap
|
page read and write
|
||
|
738000
|
heap
|
page read and write
|
||
|
19CF3010000
|
trusted library allocation
|
page read and write
|
||
|
19CED716000
|
heap
|
page read and write
|
||
|
1F26E550000
|
heap
|
page read and write
|
||
|
2414E500000
|
heap
|
page read and write
|
||
|
19CF2EE5000
|
heap
|
page read and write
|
||
|
1A111589000
|
heap
|
page read and write
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
1F781802000
|
trusted library allocation
|
page read and write
|
||
|
1F781029000
|
heap
|
page read and write
|
||
|
1E5E44C5000
|
heap
|
page read and write
|
||
|
EE2000
|
heap
|
page read and write
|
||
|
180088000
|
unkown
|
page execute read
|
||
|
213D6A50000
|
heap
|
page read and write
|
||
|
19CED6FD000
|
heap
|
page read and write
|
||
|
1E001761000
|
heap
|
page read and write
|
||
|
19CED430000
|
heap
|
page read and write
|
||
|
19CED3C0000
|
heap
|
page read and write
|
||
|
1E16CB02000
|
heap
|
page read and write
|
||
|
19CED6A9000
|
heap
|
page read and write
|
||
|
6C0000
|
heap
|
page read and write
|
||
|
B8A000
|
stack
|
page read and write
|
||
|
176A9C20000
|
heap
|
page read and write
|
||
|
1C741C30000
|
heap
|
page readonly
|
||
|
1E16CA64000
|
heap
|
page read and write
|
||
|
4B940FE000
|
stack
|
page read and write
|
||
|
19CED530000
|
trusted library allocation
|
page read and write
|
||
|
253CB460000
|
trusted library allocation
|
page read and write
|
||
|
1C00C04F000
|
heap
|
page read and write
|
||
|
226F9EA0000
|
heap
|
page read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
254C000
|
stack
|
page read and write
|
||
|
226FA047000
|
heap
|
page read and write
|
||
|
19CF2EBB000
|
heap
|
page read and write
|
||
|
8282CF7000
|
stack
|
page read and write
|
||
|
226FA074000
|
heap
|
page read and write
|
||
|
1689CBA0000
|
heap
|
page read and write
|
||
|
1E5E4359000
|
heap
|
page read and write
|
||
|
1F78103C000
|
heap
|
page read and write
|
||
|
226FA07C000
|
heap
|
page read and write
|
||
|
1A1115B1000
|
heap
|
page read and write
|
||
|
1F781080000
|
heap
|
page read and write
|
||
|
2414E400000
|
heap
|
page read and write
|
||
|
F516A7C000
|
stack
|
page read and write
|
||
|
24093F02000
|
heap
|
page read and write
|
||
|
1E5E75A0000
|
heap
|
page read and write
|
||
|
19CF2CA0000
|
trusted library allocation
|
page read and write
|
||
|
9872379000
|
stack
|
page read and write
|
||
|
1F781108000
|
heap
|
page read and write
|
||
|
1A110CE2000
|
heap
|
page read and write
|
||
|
D5C057E000
|
stack
|
page read and write
|
||
|
F515EFC000
|
stack
|
page read and write
|
||
|
1E1FEAF3000
|
heap
|
page read and write
|
||
|
1C00C07A000
|
heap
|
page read and write
|
||
|
9B5972E000
|
stack
|
page read and write
|
||
|
1E16CA13000
|
heap
|
page read and write
|
||
|
1800B1000
|
unkown
|
page read and write
|
||
|
2FF0000
|
remote allocation
|
page read and write
|
||
|
F5162FB000
|
stack
|
page read and write
|
||
|
1A111595000
|
heap
|
page read and write
|
||
|
E70000
|
direct allocation
|
page read and write
|
||
|
1A110C29000
|
heap
|
page read and write
|
||
|
1A111593000
|
heap
|
page read and write
|
||
|
1E001A80000
|
heap
|
page read and write
|
||
|
1A111540000
|
heap
|
page read and write
|
||
|
88ED000
|
heap
|
page read and write
|
||
|
1A110C3C000
|
heap
|
page read and write
|
||
|
1689D602000
|
trusted library allocation
|
page read and write
|
||
|
19CEDF02000
|
heap
|
page read and write
|
||
|
1E1FEAE5000
|
heap
|
page read and write
|
||
|
1F781100000
|
heap
|
page read and write
|
||
|
176A9E13000
|
heap
|
page read and write
|
||
|
6B8237F000
|
stack
|
page read and write
|
||
|
1E16CB13000
|
heap
|
page read and write
|
||
|
19CF2E3E000
|
heap
|
page read and write
|
||
|
9B5A07F000
|
stack
|
page read and write
|
||
|
1F26FD9F000
|
direct allocation
|
page readonly
|
||
|
1A110C13000
|
heap
|
page read and write
|
||
|
6B8247C000
|
stack
|
page read and write
|
||
|
2414FDA0000
|
trusted library allocation
|
page read and write
|
||
|
779F3FE000
|
stack
|
page read and write
|
||
|
1D397886000
|
heap
|
page read and write
|
||
|
1D39783C000
|
heap
|
page read and write
|
||
|
F8B000
|
heap
|
page read and write
|
||
|
226FA044000
|
heap
|
page read and write
|
||
|
9B59AFB000
|
stack
|
page read and write
|
||
|
1A111A02000
|
heap
|
page read and write
|
||
|
1F781000000
|
heap
|
page read and write
|
||
|
6A0000
|
heap
|
page read and write
|
||
|
1A111A02000
|
heap
|
page read and write
|
||
|
213D6B13000
|
heap
|
page read and write
|
||
|
1C00C052000
|
heap
|
page read and write
|
||
|
1C741C00000
|
heap
|
page read and write
|
||
|
19CF2D00000
|
trusted library allocation
|
page read and write
|
||
|
1E1FED40000
|
heap
|
page read and write
|
||
|
265B000
|
stack
|
page read and write
|
||
|
1E5E44C0000
|
heap
|
page read and write
|
||
|
1A11159D000
|
heap
|
page read and write
|
||
|
4C095FE000
|
stack
|
page read and write
|
||
|
1E00174E000
|
heap
|
page read and write
|
||
|
5B804FA000
|
stack
|
page read and write
|
||
|
19CED656000
|
heap
|
page read and write
|
||
|
9B59EFE000
|
stack
|
page read and write
|
||
|
1D39784A000
|
heap
|
page read and write
|
||
|
1E16C980000
|
trusted library allocation
|
page read and write
|
||
|
6B8227F000
|
stack
|
page read and write
|
||
|
7549A7E000
|
stack
|
page read and write
|
||
|
F51677B000
|
stack
|
page read and write
|
||
|
24094732000
|
heap
|
page read and write
|
||
|
310C000
|
heap
|
page read and write
|
||
|
18000A000
|
unkown
|
page execute read
|
||
|
1C00C000000
|
heap
|
page read and write
|
||
|
1F781102000
|
heap
|
page read and write
|
||
|
1A111A02000
|
heap
|
page read and write
|
||
|
1E0051C0000
|
heap
|
page read and write
|
||
|
1E16CA28000
|
heap
|
page read and write
|
||
|
74B000
|
heap
|
page read and write
|
||
|
CC9CA7B000
|
stack
|
page read and write
|
||
|
180088000
|
unkown
|
page execute read
|
||
|
2D3B000
|
stack
|
page read and write
|
||
|
1A111574000
|
heap
|
page read and write
|
||
|
226FA102000
|
heap
|
page read and write
|
||
|
F516B7F000
|
stack
|
page read and write
|
||
|
19CF2D30000
|
remote allocation
|
page read and write
|
||
|
19CED69F000
|
heap
|
page read and write
|
||
|
1E16C8E0000
|
heap
|
page read and write
|
||
|
765000
|
heap
|
page read and write
|
||
|
19CED6AA000
|
heap
|
page read and write
|
||
|
1A110C4A000
|
heap
|
page read and write
|
||
|
1A1113F0000
|
remote allocation
|
page read and write
|
||
|
19CEDE00000
|
heap
|
page read and write
|
||
|
24093EC1000
|
heap
|
page read and write
|
||
|
9B59DFD000
|
stack
|
page read and write
|
||
|
D5C009A000
|
stack
|
page read and write
|
||
|
176A9E75000
|
heap
|
page read and write
|
||
|
1E001749000
|
heap
|
page read and write
|
||
|
1C00C108000
|
heap
|
page read and write
|
||
|
315D000
|
heap
|
page read and write
|
||
|
2414E44A000
|
heap
|
page read and write
|
||
|
1C741C49000
|
heap
|
page read and write
|
||
|
1D397813000
|
heap
|
page read and write
|
||
|
356EBFD000
|
stack
|
page read and write
|
||
|
18008C000
|
unkown
|
page readonly
|
||
|
6CB000
|
heap
|
page read and write
|
||
|
2414E45B000
|
heap
|
page read and write
|
||
|
30F3000
|
heap
|
page read and write
|
||
|
1D397829000
|
heap
|
page read and write
|
||
|
1689CC00000
|
heap
|
page read and write
|
||
|
1A111596000
|
heap
|
page read and write
|
||
|
213D6A55000
|
heap
|
page read and write
|
||
|
2D677CC000
|
stack
|
page read and write
|
||
|
1E001A85000
|
heap
|
page read and write
|
||
|
19CEDF18000
|
heap
|
page read and write
|
||
|
1689CD30000
|
remote allocation
|
page read and write
|
||
|
2414E459000
|
heap
|
page read and write
|
||
|
1E001720000
|
heap
|
page read and write
|
||
|
E9D000
|
direct allocation
|
page readonly
|
||
|
176A9C10000
|
heap
|
page read and write
|
||
|
1E5E4372000
|
heap
|
page read and write
|
||
|
1A110CB6000
|
heap
|
page read and write
|
||
|
987227E000
|
stack
|
page read and write
|
||
|
1C743530000
|
heap
|
page read and write
|
||
|
1E5E4369000
|
heap
|
page read and write
|
||
|
226FA083000
|
heap
|
page read and write
|
||
|
19CEEA23000
|
trusted library allocation
|
page read and write
|
||
|
213D7202000
|
trusted library allocation
|
page read and write
|
||
|
2010FDD0000
|
heap
|
page read and write
|
||
|
1689CE29000
|
heap
|
page read and write
|
||
|
4C093FE000
|
stack
|
page read and write
|
||
|
8282EFF000
|
stack
|
page read and write
|
||
|
226FA069000
|
heap
|
page read and write
|
||
|
176A9E00000
|
heap
|
page read and write
|
||
|
19CEDF18000
|
heap
|
page read and write
|
||
|
2414E402000
|
heap
|
page read and write
|
||
|
310C000
|
heap
|
page read and write
|
||
|
1A111596000
|
heap
|
page read and write
|
||
|
1F26E340000
|
heap
|
page read and write
|
||
|
2F3F000
|
stack
|
page read and write
|
||
|
213D6A81000
|
heap
|
page read and write
|
||
|
19CED67B000
|
heap
|
page read and write
|
||
|
1E1FEAD7000
|
heap
|
page read and write
|
||
|
1E001752000
|
heap
|
page read and write
|
||
|
1F781063000
|
heap
|
page read and write
|
||
|
1F780E50000
|
heap
|
page read and write
|
||
|
1A1115DC000
|
heap
|
page read and write
|
||
|
6B8217E000
|
stack
|
page read and write
|
||
|
213D6B02000
|
heap
|
page read and write
|
||
|
1F275D40000
|
heap
|
page read and write
|
||
|
1A111573000
|
heap
|
page read and write
|
||
|
1C741C05000
|
heap
|
page read and write
|
||
|
24093BE0000
|
heap
|
page read and write
|
||
|
1E1FED45000
|
heap
|
page read and write
|
||
|
226FA000000
|
heap
|
page read and write
|
||
|
5B805FB000
|
stack
|
page read and write
|
||
|
1C741A60000
|
heap
|
page read and write
|
||
|
5B80A7B000
|
stack
|
page read and write
|
||
|
226FA045000
|
heap
|
page read and write
|
||
|
1A111A02000
|
heap
|
page read and write
|
||
|
6A5000
|
heap
|
page read and write
|
||
|
82828FE000
|
stack
|
page read and write
|
||
|
1C00BE60000
|
heap
|
page read and write
|
||
|
1A1115CA000
|
heap
|
page read and write
|
||
|
F6C000
|
heap
|
page read and write
|
||
|
1E1FEAE5000
|
heap
|
page read and write
|
||
|
19CEDF00000
|
heap
|
page read and write
|
||
|
1E1FE9F0000
|
heap
|
page read and write
|
||
|
24150000000
|
trusted library allocation
|
page read and write
|
||
|
19CF2EB2000
|
heap
|
page read and write
|
||
|
19CF2EA9000
|
heap
|
page read and write
|
||
|
213D6A13000
|
heap
|
page read and write
|
||
|
24094700000
|
heap
|
page read and write
|
||
|
3267000
|
heap
|
page read and write
|
||
|
1E5E4350000
|
heap
|
page read and write
|
||
|
CC9CB7E000
|
stack
|
page read and write
|
||
|
1A111512000
|
heap
|
page read and write
|
||
|
1A1113F0000
|
remote allocation
|
page read and write
|
||
|
2D67A7E000
|
stack
|
page read and write
|
||
|
28F0000
|
heap
|
page read and write
|
||
|
1E0016A0000
|
heap
|
page read and write
|
||
|
226FA002000
|
heap
|
page read and write
|
||
|
1E001758000
|
heap
|
page read and write
|
||
|
6B8257C000
|
stack
|
page read and write
|
||
|
1A11158E000
|
heap
|
page read and write
|
||
|
2119000
|
heap
|
page read and write
|
||
|
1D397900000
|
heap
|
page read and write
|
||
|
7549C7F000
|
stack
|
page read and write
|
||
|
253CB8D9000
|
heap
|
page read and write
|
||
|
310D000
|
heap
|
page read and write
|
||
|
1800BE000
|
unkown
|
page readonly
|
||
|
176A9C80000
|
heap
|
page read and write
|
||
|
1A11159B000
|
heap
|
page read and write
|
||
|
1E1FEAC6000
|
heap
|
page read and write
|
||
|
1A111586000
|
heap
|
page read and write
|
||
|
1A111A02000
|
heap
|
page read and write
|
||
|
5B8087E000
|
stack
|
page read and write
|
||
|
24093F13000
|
heap
|
page read and write
|
||
|
2414E466000
|
heap
|
page read and write
|
||
|
F2C000
|
heap
|
page read and write
|
||
|
1A111A44000
|
heap
|
page read and write
|
||
|
BB0000
|
remote allocation
|
page read and write
|
||
|
1D397760000
|
trusted library allocation
|
page read and write
|
||
|
1A111A02000
|
heap
|
page read and write
|
||
|
19CF2BF1000
|
trusted library allocation
|
page read and write
|
||
|
19CED629000
|
heap
|
page read and write
|
||
|
1800BB000
|
unkown
|
page readonly
|
||
|
1F26E555000
|
heap
|
page read and write
|
||
|
1A110C49000
|
heap
|
page read and write
|
||
|
1800B5000
|
unkown
|
page readonly
|
||
|
19CF2EF5000
|
heap
|
page read and write
|
||
|
2FF0000
|
remote allocation
|
page read and write
|
||
|
D8C537E000
|
stack
|
page read and write
|
||
|
213D6830000
|
heap
|
page read and write
|
||
|
5B801F9000
|
stack
|
page read and write
|
||
|
1E001A8B000
|
heap
|
page read and write
|
||
|
1E5E4388000
|
heap
|
page read and write
|
||
|
19CEDF04000
|
heap
|
page read and write
|
||
|
8282B7B000
|
stack
|
page read and write
|
||
|
1210000
|
trusted library allocation
|
page read and write
|
||
|
180000000
|
unkown
|
page readonly
|
||
|
226FA049000
|
heap
|
page read and write
|
||
|
30F7000
|
heap
|
page read and write
|
||
|
1A111587000
|
heap
|
page read and write
|
||
|
19CEEA20000
|
trusted library allocation
|
page read and write
|
||
|
1F26E530000
|
heap
|
page read and write
|
||
|
1689CE3C000
|
heap
|
page read and write
|
||
|
2414E449000
|
heap
|
page read and write
|
||
|
213D6840000
|
heap
|
page read and write
|
||
|
3081000
|
heap
|
page read and write
|
||
|
19CF2AC0000
|
trusted library allocation
|
page read and write
|
||
|
226FA04A000
|
heap
|
page read and write
|
||
|
1A110C4D000
|
heap
|
page read and write
|
||
|
3080000
|
heap
|
page read and write
|
||
|
1A111589000
|
heap
|
page read and write
|
||
|
2D67AFD000
|
stack
|
page read and write
|
||
|
3ED557B000
|
stack
|
page read and write
|
||
|
24093E3E000
|
heap
|
page read and write
|
||
|
779F37E000
|
stack
|
page read and write
|
||
|
1A111593000
|
heap
|
page read and write
|
||
|
356E97E000
|
stack
|
page read and write
|
||
|
1A111591000
|
heap
|
page read and write
|
||
|
1C00C08D000
|
heap
|
page read and write
|
||
|
1E16CA79000
|
heap
|
page read and write
|
||
|
1F780F50000
|
trusted library allocation
|
page read and write
|
||
|
1A110C70000
|
heap
|
page read and write
|
||
|
1A110C51000
|
heap
|
page read and write
|
||
|
1E00174D000
|
heap
|
page read and write
|
||
|
1E5E438D000
|
heap
|
page read and write
|
||
|
D8C4F1E000
|
stack
|
page read and write
|
||
|
1689CD30000
|
remote allocation
|
page read and write
|
||
|
D8C557E000
|
stack
|
page read and write
|
||
|
1800B5000
|
unkown
|
page readonly
|
||
|
779F27C000
|
stack
|
page read and write
|
||
|
D8C4F9E000
|
stack
|
page read and write
|
||
|
25DF000
|
stack
|
page read and write
|
||
|
F5165FC000
|
stack
|
page read and write
|
||
|
19CF2BF0000
|
trusted library allocation
|
page read and write
|
||
|
253CB6F6000
|
heap
|
page read and write
|
||
|
2414E240000
|
heap
|
page read and write
|
||
|
19CED600000
|
heap
|
page read and write
|
||
|
1C00BE00000
|
heap
|
page read and write
|
||
|
253CB630000
|
trusted library allocation
|
page read and write
|
||
|
24093ECA000
|
heap
|
page read and write
|
||
|
D8C567F000
|
stack
|
page read and write
|
||
|
1F26FDD0000
|
heap
|
page read and write
|
||
|
1A1115D4000
|
heap
|
page read and write
|
||
|
176A9D80000
|
trusted library allocation
|
page read and write
|
||
|
1D397902000
|
heap
|
page read and write
|
||
|
1C74356F000
|
direct allocation
|
page readonly
|
||
|
24093E80000
|
heap
|
page read and write
|
||
|
2E3B000
|
stack
|
page read and write
|
||
|
253CC3D0000
|
trusted library allocation
|
page read and write
|
||
|
1A110D02000
|
heap
|
page read and write
|
||
|
1A110CEC000
|
heap
|
page read and write
|
||
|
1E5E41D0000
|
heap
|
page read and write
|
||
|
2414E43D000
|
heap
|
page read and write
|
||
|
1E16CA42000
|
heap
|
page read and write
|
||
|
2414E42A000
|
heap
|
page read and write
|
||
|
213D6A76000
|
heap
|
page read and write
|
||
|
19CF4000000
|
heap
|
page read and write
|
||
|
1D397730000
|
heap
|
page read and write
|
||
|
1E1FEAE5000
|
heap
|
page read and write
|
||
|
1C743540000
|
direct allocation
|
page read and write
|
||
|
310C000
|
heap
|
page read and write
|
||
|
4B945FE000
|
stack
|
page read and write
|
||
|
24093BF0000
|
heap
|
page read and write
|
||
|
180007000
|
unkown
|
page execute read
|
||
|
7C4337E000
|
stack
|
page read and write
|
||
|
1E1FEAE1000
|
heap
|
page read and write
|
||
|
226FA05C000
|
heap
|
page read and write
|
||
|
19CF2C14000
|
trusted library allocation
|
page read and write
|
||
|
4C0917E000
|
stack
|
page read and write
|
||
|
1E001730000
|
heap
|
page read and write
|
||
|
6B8267E000
|
stack
|
page read and write
|
||
|
19CED702000
|
heap
|
page read and write
|
||
|
779F2FD000
|
stack
|
page read and write
|
||
|
310C000
|
heap
|
page read and write
|
||
|
20BF000
|
direct allocation
|
page readonly
|
||
|
1E1FEAE1000
|
heap
|
page read and write
|
||
|
1A110C88000
|
heap
|
page read and write
|
||
|
1A110D16000
|
heap
|
page read and write
|
||
|
213D6A00000
|
heap
|
page read and write
|
||
|
30FB000
|
heap
|
page read and write
|
||
|
213D6A6F000
|
heap
|
page read and write
|
||
|
20BE000
|
direct allocation
|
page read and write
|
||
|
1D3976C0000
|
heap
|
page read and write
|
||
|
4F5BA8B000
|
stack
|
page read and write
|
||
|
213D6B00000
|
heap
|
page read and write
|
||
|
2010FF10000
|
heap
|
page read and write
|
||
|
7549977000
|
stack
|
page read and write
|
||
|
253CB590000
|
heap
|
page read and write
|
||
|
19CED694000
|
heap
|
page read and write
|
||
|
1E1FEAE1000
|
heap
|
page read and write
|
||
|
2CC0000
|
trusted library allocation
|
page read and write
|
||
|
1A110C00000
|
heap
|
page read and write
|
||
|
213D6A4A000
|
heap
|
page read and write
|
||
|
19CF2D30000
|
remote allocation
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
3100000
|
heap
|
page read and write
|
||
|
1A110C50000
|
heap
|
page read and write
|
||
|
7549B7F000
|
stack
|
page read and write
|
||
|
2414E45A000
|
heap
|
page read and write
|
||
|
CBCD95D000
|
stack
|
page read and write
|
||
|
F33000
|
heap
|
page read and write
|
||
|
1E5E7670000
|
trusted library allocation
|
page read and write
|
||
|
F51697F000
|
stack
|
page read and write
|
||
|
3115000
|
heap
|
page read and write
|
||
|
19CF2CC0000
|
trusted library allocation
|
page read and write
|
||
|
1E5E4330000
|
heap
|
page read and write
|
||
|
24093E79000
|
heap
|
page read and write
|
||
|
328F000
|
heap
|
page read and write
|
||
|
1E1FEAFA000
|
heap
|
page read and write
|
||
|
19CF2E4B000
|
heap
|
page read and write
|
||
|
1A111573000
|
heap
|
page read and write
|
||
|
1C00C102000
|
heap
|
page read and write
|
||
|
1A110AE0000
|
heap
|
page read and write
|
||
|
1C741C20000
|
direct allocation
|
page execute and read and write
|
||
|
754938E000
|
stack
|
page read and write
|
||
|
1E1FEAD3000
|
heap
|
page read and write
|
||
|
2D67B7E000
|
stack
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
1A110A80000
|
heap
|
page read and write
|
||
|
1800B1000
|
unkown
|
page read and write
|
||
|
1E16CA5E000
|
heap
|
page read and write
|
||
|
EA0000
|
heap
|
page read and write
|
||
|
F0D000
|
heap
|
page read and write
|
||
|
1689CE00000
|
heap
|
page read and write
|
||
|
7C438FD000
|
stack
|
page read and write
|
||
|
253CB7F0000
|
trusted library allocation
|
page read and write
|
||
|
4B943FF000
|
stack
|
page read and write
|
||
|
1A111586000
|
heap
|
page read and write
|
||
|
1E5E4388000
|
heap
|
page read and write
|
||
|
1A11159B000
|
heap
|
page read and write
|
||
|
1A111590000
|
heap
|
page read and write
|
||
|
19CF2D10000
|
trusted library allocation
|
page read and write
|
||
|
253CB6FD000
|
heap
|
page read and write
|
||
|
1D397908000
|
heap
|
page read and write
|
||
|
1E5E4372000
|
heap
|
page read and write
|
||
|
30F7000
|
heap
|
page read and write
|
||
|
1E1FEAF3000
|
heap
|
page read and write
|
||
|
D5C05FC000
|
stack
|
page read and write
|
||
|
1E16CA51000
|
heap
|
page read and write
|
||
|
1A110CC8000
|
heap
|
page read and write
|
||
|
9871FFE000
|
stack
|
page read and write
|
||
|
9B59CF7000
|
stack
|
page read and write
|
||
|
19CF2BDE000
|
trusted library allocation
|
page read and write
|
||
|
1E0049C0000
|
trusted library allocation
|
page read and write
|
||
|
310C000
|
heap
|
page read and write
|
||
|
176A9F13000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
EE2000
|
heap
|
page read and write
|
||
|
F51657F000
|
stack
|
page read and write
|
||
|
1C00C022000
|
heap
|
page read and write
|
||
|
72D000
|
heap
|
page read and write
|
||
|
253CB6F6000
|
heap
|
page read and write
|
||
|
1A111515000
|
heap
|
page read and write
|
||
|
19CF2E30000
|
heap
|
page read and write
|
||
|
1A11159B000
|
heap
|
page read and write
|
||
|
310C000
|
heap
|
page read and write
|
||
|
9B59BF7000
|
stack
|
page read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
1E1FEAD6000
|
heap
|
page read and write
|
||
|
253CB712000
|
heap
|
page read and write
|
||
|
1E5E437C000
|
heap
|
page read and write
|
||
|
180007000
|
unkown
|
page execute read
|
||
|
176A9E6B000
|
heap
|
page read and write
|
||
|
7C437FF000
|
stack
|
page read and write
|
||
|
1E16CA02000
|
heap
|
page read and write
|
||
|
5B802FD000
|
stack
|
page read and write
|
||
|
253CB6B8000
|
heap
|
page read and write
|
||
|
2100000
|
heap
|
page read and write
|
||
|
1F781113000
|
heap
|
page read and write
|
||
|
253CB620000
|
trusted library allocation
|
page read and write
|
||
|
226FA067000
|
heap
|
page read and write
|
||
|
24093E00000
|
heap
|
page read and write
|
||
|
3221000
|
heap
|
page read and write
|
||
|
1A111593000
|
heap
|
page read and write
|
||
|
9B59FF9000
|
stack
|
page read and write
|
||
|
1C00C100000
|
heap
|
page read and write
|
||
|
1E001746000
|
heap
|
page read and write
|
||
|
754987B000
|
stack
|
page read and write
|
||
|
F51647E000
|
stack
|
page read and write
|
||
|
226FA042000
|
heap
|
page read and write
|
||
|
19CF2A40000
|
trusted library allocation
|
page read and write
|
||
|
1FDE000
|
stack
|
page read and write
|
||
|
D8C547E000
|
stack
|
page read and write
|
||
|
24093E29000
|
heap
|
page read and write
|
||
|
9B5A0FF000
|
unkown
|
page read and write
|
||
|
1A110C4E000
|
heap
|
page read and write
|
||
|
1E5E75A3000
|
heap
|
page read and write
|
||
|
1F780DF0000
|
heap
|
page read and write
|
||
|
EF4000
|
heap
|
page read and write
|
||
|
1E001752000
|
heap
|
page read and write
|
||
|
1C00C03C000
|
heap
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
1A110CB2000
|
heap
|
page read and write
|
||
|
310C000
|
heap
|
page read and write
|
||
|
226FA053000
|
heap
|
page read and write
|
||
|
310C000
|
heap
|
page read and write
|
||
|
1E5E4369000
|
heap
|
page read and write
|
||
|
19CF2CE0000
|
trusted library allocation
|
page read and write
|
||
|
1A1115AA000
|
heap
|
page read and write
|
||
|
1A111593000
|
heap
|
page read and write
|
||
|
4C094F7000
|
stack
|
page read and write
|
||
|
226FA06A000
|
heap
|
page read and write
|
||
|
1A110C4B000
|
heap
|
page read and write
|
||
|
1E1FEAC6000
|
heap
|
page read and write
|
||
|
19CED68D000
|
heap
|
page read and write
|
||
|
30F7000
|
heap
|
page read and write
|
||
|
253CB6B0000
|
heap
|
page read and write
|
||
|
1689CF02000
|
heap
|
page read and write
|
||
|
30FB000
|
heap
|
page read and write
|
||
|
30FB000
|
heap
|
page read and write
|
||
|
253CB450000
|
heap
|
page read and write
|
||
|
9B597AE000
|
stack
|
page read and write
|
||
|
226FA073000
|
heap
|
page read and write
|
||
|
1E5E4381000
|
heap
|
page read and write
|
||
|
4B947FF000
|
stack
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
226FA05C000
|
heap
|
page read and write
|
||
|
253CB6FD000
|
heap
|
page read and write
|
||
|
4C096FD000
|
stack
|
page read and write
|
||
|
1A111500000
|
heap
|
page read and write
|
||
|
1A111A03000
|
heap
|
page read and write
|
||
|
828297E000
|
stack
|
page read and write
|
||
|
3115000
|
heap
|
page read and write
|
||
|
19CF2D30000
|
trusted library allocation
|
page read and write
|
||
|
226FA7B0000
|
trusted library allocation
|
page read and write
|
||
|
E9E000
|
direct allocation
|
page read and write
|
||
|
24093ED2000
|
heap
|
page read and write
|
||
|
1F26FD70000
|
direct allocation
|
page read and write
|
||
|
1E001610000
|
heap
|
page read and write
|
||
|
18000A000
|
unkown
|
page execute read
|
||
|
1A11159B000
|
heap
|
page read and write
|
||
|
4B944FF000
|
stack
|
page read and write
|
||
|
19CF2CA0000
|
trusted library allocation
|
page read and write
|
||
|
253CB8E0000
|
trusted library allocation
|
page read and write
|
||
|
19CF2F04000
|
heap
|
page read and write
|
||
|
1A111599000
|
heap
|
page read and write
|
||
|
D5C047E000
|
stack
|
page read and write
|
||
|
2414E413000
|
heap
|
page read and write
|
||
|
1F78104E000
|
heap
|
page read and write
|
||
|
19CF2BD0000
|
trusted library allocation
|
page read and write
|
||
|
1A111571000
|
heap
|
page read and write
|
||
|
1A111573000
|
heap
|
page read and write
|
||
|
32AE000
|
heap
|
page read and write
|
||
|
2414E3B0000
|
trusted library allocation
|
page read and write
|
||
|
72B000
|
heap
|
page read and write
|
||
|
30F7000
|
heap
|
page read and write
|
||
|
F33000
|
heap
|
page read and write
|
||
|
2FF0000
|
remote allocation
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
4B946FF000
|
stack
|
page read and write
|
||
|
1C00C013000
|
heap
|
page read and write
|
||
|
356E6FE000
|
stack
|
page read and write
|
||
|
226FA07A000
|
heap
|
page read and write
|
||
|
1A110CDB000
|
heap
|
page read and write
|
||
|
1A110CC2000
|
heap
|
page read and write
|
||
|
1E5E4378000
|
heap
|
page read and write
|
||
|
8282DFF000
|
stack
|
page read and write
|
||
|
1A110C47000
|
heap
|
page read and write
|
||
|
1689CD30000
|
remote allocation
|
page read and write
|
||
|
253CB7E0000
|
heap
|
page readonly
|
||
|
1F781050000
|
heap
|
page read and write
|
||
|
19CEEA30000
|
trusted library allocation
|
page read and write
|
||
|
4B93C7C000
|
stack
|
page read and write
|
||
|
1E00176D000
|
heap
|
page read and write
|
||
|
3266000
|
heap
|
page read and write
|
||
|
7C4357B000
|
stack
|
page read and write
|
||
|
1C00C02A000
|
heap
|
page read and write
|
||
|
7C439FF000
|
stack
|
page read and write
|
||
|
1A111402000
|
heap
|
page read and write
|
||
|
226FA040000
|
heap
|
page read and write
|
||
|
D5C019F000
|
stack
|
page read and write
|
||
|
226FA802000
|
trusted library allocation
|
page read and write
|
||
|
253CB6FD000
|
heap
|
page read and write
|
||
|
19CED707000
|
heap
|
page read and write
|
||
|
226FA06C000
|
heap
|
page read and write
|
||
|
4B93FFD000
|
stack
|
page read and write
|
||
|
19CED68B000
|
heap
|
page read and write
|
||
|
253CB690000
|
trusted library allocation
|
page read and write
|
||
|
CC9CBFE000
|
stack
|
page read and write
|
||
|
19CF2E1E000
|
heap
|
page read and write
|
||
|
19CF2C00000
|
trusted library allocation
|
page read and write
|
||
|
2414E44B000
|
heap
|
page read and write
|
||
|
20BD000
|
direct allocation
|
page readonly
|
||
|
1E5E437C000
|
heap
|
page read and write
|
||
|
1A111571000
|
heap
|
page read and write
|
||
|
1A111573000
|
heap
|
page read and write
|
||
|
1E1FEAB0000
|
heap
|
page read and write
|
||
|
4B942FD000
|
stack
|
page read and write
|
||
|
1A1115A4000
|
heap
|
page read and write
|
||
|
213D69A0000
|
trusted library allocation
|
page read and write
|
||
|
19CED613000
|
heap
|
page read and write
|
||
|
1E00175C000
|
heap
|
page read and write
|
||
|
30E4000
|
heap
|
page read and write
|
||
|
1D397913000
|
heap
|
page read and write
|
||
|
19CF2F03000
|
heap
|
page read and write
|
||
|
F9A000
|
heap
|
page read and write
|
||
|
1E16CA68000
|
heap
|
page read and write
|
||
|
1A110CAC000
|
heap
|
page read and write
|
||
|
1F781089000
|
heap
|
page read and write
|
||
|
253CB5B0000
|
heap
|
page read and write
|
||
|
1E00175C000
|
heap
|
page read and write
|
||
|
1E001749000
|
heap
|
page read and write
|
||
|
2414E502000
|
heap
|
page read and write
|
||
|
1E16CB00000
|
heap
|
page read and write
|
||
|
4C0927B000
|
stack
|
page read and write
|
||
|
19CF2EE1000
|
heap
|
page read and write
|
||
|
1A110C53000
|
heap
|
page read and write
|
||
|
19CED671000
|
heap
|
page read and write
|
||
|
1E001738000
|
heap
|
page read and write
|
||
|
1F781055000
|
heap
|
page read and write
|
||
|
1E5E44CB000
|
heap
|
page read and write
|
||
|
9B5A1FE000
|
stack
|
page read and write
|
||
|
5B803FE000
|
stack
|
page read and write
|
||
|
4F5BB0D000
|
stack
|
page read and write
|
||
|
306E000
|
stack
|
page read and write
|
||
|
226FA039000
|
heap
|
page read and write
|
||
|
3ED567E000
|
stack
|
page read and write
|
||
|
1A1115B1000
|
heap
|
page read and write
|
||
|
356EAFF000
|
stack
|
page read and write
|
||
|
690000
|
trusted library allocation
|
page read and write
|
||
|
213D68A0000
|
heap
|
page read and write
|
||
|
1689CB90000
|
heap
|
page read and write
|
||
|
298F000
|
heap
|
page read and write
|
||
|
30A4000
|
heap
|
page read and write
|
||
|
8282A7B000
|
stack
|
page read and write
|
||
|
8282BFE000
|
stack
|
page read and write
|
||
|
19CF2CA0000
|
trusted library allocation
|
page read and write
|
||
|
716000
|
heap
|
page read and write
|
||
|
5B80C7F000
|
stack
|
page read and write
|
||
|
1E001680000
|
heap
|
page read and write
|
||
|
2414E250000
|
heap
|
page read and write
|
||
|
7C4347B000
|
stack
|
page read and write
|
||
|
1E5E436D000
|
heap
|
page read and write
|
||
|
1689CE13000
|
heap
|
page read and write
|
||
|
3220000
|
heap
|
page read and write
|
||
|
1F78104A000
|
heap
|
page read and write
|
||
|
1C743545000
|
heap
|
page read and write
|
||
|
253CB8D5000
|
heap
|
page read and write
|
||
|
1E1FEAF6000
|
heap
|
page read and write
|
||
|
176A9F02000
|
heap
|
page read and write
|
||
|
7C435FF000
|
stack
|
page read and write
|
||
|
1A111550000
|
heap
|
page read and write
|
||
|
180001000
|
unkown
|
page execute read
|
||
|
1800BE000
|
unkown
|
page readonly
|
||
|
9871EFB000
|
stack
|
page read and write
|
||
|
1C00C113000
|
heap
|
page read and write
|
||
|
1A111591000
|
heap
|
page read and write
|
||
|
176A9E02000
|
heap
|
page read and write
|
||
|
1E16CA40000
|
heap
|
page read and write
|
||
|
EF7000
|
heap
|
page read and write
|
||
|
1800BB000
|
unkown
|
page readonly
|
||
|
226F9F10000
|
heap
|
page read and write
|
||
|
19CF2E11000
|
heap
|
page read and write
|
||
|
2414E2B0000
|
heap
|
page read and write
|
||
|
1E16C950000
|
heap
|
page read and write
|
||
|
1E16C8F0000
|
heap
|
page read and write
|
||
|
226F9EB0000
|
heap
|
page read and write
|
||
|
19CF2C10000
|
trusted library allocation
|
page read and write
|
||
|
73D000
|
heap
|
page read and write
|
||
|
1E5E436E000
|
heap
|
page read and write
|
||
|
19CF2E24000
|
heap
|
page read and write
|
||
|
356E7FC000
|
stack
|
page read and write
|
||
|
24093C50000
|
heap
|
page read and write
|
||
|
1A111A20000
|
heap
|
page read and write
|
||
|
1245000
|
heap
|
page read and write
|
||
|
4C097FF000
|
stack
|
page read and write
|
||
|
98722F9000
|
stack
|
page read and write
|
||
|
670000
|
direct allocation
|
page execute and read and write
|
||
|
19CF2EDE000
|
heap
|
page read and write
|
||
|
F51687E000
|
stack
|
page read and write
|
||
|
30A5000
|
heap
|
page read and write
|
||
|
1A111A00000
|
heap
|
page read and write
|
||
|
2010FF93000
|
heap
|
page read and write
|
||
|
19CF2A30000
|
trusted library allocation
|
page read and write
|
||
|
226FA064000
|
heap
|
page read and write
|
||
|
253CB71E000
|
heap
|
page read and write
|
||
|
19CF2AB0000
|
trusted library allocation
|
page read and write
|
||
|
19CF2BD8000
|
trusted library allocation
|
page read and write
|
||
|
1D39786F000
|
heap
|
page read and write
|
||
|
1A111593000
|
heap
|
page read and write
|
||
|
1689CD00000
|
trusted library allocation
|
page read and write
|
||
|
1A111596000
|
heap
|
page read and write
|
||
|
1A111593000
|
heap
|
page read and write
|
||
|
1A110C7E000
|
heap
|
page read and write
|
||
|
75496FC000
|
stack
|
page read and write
|
||
|
226FA04F000
|
heap
|
page read and write
|
||
|
1A110A70000
|
heap
|
page read and write
|
||
|
1A110CA5000
|
heap
|
page read and write
|
||
|
19CED625000
|
heap
|
page read and write
|
||
|
19CF2D30000
|
remote allocation
|
page read and write
|
||
|
253CB7D0000
|
trusted library allocation
|
page read and write
|
||
|
2414FDE0000
|
remote allocation
|
page read and write
|
||
|
1F26E348000
|
heap
|
page read and write
|
||
|
20C0000
|
trusted library allocation
|
page read and write
|
||
|
19CF2CF0000
|
trusted library allocation
|
page read and write
|
||
|
1D397802000
|
heap
|
page read and write
|
||
|
1A1113F0000
|
remote allocation
|
page read and write
|
||
|
1C741C40000
|
heap
|
page read and write
|
||
|
EF8000
|
heap
|
page read and write
|
||
|
30FB000
|
heap
|
page read and write
|
||
|
6E5000
|
heap
|
page read and write
|
||
|
1C741BA0000
|
heap
|
page read and write
|
||
|
1A110CF4000
|
heap
|
page read and write
|
||
|
19CED63D000
|
heap
|
page read and write
|
||
|
1200000
|
heap
|
page readonly
|
||
|
226FA03F000
|
heap
|
page read and write
|
||
|
226FA03D000
|
heap
|
page read and write
|
||
|
7C4327B000
|
stack
|
page read and write
|
||
|
1A111589000
|
heap
|
page read and write
|
||
|
F5166FD000
|
stack
|
page read and write
|
||
|
6B8277D000
|
stack
|
page read and write
|
||
|
1A111A02000
|
heap
|
page read and write
|
||
|
19CF2BD0000
|
trusted library allocation
|
page read and write
|
||
|
1E001723000
|
heap
|
page read and write
|
||
|
1E1FEAF3000
|
heap
|
page read and write
|
||
|
1C741BC0000
|
heap
|
page read and write
|
||
|
1C00C070000
|
heap
|
page read and write
|
||
|
19CF3030000
|
trusted library allocation
|
page read and write
|
||
|
F8B000
|
heap
|
page read and write
|
||
|
1D397800000
|
heap
|
page read and write
|
||
|
1F26FD9D000
|
direct allocation
|
page readonly
|
||
|
30F7000
|
heap
|
page read and write
|
||
|
1A111573000
|
heap
|
page read and write
|
||
|
19CED677000
|
heap
|
page read and write
|
||
|
1D3976D0000
|
heap
|
page read and write
|
||
|
226FA07D000
|
heap
|
page read and write
|
||
|
176A9E29000
|
heap
|
page read and write
|
||
|
3266000
|
heap
|
page read and write
|
||
|
E9F000
|
direct allocation
|
page readonly
|
||
|
708000
|
heap
|
page read and write
|
||
|
1E1FEAF6000
|
heap
|
page read and write
|
||
|
2F5000
|
stack
|
page read and write
|
||
|
2414E518000
|
heap
|
page read and write
|
||
|
3ED587F000
|
stack
|
page read and write
|
||
|
1C74356D000
|
direct allocation
|
page readonly
|
||
|
5B800F8000
|
stack
|
page read and write
|
||
|
1F781013000
|
heap
|
page read and write
|
||
|
356E36B000
|
stack
|
page read and write
|
||
|
2414FDE0000
|
remote allocation
|
page read and write
|
||
|
30FB000
|
heap
|
page read and write
|
||
|
1A111586000
|
heap
|
page read and write
|
||
|
30F7000
|
heap
|
page read and write
|
||
|
F8B000
|
heap
|
page read and write
|
||
|
754930F000
|
stack
|
page read and write
|
||
|
253CB6F6000
|
heap
|
page read and write
|
||
|
754928B000
|
stack
|
page read and write
|
||
|
240000
|
heap
|
page read and write
|
||
|
1D39787B000
|
heap
|
page read and write
|
||
|
1A110C55000
|
heap
|
page read and write
|
||
|
24093E13000
|
heap
|
page read and write
|
||
|
1A11158C000
|
heap
|
page read and write
|
||
|
19CF2EFE000
|
heap
|
page read and write
|
||
|
2414FE02000
|
trusted library allocation
|
page read and write
|
||
|
19CF2C00000
|
trusted library allocation
|
page read and write
|
||
|
226FA051000
|
heap
|
page read and write
|
||
|
D8C4E9B000
|
stack
|
page read and write
|
||
|
19CEDE02000
|
heap
|
page read and write
|
||
|
226FA052000
|
heap
|
page read and write
|
||
|
1A110BE0000
|
trusted library allocation
|
page read and write
|
||
|
1E5E4366000
|
heap
|
page read and write
|
||
|
9B596AC000
|
stack
|
page read and write
|
||
|
1E5E4310000
|
heap
|
page read and write
|
||
|
24093D50000
|
trusted library allocation
|
page read and write
|
||
|
1F781063000
|
heap
|
page read and write
|
||
|
1C00C04B000
|
heap
|
page read and write
|
||
|
253CB850000
|
trusted library allocation
|
page read and write
|
||
|
213D6A29000
|
heap
|
page read and write
|
||
|
8077000
|
heap
|
page read and write
|
||
|
24093ED0000
|
heap
|
page read and write
|
||
|
19CF2D20000
|
trusted library allocation
|
page read and write
|
||
|
1E1FE990000
|
heap
|
page read and write
|
||
|
73D000
|
heap
|
page read and write
|
||
|
1E16CA00000
|
heap
|
page read and write
|
||
|
1F26FD30000
|
direct allocation
|
page execute and read and write
|
||
|
1E16D402000
|
trusted library allocation
|
page read and write
|
||
|
1689CE02000
|
heap
|
page read and write
|
||
|
1A110C48000
|
heap
|
page read and write
|
||
|
226FA041000
|
heap
|
page read and write
|
||
|
1D39784C000
|
heap
|
page read and write
|
||
|
1C00C802000
|
trusted library allocation
|
page read and write
|
||
|
828287B000
|
stack
|
page read and write
|
||
|
1F26E510000
|
heap
|
page read and write
|
||
|
1F26FDE2000
|
heap
|
page read and write
|
||
|
1C00C055000
|
heap
|
page read and write
|
||
|
1E5E7E70000
|
heap
|
page read and write
|
||
|
4C0937B000
|
stack
|
page read and write
|
||
|
1C00C085000
|
heap
|
page read and write
|
||
|
226FA06E000
|
heap
|
page read and write
|
||
|
1E5E5DB0000
|
heap
|
page read and write
|
||
|
1F26E2D0000
|
heap
|
page read and write
|
||
|
176AA602000
|
trusted library allocation
|
page read and write
|
||
|
1A110C56000
|
heap
|
page read and write
|
||
|
19CF2E8B000
|
heap
|
page read and write
|
||
|
226FA02F000
|
heap
|
page read and write
|
||
|
2010FF80000
|
heap
|
page read and write
|
||
|
1C7494A3000
|
heap
|
page read and write
|
||
|
24094602000
|
heap
|
page read and write
|
||
|
F6C000
|
heap
|
page read and write
|
||
|
BB0000
|
remote allocation
|
page read and write
|
||
|
356E87E000
|
stack
|
page read and write
|
||
|
19CEE5E0000
|
trusted library allocation
|
page read and write
|
||
|
226FA04B000
|
heap
|
page read and write
|
||
|
4B93E7B000
|
stack
|
page read and write
|
||
|
1E1FEAC1000
|
heap
|
page read and write
|
||
|
D5C04F8000
|
stack
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
1A110C81000
|
heap
|
page read and write
|
||
|
3135000
|
heap
|
page read and write
|
||
|
19CED702000
|
heap
|
page read and write
|
||
|
1D397851000
|
heap
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
2414E427000
|
heap
|
page read and write
|
||
|
2414E513000
|
heap
|
page read and write
|
||
|
1A110CED000
|
heap
|
page read and write
|
||
|
1A111A02000
|
heap
|
page read and write
|
||
|
310C000
|
heap
|
page read and write
|
||
|
1C00C04D000
|
heap
|
page read and write
|
||
|
253CB8D0000
|
heap
|
page read and write
|
||
|
18008C000
|
unkown
|
page readonly
|
||
|
4F5BB8E000
|
stack
|
page read and write
|
||
|
680000
|
heap
|
page readonly
|
||
|
1A11158C000
|
heap
|
page read and write
|
||
|
226FA046000
|
heap
|
page read and write
|
||
|
2FCE000
|
stack
|
page read and write
|
||
|
226FA050000
|
heap
|
page read and write
|
||
|
2090000
|
direct allocation
|
page read and write
|
||
|
1C00BF60000
|
trusted library allocation
|
page read and write
|
||
|
19CED3D0000
|
heap
|
page read and write
|
||
|
3118000
|
heap
|
page read and write
|
||
|
1D398202000
|
trusted library allocation
|
page read and write
|
||
|
226FA013000
|
heap
|
page read and write
|
||
|
620000
|
heap
|
page read and write
|
There are 866 hidden memdumps, click here to show them.