Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
FileOpenInstaller.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
|
C:\Users\user\AppData\Local\Temp\is-0FUR6.tmp\FileOpenInstaller.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
 |
|
|
C:\Users\user\AppData\Local\Temp\is-IK3FC.tmp\FileOpenInstaller.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\FileOpen.api (copy)
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\is-U9E22.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files\FileOpen\Services\FileOpenBroker64.exe (copy)
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files\FileOpen\Services\FileOpenManager64.exe (copy)
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files\FileOpen\Services\is-GL49N.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files\FileOpen\Services\is-KGJ5A.tmp
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Program Files\FileOpen\UtilDll.dll (copy)
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files\FileOpen\examples\installcomplete.pdf (copy)
|
PDF document, version 1.6 (zip deflate encoded)
|
dropped
|
||
|
C:\Program Files\FileOpen\examples\is-SJIP9.tmp
|
PDF document, version 1.6 (zip deflate encoded)
|
dropped
|
||
|
C:\Program Files\FileOpen\is-BU7MM.tmp
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files\FileOpen\is-LL3TI.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files\FileOpen\unins000.dat
|
InnoSetup Log 64-bit FileOpen Client B998, version 0x418, 28302 bytes, 585948\37\user\, C:\Program Files\FileOpen\376\377\377\007
|
dropped
|
||
|
C:\Program Files\FileOpen\unins000.exe (copy)
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Program Files\FileOpen\unins000.msg
|
InnoSetup messages, version 6.0.0, 243 messages (UTF-16), Cancel installation
|
dropped
|
||
|
C:\ProgramData\FileOpen\Updates\L10n\fotk_de.lcd (copy)
|
ASCII text, with very long lines (12648), with no line terminators
|
dropped
|
||
|
C:\ProgramData\FileOpen\Updates\L10n\fotk_fr.lcd (copy)
|
ASCII text, with very long lines (12752), with no line terminators
|
dropped
|
||
|
C:\ProgramData\FileOpen\Updates\L10n\fotk_ja.lcd (copy)
|
ASCII text, with very long lines (15400), with no line terminators
|
dropped
|
||
|
C:\ProgramData\FileOpen\Updates\L10n\fotk_zh.lcd (copy)
|
ASCII text, with very long lines (10172), with no line terminators
|
dropped
|
||
|
C:\ProgramData\FileOpen\Updates\L10n\is-EBO4V.tmp
|
ASCII text, with very long lines (12648), with no line terminators
|
dropped
|
||
|
C:\ProgramData\FileOpen\Updates\L10n\is-ESNP0.tmp
|
ASCII text, with very long lines (10172), with no line terminators
|
dropped
|
||
|
C:\ProgramData\FileOpen\Updates\L10n\is-F36NO.tmp
|
ASCII text, with very long lines (15400), with no line terminators
|
dropped
|
||
|
C:\ProgramData\FileOpen\Updates\L10n\is-F9Q7I.tmp
|
ASCII text, with very long lines (12752), with no line terminators
|
dropped
|
||
|
C:\ProgramData\FileOpen\Updates\Lists\fotkBus.lcd (copy)
|
ASCII text, with very long lines (7568), with no line terminators
|
dropped
|
||
|
C:\ProgramData\FileOpen\Updates\Lists\fotkCnfs.lcd (copy)
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\ProgramData\FileOpen\Updates\Lists\fotkDrs.lcd (copy)
|
ASCII text, with very long lines (7248), with no line terminators
|
dropped
|
||
|
C:\ProgramData\FileOpen\Updates\Lists\fotkLngs.lcd (copy)
|
ASCII text, with very long lines (720), with no line terminators
|
dropped
|
||
|
C:\ProgramData\FileOpen\Updates\Lists\fotkLsts.lcd (copy)
|
ASCII text, with very long lines (1104), with no line terminators
|
dropped
|
||
|
C:\ProgramData\FileOpen\Updates\Lists\fotkNis.lcd (copy)
|
ASCII text, with very long lines (2640), with no line terminators
|
dropped
|
||
|
C:\ProgramData\FileOpen\Updates\Lists\fotkPrs.lcd (copy)
|
ASCII text, with very long lines (2960), with no line terminators
|
dropped
|
||
|
C:\ProgramData\FileOpen\Updates\Lists\fotkRds.lcd (copy)
|
ASCII text, with very long lines (424), with no line terminators
|
dropped
|
||
|
C:\ProgramData\FileOpen\Updates\Lists\is-0GB27.tmp
|
ASCII text, with very long lines (1104), with no line terminators
|
dropped
|
||
|
C:\ProgramData\FileOpen\Updates\Lists\is-1DS3V.tmp
|
ASCII text, with very long lines (424), with no line terminators
|
dropped
|
||
|
C:\ProgramData\FileOpen\Updates\Lists\is-3GDF5.tmp
|
ASCII text, with very long lines (2960), with no line terminators
|
dropped
|
||
|
C:\ProgramData\FileOpen\Updates\Lists\is-696VR.tmp
|
ASCII text, with very long lines (2640), with no line terminators
|
dropped
|
||
|
C:\ProgramData\FileOpen\Updates\Lists\is-AKGRI.tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\ProgramData\FileOpen\Updates\Lists\is-BSLJ5.tmp
|
ASCII text, with very long lines (720), with no line terminators
|
dropped
|
||
|
C:\ProgramData\FileOpen\Updates\Lists\is-OPHGC.tmp
|
ASCII text, with very long lines (7568), with no line terminators
|
dropped
|
||
|
C:\ProgramData\FileOpen\Updates\Lists\is-UGF2P.tmp
|
ASCII text, with very long lines (7248), with no line terminators
|
dropped
|
||
|
C:\ProgramData\USOPrivate\UpdateStore\updatestore51b519d5-b6f5-4333-8df6-e74d7c9aead4.xml (copy)
|
XML 1.0 document, ASCII text, with very long lines (2494), with no line terminators
|
dropped
|
||
|
C:\ProgramData\USOPrivate\UpdateStore\updatestoretemp51b519d5-b6f5-4333-8df6-e74d7c9aead4.xml
|
XML 1.0 document, ASCII text, with very long lines (2494), with no line terminators
|
dropped
|
||
|
C:\ProgramData\USOShared\Logs\UpdateSessionOrchestration.001.etl (copy)
|
data
|
dropped
|
||
|
C:\ProgramData\USOShared\Logs\UpdateSessionOrchestration_Temp.1.etl
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\05349744be1ad4ad_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0786087c3c360803_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0998db3a32ab3f41_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0f25049d69125b1e_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\230e5fe3e6f82b2c_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2798067b152b83c7_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2a426f11fd8ebe18_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\3a4ae3940784292a_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\4a0e94571d979b3c_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\560e9c8bff5008d8_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\56c4cd218555ae2b_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\6fb6d030c4ebbc21_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\7120c35b509b0fae_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\71febec55d5c75cd_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\86b8040b7132b608_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c159cc5880890bc_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c84d92a9dbce3e0_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8e417e79df3bf0e9_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\91cec06bb2836fa5_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\927a1596c37ebe5e_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\92c56fa2a6c4d5ba_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\946896ee27df7947_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\983b7a3da8f39a46_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\aba6710fde0876af_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\b6d5deb4812ac6e9_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bba29d2e6197e2f4_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bf0ac66ae1eb4a7f_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\cf3e34002cde7e9c_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d449e58cb15daaf1_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d88192ac53852604_0
|
data
|
modified
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\de789e80edd740d6_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f0cf6dfa8a1afa3d_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f4a0d4ca2f3b95da_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f941376b2efdd6e6_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f971b7eda7fa05c3_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fd17b2d8331c91e8_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fdd733564de6fbcb_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\febb41df4ea2b63a_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\temp-index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\the-real-index (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\the-real-index~RF62cf1a.TMP (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old~RF625595.TMP (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Visited Links
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages
|
SQLite 3.x database, last written using SQLite version 3024000, file counter 12, database pages 15, cookie 0x5, schema 4,
UTF-8, version-valid-for 12
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\UserCache.bin
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\Setup Log 2023-02-07 #001.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-IORDB.tmp\UtilDll.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\is-IORDB.tmp\_isetup\_setup64.tmp
|
PE32+ executable (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\FileOpen\Fowpmadi.txt
|
data
|
dropped
|
||
|
C:\Windows\Logs\waasmedic\waasmedic.20230208_021515_685.etl
|
data
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\MpCmdRun.log
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
modified
|
||
|
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\DeliveryOptimization\Logs\dosvc.20230208_021514_186.etl
|
data
|
dropped
|
There are 90 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\FileOpenInstaller.exe
|
C:\Users\user\Desktop\FileOpenInstaller.exe
|
|
|
|
C:\Users\user\AppData\Local\Temp\is-0FUR6.tmp\FileOpenInstaller.tmp
|
"C:\Users\user\AppData\Local\Temp\is-0FUR6.tmp\FileOpenInstaller.tmp" /SL5="$10404,6054369,1320960,C:\Users\user\Desktop\FileOpenInstaller.exe"
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k NetworkService -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k wusvcs -p -s WaaSMedicSvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p
|
|
|
|
C:\Users\user\AppData\Local\Temp\is-IK3FC.tmp\FileOpenInstaller.tmp
|
"C:\Users\user\AppData\Local\Temp\is-IK3FC.tmp\FileOpenInstaller.tmp" /SL5="$202B6,6054369,1320960,C:\Users\user\Desktop\FileOpenInstaller.exe"
|
|
|
|
C:\Windows\System32\SgrmBroker.exe
|
C:\Windows\system32\SgrmBroker.exe
|
||
|
C:\Windows\System32\sc.exe
|
"C:\Windows\system32\sc.exe" create FileOpenManager binpath= "\"C:\Program Files\FileOpen\Services\FileOpenManager64.exe\""
start= auto
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\sc.exe
|
"C:\Windows\system32\sc.exe" description FileOpenManager "FileOpen Client Manager"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\sc.exe
|
"C:\Windows\system32\sc.exe" start FileOpenManager
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Program Files\FileOpen\Services\FileOpenManager64.exe
|
C:\Program Files\FileOpen\Services\FileOpenManager64.exe
|
||
|
C:\Program Files\FileOpen\Services\FileOpenBroker64.exe
|
C:\Program Files\FileOpen\Services\FileOpenBroker64.exe
|
||
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
|
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" installcomplete.pdf
|
||
|
C:\Program Files\FileOpen\Services\FileOpenBroker64.exe
|
"C:\Program Files\FileOpen\Services\FileOpenBroker64.exe"
|
||
|
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
|
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043
|
||
|
C:\Program Files\Windows Defender\MpCmdRun.exe
|
"C:\Program Files\Windows Defender\mpcmdrun.exe" -wdenable
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 18 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://jrsoftware.org/ishelp/index.php?topic=setupcmdlineSetupU
|
unknown
|
||
|
https://disneyplus.com/legal/subscriber-agreement
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Routes/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Driving
|
unknown
|
||
|
http://plugin.fileopen.com/.
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Traffic/Incidents/
|
unknown
|
||
|
https://t0.tiles.ditu.live.com/tiles/gen
|
unknown
|
||
|
https://plugin.fileopen.com/E
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Walking
|
unknown
|
||
|
http://plugin.fileopen.com/.z&
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n=
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/logging.ashx
|
unknown
|
||
|
https://usr.fileopen.com/check/usr/aZBj6Q
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
https://plugin.fileopen.com/installcomplete.ashx?Request=Setting&Stamp=1675822537&Mode=CNR&USR=10007
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=
|
unknown
|
||
|
http://fileopen.com/updates
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Transit/Schedules/
|
unknown
|
||
|
http://www.fileopen.com/request-tech-support/Zhttp://www.fileopen.com/request-tech-support/
|
unknown
|
||
|
http://help.disneyplus.com
|
unknown
|
||
|
http://www.fileopen.com/0
|
unknown
|
||
|
http://www.bingmapsportal.com
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/
|
unknown
|
||
|
http://www.fileopen.com/request-tech-support/Q/3
|
unknown
|
||
|
https://plugin.fileopen.com/
|
unknown
|
||
|
http://www.innosetup.com/
|
unknown
|
||
|
https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx
|
unknown
|
||
|
https://www.disneyplus.com/legal/your-california-privacy-rights
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r=
|
unknown
|
||
|
http://www.fileopen.com/request-tech-support/qM
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?
|
unknown
|
||
|
https://www.tiktok.com/legal/report/feedback
|
unknown
|
||
|
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=
|
unknown
|
||
|
https://%s.xboxlive.com
|
unknown
|
||
|
https://dev.ditu.live.com/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Locations
|
unknown
|
||
|
https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v=
|
unknown
|
||
|
https://dev.virtualearth.net/mapcontrol/logging.ashx
|
unknown
|
||
|
https://usr.fileopen.com/
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r=
|
unknown
|
||
|
https://www.disneyplus.com/legal/privacy-policy
|
unknown
|
||
|
https://plugin.fileopen.com/installcomplete.ashx?Request=DocPerm&Stamp=1675822538&Mode=CNR&USR=10007
|
unknown
|
||
|
http://www.fileopen.com/request-tech-support/
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
|
https://usr.fileopen.com/check/usr/aZBj6Q+rFX1ikU6tKzx6k1ti|QIahCGjsg4RWrsiwFk=
|
72.3.136.136
|
||
|
https://dynamic.t
|
unknown
|
||
|
http://fileopen.com
|
unknown
|
||
|
http://www.fileopen.com/%sPlugin
|
unknown
|
||
|
https://dev.virtualearth.net/REST/v1/Routes/Transit
|
unknown
|
||
|
https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=
|
unknown
|
||
|
http://www.remobjects.com/ps
|
unknown
|
||
|
https://activity.windows.com
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/Locations
|
unknown
|
||
|
http://www.fileopen.com/%s
|
unknown
|
||
|
https://%s.dnet.xboxlive.com
|
unknown
|
||
|
https://dev.ditu.live.com/REST/v1/JsonFilter/VenueMaps/data/
|
unknown
|
||
|
https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=
|
unknown
|
||
|
http://www.fileopen.com/request-tech-support/Q
|
unknown
|
||
|
http://www.fileopen.com/request-tech-support/q
|
unknown
|
There are 53 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
usr.fileopen.com
|
72.3.136.136
|
||
|
plugin.fileopen.com
|
72.3.136.132
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
192.168.2.1
|
unknown
|
unknown
|
||
|
72.3.136.136
|
usr.fileopen.com
|
United States
|
||
|
72.3.136.132
|
plugin.fileopen.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
|
cval
|
|
|
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
RegFiles0000
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
|
RegFilesHash
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
FileOpenBroker
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileOpenClient_is1
|
Inno Setup: Setup Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileOpenClient_is1
|
Inno Setup: App Path
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileOpenClient_is1
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileOpenClient_is1
|
Inno Setup: Icon Group
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileOpenClient_is1
|
Inno Setup: User
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileOpenClient_is1
|
Inno Setup: Setup Type
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileOpenClient_is1
|
Inno Setup: Selected Components
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileOpenClient_is1
|
Inno Setup: Deselected Components
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileOpenClient_is1
|
Inno Setup: Language
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileOpenClient_is1
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileOpenClient_is1
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileOpenClient_is1
|
QuietUninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileOpenClient_is1
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileOpenClient_is1
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileOpenClient_is1
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileOpenClient_is1
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileOpenClient_is1
|
NoModify
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileOpenClient_is1
|
NoRepair
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileOpenClient_is1
|
InstallDate
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileOpenClient_is1
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Usage
|
MonthID
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Orchestrator\Scheduler
|
UsoCrmScan
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Orchestrator
|
USODiagnostics
|
||
|
HKEY_CURRENT_USER\Software\FileOpen
|
Fowp3Uuid
|
||
|
HKEY_CURRENT_USER\Software\FileOpen
|
Fowp3Madi
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
aFS
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
tDIText
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
tFileName
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
tFileSource
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
sFileAncestors
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
sDI
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
sDate
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
uFileSize
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c1
|
uPageCount
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
|
aFS
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
|
tDIText
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
|
tFileName
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
|
sFileAncestors
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
|
sDI
|
||
|
HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\DC\AVGeneral\cRecentFiles\c2
|
sDate
|
There are 38 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
6E1000
|
unkown
|
page readonly
|
||
|
948000
|
heap
|
page read and write
|
||
|
1E2205C0000
|
heap
|
page read and write
|
||
|
C7E247F000
|
stack
|
page read and write
|
||
|
1B6BCA4E000
|
heap
|
page read and write
|
||
|
925000
|
heap
|
page read and write
|
||
|
367A000
|
direct allocation
|
page read and write
|
||
|
1F4647A0000
|
heap
|
page read and write
|
||
|
24A3F505000
|
heap
|
page read and write
|
||
|
12DB2E30000
|
heap
|
page read and write
|
||
|
1755645E000
|
heap
|
page read and write
|
||
|
17556402000
|
heap
|
page read and write
|
||
|
936000
|
heap
|
page read and write
|
||
|
14E14B50000
|
heap
|
page read and write
|
||
|
933000
|
heap
|
page read and write
|
||
|
12DB2467000
|
heap
|
page read and write
|
||
|
6AC000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
5291F7F000
|
stack
|
page read and write
|
||
|
1F1FF541000
|
heap
|
page read and write
|
||
|
23F68D12000
|
heap
|
page read and write
|
||
|
6C5000
|
unkown
|
page readonly
|
||
|
12DB25B9000
|
heap
|
page read and write
|
||
|
B7943EB000
|
stack
|
page read and write
|
||
|
8D2000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
8EC000
|
heap
|
page read and write
|
||
|
24A3F130000
|
heap
|
page read and write
|
||
|
235F000
|
direct allocation
|
page read and write
|
||
|
29DADBC0000
|
heap
|
page read and write
|
||
|
938000
|
heap
|
page read and write
|
||
|
1B6BCA48000
|
heap
|
page read and write
|
||
|
AACBDFB000
|
stack
|
page read and write
|
||
|
18971502000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
D8A000
|
direct allocation
|
page read and write
|
||
|
3855000
|
direct allocation
|
page read and write
|
||
|
C8B000
|
direct allocation
|
page read and write
|
||
|
1B8CBDEF000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
1F1FF6C5000
|
heap
|
page read and write
|
||
|
58AF000
|
stack
|
page read and write
|
||
|
7FE87000
|
direct allocation
|
page read and write
|
||
|
1E220630000
|
heap
|
page read and write
|
||
|
3473000
|
direct allocation
|
page read and write
|
||
|
1B8CD870000
|
heap
|
page read and write
|
||
|
1F1FF55E000
|
heap
|
page read and write
|
||
|
1B6BD5A6000
|
heap
|
page read and write
|
||
|
62CDBFE000
|
stack
|
page read and write
|
||
|
1F464A13000
|
heap
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
12DB2413000
|
heap
|
page read and write
|
||
|
94F000
|
heap
|
page read and write
|
||
|
2299000
|
direct allocation
|
page read and write
|
||
|
7FE73000
|
direct allocation
|
page read and write
|
||
|
7FE4E000
|
direct allocation
|
page read and write
|
||
|
5291A8A000
|
stack
|
page read and write
|
||
|
3482000
|
direct allocation
|
page read and write
|
||
|
349A000
|
direct allocation
|
page read and write
|
||
|
1B6BD58D000
|
heap
|
page read and write
|
||
|
937000
|
heap
|
page read and write
|
||
|
644C67C000
|
stack
|
page read and write
|
||
|
1B6BCA4B000
|
heap
|
page read and write
|
||
|
7FE2E000
|
direct allocation
|
page read and write
|
||
|
788FBB000
|
stack
|
page read and write
|
||
|
5291B8F000
|
stack
|
page read and write
|
||
|
12DB2320000
|
trusted library allocation
|
page read and write
|
||
|
644C97F000
|
stack
|
page read and write
|
||
|
2B56F664000
|
heap
|
page read and write
|
||
|
29DADC47000
|
heap
|
page read and write
|
||
|
8DC000
|
heap
|
page read and write
|
||
|
7FF72BF59000
|
unkown
|
page write copy
|
||
|
1E7FB980000
|
heap
|
page read and write
|
||
|
1F464A57000
|
heap
|
page read and write
|
||
|
7FE83000
|
direct allocation
|
page read and write
|
||
|
214A97E0000
|
remote allocation
|
page read and write
|
||
|
12DB2E23000
|
heap
|
page read and write
|
||
|
810000
|
direct allocation
|
page execute and read and write
|
||
|
55B1000
|
heap
|
page read and write
|
||
|
1F464A29000
|
heap
|
page read and write
|
||
|
902000
|
heap
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
3465000
|
direct allocation
|
page read and write
|
||
|
29DADC6B000
|
heap
|
page read and write
|
||
|
5ED7A7F000
|
stack
|
page read and write
|
||
|
2390C460000
|
heap
|
page read and write
|
||
|
24DCA2A1000
|
heap
|
page read and write
|
||
|
78957B000
|
stack
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
1B6BD585000
|
heap
|
page read and write
|
||
|
3490000
|
direct allocation
|
page read and write
|
||
|
7FF7967A0000
|
unkown
|
page readonly
|
||
|
48E127B000
|
stack
|
page read and write
|
||
|
3696000
|
direct allocation
|
page read and write
|
||
|
1B6BD59F000
|
heap
|
page read and write
|
||
|
911000
|
heap
|
page read and write
|
||
|
34AA000
|
direct allocation
|
page read and write
|
||
|
2692000
|
direct allocation
|
page read and write
|
||
|
1B6BCAE0000
|
heap
|
page read and write
|
||
|
1B6BCB13000
|
heap
|
page read and write
|
||
|
672000
|
unkown
|
page readonly
|
||
|
2390C45B000
|
heap
|
page read and write
|
||
|
1E7FB915000
|
heap
|
page read and write
|
||
|
8384B7D000
|
stack
|
page read and write
|
||
|
7FF72BF0B000
|
unkown
|
page readonly
|
||
|
24A3F500000
|
heap
|
page read and write
|
||
|
3640000
|
direct allocation
|
page read and write
|
||
|
1B6BC980000
|
heap
|
page read and write
|
||
|
8FF07F000
|
stack
|
page read and write
|
||
|
1F464A76000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
17556461000
|
heap
|
page read and write
|
||
|
1ED71F08000
|
heap
|
page read and write
|
||
|
29DADC5F000
|
heap
|
page read and write
|
||
|
789677000
|
stack
|
page read and write
|
||
|
2489A7F000
|
stack
|
page read and write
|
||
|
2390C453000
|
heap
|
page read and write
|
||
|
24DCA23C000
|
heap
|
page read and write
|
||
|
2390C380000
|
trusted library allocation
|
page read and write
|
||
|
7FF72BD90000
|
unkown
|
page readonly
|
||
|
1B8CBDC0000
|
heap
|
page read and write
|
||
|
45AB5FF000
|
stack
|
page read and write
|
||
|
1B6BD5A7000
|
heap
|
page read and write
|
||
|
944000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
90B000
|
heap
|
page read and write
|
||
|
12DB2443000
|
heap
|
page read and write
|
||
|
1B6BD55B000
|
heap
|
page read and write
|
||
|
1E2208D5000
|
heap
|
page read and write
|
||
|
CE0D47B000
|
stack
|
page read and write
|
||
|
90B000
|
heap
|
page read and write
|
||
|
14E14AE0000
|
heap
|
page read and write
|
||
|
1E7FB910000
|
heap
|
page read and write
|
||
|
83846FE000
|
stack
|
page read and write
|
||
|
7FF72BD91000
|
unkown
|
page execute read
|
||
|
7FF7967A1000
|
unkown
|
page execute read
|
||
|
248A0FA000
|
stack
|
page read and write
|
||
|
7FF796837000
|
unkown
|
page readonly
|
||
|
5301000
|
heap
|
page read and write
|
||
|
34BE000
|
direct allocation
|
page read and write
|
||
|
9DF000
|
stack
|
page read and write
|
||
|
CE0D57B000
|
stack
|
page read and write
|
||
|
12DB2D22000
|
heap
|
page read and write
|
||
|
7A0000
|
heap
|
page read and write
|
||
|
1ED71BC0000
|
heap
|
page read and write
|
||
|
94E000
|
heap
|
page read and write
|
||
|
7FE94000
|
direct allocation
|
page read and write
|
||
|
932000
|
heap
|
page read and write
|
||
|
78997A000
|
stack
|
page read and write
|
||
|
935000
|
heap
|
page read and write
|
||
|
1B6BD599000
|
heap
|
page read and write
|
||
|
5ED779F000
|
stack
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
C7E26FB000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
2762000
|
direct allocation
|
page read and write
|
||
|
29DADC4D000
|
heap
|
page read and write
|
||
|
2390C490000
|
heap
|
page read and write
|
||
|
6EF000
|
unkown
|
page readonly
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
24DCA26A000
|
heap
|
page read and write
|
||
|
929000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
1F1FF547000
|
heap
|
page read and write
|
||
|
1B6BD500000
|
heap
|
page read and write
|
||
|
29DADC32000
|
heap
|
page read and write
|
||
|
2390C429000
|
heap
|
page read and write
|
||
|
12DB2E02000
|
heap
|
page read and write
|
||
|
39FE000
|
direct allocation
|
page read and write
|
||
|
23F68D00000
|
heap
|
page read and write
|
||
|
1B6BD5A5000
|
heap
|
page read and write
|
||
|
14E14D85000
|
heap
|
page read and write
|
||
|
29DADC6D000
|
heap
|
page read and write
|
||
|
24DCA2F7000
|
heap
|
page read and write
|
||
|
23F68229000
|
heap
|
page read and write
|
||
|
12DB2492000
|
heap
|
page read and write
|
||
|
1B6BD5B7000
|
heap
|
page read and write
|
||
|
4C4000
|
unkown
|
page readonly
|
||
|
DB0000
|
heap
|
page read and write
|
||
|
1B6BD577000
|
heap
|
page read and write
|
||
|
62CD9FF000
|
stack
|
page read and write
|
||
|
2341000
|
direct allocation
|
page read and write
|
||
|
3400000
|
heap
|
page read and write
|
||
|
2B56FE02000
|
trusted library allocation
|
page read and write
|
||
|
1B6BD56E000
|
heap
|
page read and write
|
||
|
1B6BD57A000
|
heap
|
page read and write
|
||
|
8FF1FB000
|
stack
|
page read and write
|
||
|
1B6BD5C0000
|
heap
|
page read and write
|
||
|
214A9813000
|
heap
|
page read and write
|
||
|
2358000
|
direct allocation
|
page read and write
|
||
|
1B6BCAFA000
|
heap
|
page read and write
|
||
|
1B6BD5B2000
|
heap
|
page read and write
|
||
|
36EB000
|
direct allocation
|
page read and write
|
||
|
2390C45F000
|
heap
|
page read and write
|
||
|
12DB2190000
|
heap
|
page read and write
|
||
|
1B6BCAEB000
|
heap
|
page read and write
|
||
|
1B6BD58D000
|
heap
|
page read and write
|
||
|
5E5D31A000
|
stack
|
page read and write
|
||
|
B794FFE000
|
stack
|
page read and write
|
||
|
7FF72BF88000
|
unkown
|
page readonly
|
||
|
29DADC3D000
|
heap
|
page read and write
|
||
|
914000
|
heap
|
page read and write
|
||
|
1897144B000
|
heap
|
page read and write
|
||
|
1B6BD591000
|
heap
|
page read and write
|
||
|
934000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
2390C42D000
|
heap
|
page read and write
|
||
|
2366000
|
direct allocation
|
page read and write
|
||
|
18971390000
|
heap
|
page read and write
|
||
|
1B6BD5A7000
|
heap
|
page read and write
|
||
|
1F1FF54F000
|
heap
|
page read and write
|
||
|
7FF72BF85000
|
unkown
|
page read and write
|
||
|
3686000
|
direct allocation
|
page read and write
|
||
|
1E7FB8B0000
|
heap
|
page read and write
|
||
|
55E1000
|
heap
|
page read and write
|
||
|
2710000
|
direct allocation
|
page read and write
|
||
|
1F1FF55F000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
644C77F000
|
stack
|
page read and write
|
||
|
29DADC7B000
|
heap
|
page read and write
|
||
|
E130C7E000
|
stack
|
page read and write
|
||
|
24DCA2D7000
|
heap
|
page read and write
|
||
|
3713000
|
direct allocation
|
page read and write
|
||
|
5E5D8FE000
|
stack
|
page read and write
|
||
|
2580000
|
direct allocation
|
page read and write
|
||
|
189713A0000
|
heap
|
page read and write
|
||
|
12DB2DC7000
|
heap
|
page read and write
|
||
|
1B6BD5A9000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
2B56F713000
|
heap
|
page read and write
|
||
|
29DADC63000
|
heap
|
page read and write
|
||
|
17556280000
|
heap
|
page read and write
|
||
|
B794BFE000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
23F682BB000
|
heap
|
page read and write
|
||
|
27A5000
|
direct allocation
|
page read and write
|
||
|
91A000
|
heap
|
page read and write
|
||
|
12DB2D00000
|
heap
|
page read and write
|
||
|
55B0000
|
heap
|
page read and write
|
||
|
36E8000
|
direct allocation
|
page read and write
|
||
|
2B56F400000
|
heap
|
page read and write
|
||
|
1B6BD59C000
|
heap
|
page read and write
|
||
|
78987F000
|
stack
|
page read and write
|
||
|
2730000
|
heap
|
page read and write
|
||
|
E130F7F000
|
stack
|
page read and write
|
||
|
911000
|
heap
|
page read and write
|
||
|
29DADC68000
|
heap
|
page read and write
|
||
|
644CC7F000
|
stack
|
page read and write
|
||
|
1B6BD5CE000
|
heap
|
page read and write
|
||
|
838497F000
|
stack
|
page read and write
|
||
|
83847FE000
|
stack
|
page read and write
|
||
|
945000
|
heap
|
page read and write
|
||
|
903000
|
heap
|
page read and write
|
||
|
62CDFFE000
|
stack
|
page read and write
|
||
|
1B6BCA54000
|
heap
|
page read and write
|
||
|
1ED71E57000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
29DADC3B000
|
heap
|
page read and write
|
||
|
1B6BD58A000
|
heap
|
page read and write
|
||
|
AACC1FE000
|
stack
|
page read and write
|
||
|
7FEAC000
|
direct allocation
|
page read and write
|
||
|
7A8000
|
heap
|
page read and write
|
||
|
1B6BD522000
|
heap
|
page read and write
|
||
|
AACBF7F000
|
stack
|
page read and write
|
||
|
8A9000
|
heap
|
page read and write
|
||
|
1B8CBDF7000
|
heap
|
page read and write
|
||
|
2B56F470000
|
heap
|
page read and write
|
||
|
1F465202000
|
trusted library allocation
|
page read and write
|
||
|
5291E79000
|
stack
|
page read and write
|
||
|
1B6BD55D000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
17556513000
|
heap
|
page read and write
|
||
|
24A3F270000
|
heap
|
page read and write
|
||
|
1ED71E78000
|
heap
|
page read and write
|
||
|
2489EFA000
|
stack
|
page read and write
|
||
|
214A9640000
|
heap
|
page read and write
|
||
|
8FF3F7000
|
stack
|
page read and write
|
||
|
8D4000
|
heap
|
page read and write
|
||
|
1B6BD596000
|
heap
|
page read and write
|
||
|
1B8CC000000
|
heap
|
page read and write
|
||
|
7FF72BF59000
|
unkown
|
page read and write
|
||
|
29DADC5C000
|
heap
|
page read and write
|
||
|
1B6BCA56000
|
heap
|
page read and write
|
||
|
345E000
|
direct allocation
|
page read and write
|
||
|
17556508000
|
heap
|
page read and write
|
||
|
7FF72BF7C000
|
unkown
|
page read and write
|
||
|
7FEA2000
|
direct allocation
|
page read and write
|
||
|
18971454000
|
heap
|
page read and write
|
||
|
24DCA210000
|
heap
|
page read and write
|
||
|
23F6826E000
|
heap
|
page read and write
|
||
|
12DB2D90000
|
heap
|
page read and write
|
||
|
1897143B000
|
heap
|
page read and write
|
||
|
17556463000
|
heap
|
page read and write
|
||
|
17556502000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
7899FF000
|
stack
|
page read and write
|
||
|
644C57E000
|
stack
|
page read and write
|
||
|
226E000
|
direct allocation
|
page read and write
|
||
|
944000
|
heap
|
page read and write
|
||
|
644C3FB000
|
stack
|
page read and write
|
||
|
7FF72BF62000
|
unkown
|
page write copy
|
||
|
29DAE602000
|
trusted library allocation
|
page read and write
|
||
|
C7E2A7C000
|
stack
|
page read and write
|
||
|
8DF000
|
heap
|
page read and write
|
||
|
2331000
|
direct allocation
|
page read and write
|
||
|
91B000
|
heap
|
page read and write
|
||
|
347D000
|
direct allocation
|
page read and write
|
||
|
DA0000
|
heap
|
page read and write
|
||
|
1B6BD587000
|
heap
|
page read and write
|
||
|
227D000
|
direct allocation
|
page read and write
|
||
|
1B6BD5C6000
|
heap
|
page read and write
|
||
|
1B6BCA4D000
|
heap
|
page read and write
|
||
|
1755647F000
|
heap
|
page read and write
|
||
|
17556422000
|
heap
|
page read and write
|
||
|
1B6BCAB1000
|
heap
|
page read and write
|
||
|
1B6BD5BB000
|
heap
|
page read and write
|
||
|
2390C476000
|
heap
|
page read and write
|
||
|
18971E02000
|
trusted library allocation
|
page read and write
|
||
|
C7E287F000
|
stack
|
page read and write
|
||
|
1B6BCA3C000
|
heap
|
page read and write
|
||
|
7FE91000
|
direct allocation
|
page read and write
|
||
|
7FF79685F000
|
unkown
|
page read and write
|
||
|
1B6BCB02000
|
heap
|
page read and write
|
||
|
214A9650000
|
heap
|
page read and write
|
||
|
24DCBC20000
|
heap
|
page read and write
|
||
|
18971402000
|
heap
|
page read and write
|
||
|
890000
|
heap
|
page read and write
|
||
|
C5C81CF000
|
stack
|
page read and write
|
||
|
17556500000
|
heap
|
page read and write
|
||
|
36BA000
|
direct allocation
|
page read and write
|
||
|
644BFBB000
|
stack
|
page read and write
|
||
|
12DB2453000
|
heap
|
page read and write
|
||
|
7FE7A000
|
direct allocation
|
page read and write
|
||
|
24DCA278000
|
heap
|
page read and write
|
||
|
24DCC04F000
|
heap
|
page read and write
|
||
|
C84000
|
direct allocation
|
page read and write
|
||
|
948000
|
heap
|
page read and write
|
||
|
1B6BD577000
|
heap
|
page read and write
|
||
|
24DCA3A3000
|
heap
|
page read and write
|
||
|
214A9820000
|
heap
|
page read and write
|
||
|
22BF000
|
direct allocation
|
page read and write
|
||
|
36F9000
|
direct allocation
|
page read and write
|
||
|
24DCC030000
|
remote allocation
|
page read and write
|
||
|
552E000
|
stack
|
page read and write
|
||
|
536B000
|
heap
|
page read and write
|
||
|
237C000
|
direct allocation
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
1F1FF54F000
|
heap
|
page read and write
|
||
|
248987C000
|
stack
|
page read and write
|
||
|
B7951FE000
|
stack
|
page read and write
|
||
|
1B6BCA47000
|
heap
|
page read and write
|
||
|
22B0000
|
direct allocation
|
page read and write
|
||
|
7FF796858000
|
unkown
|
page write copy
|
||
|
1E7FB98B000
|
heap
|
page read and write
|
||
|
8B1000
|
heap
|
page read and write
|
||
|
CF7000
|
direct allocation
|
page read and write
|
||
|
1B6BD5D9000
|
heap
|
page read and write
|
||
|
1B6BCA13000
|
heap
|
page read and write
|
||
|
3458000
|
direct allocation
|
page read and write
|
||
|
1B6BD5B2000
|
heap
|
page read and write
|
||
|
236D000
|
direct allocation
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
12DB21A0000
|
heap
|
page read and write
|
||
|
12DB246E000
|
heap
|
page read and write
|
||
|
2390C45A000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
24DCC058000
|
heap
|
page read and write
|
||
|
7FF72BF59000
|
unkown
|
page write copy
|
||
|
12DB2491000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
66B000
|
unkown
|
page write copy
|
||
|
4B7000
|
unkown
|
page read and write
|
||
|
17556380000
|
trusted library allocation
|
page read and write
|
||
|
1B6BD340000
|
remote allocation
|
page read and write
|
||
|
238A000
|
direct allocation
|
page read and write
|
||
|
24DCA475000
|
heap
|
page read and write
|
||
|
931000
|
heap
|
page read and write
|
||
|
B794AFE000
|
stack
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
1F464810000
|
heap
|
page read and write
|
||
|
23F68200000
|
heap
|
page read and write
|
||
|
214A9800000
|
heap
|
page read and write
|
||
|
2BF0000
|
trusted library allocation
|
page read and write
|
||
|
1F1FF390000
|
heap
|
page read and write
|
||
|
3728000
|
direct allocation
|
page read and write
|
||
|
24DCA0D0000
|
heap
|
page read and write
|
||
|
4C0000
|
unkown
|
page read and write
|
||
|
1B6BCA51000
|
heap
|
page read and write
|
||
|
1B6BC970000
|
heap
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
189713F0000
|
heap
|
page read and write
|
||
|
D14000
|
direct allocation
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
D3A000
|
direct allocation
|
page read and write
|
||
|
2390C469000
|
heap
|
page read and write
|
||
|
1ED71F02000
|
heap
|
page read and write
|
||
|
1B6BD59A000
|
heap
|
page read and write
|
||
|
1B6BD5A1000
|
heap
|
page read and write
|
||
|
12DB2D22000
|
heap
|
page read and write
|
||
|
E1307FB000
|
stack
|
page read and write
|
||
|
7FF72BD90000
|
unkown
|
page readonly
|
||
|
12DB2D54000
|
heap
|
page read and write
|
||
|
12DB248A000
|
heap
|
page read and write
|
||
|
24DCA32C000
|
heap
|
page read and write
|
||
|
1B8CBDFE000
|
heap
|
page read and write
|
||
|
1F464A00000
|
heap
|
page read and write
|
||
|
3661000
|
direct allocation
|
page read and write
|
||
|
26C0000
|
direct allocation
|
page read and write
|
||
|
2390C513000
|
heap
|
page read and write
|
||
|
932000
|
heap
|
page read and write
|
||
|
AACC57C000
|
stack
|
page read and write
|
||
|
23F68170000
|
trusted library allocation
|
page read and write
|
||
|
7FE6E000
|
direct allocation
|
page read and write
|
||
|
723427C000
|
stack
|
page read and write
|
||
|
5ED771D000
|
stack
|
page read and write
|
||
|
B7950FE000
|
stack
|
page read and write
|
||
|
2390C45D000
|
heap
|
page read and write
|
||
|
79E000
|
stack
|
page read and write
|
||
|
C7E218B000
|
stack
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
2390C462000
|
heap
|
page read and write
|
||
|
7FE89000
|
direct allocation
|
page read and write
|
||
|
29DADC84000
|
heap
|
page read and write
|
||
|
644CD7F000
|
stack
|
page read and write
|
||
|
1B6BCB16000
|
heap
|
page read and write
|
||
|
17556C02000
|
trusted library allocation
|
page read and write
|
||
|
5E5D7FD000
|
stack
|
page read and write
|
||
|
D7C000
|
direct allocation
|
page read and write
|
||
|
8DC000
|
heap
|
page read and write
|
||
|
65D000
|
unkown
|
page read and write
|
||
|
7FF72BF0B000
|
unkown
|
page readonly
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
7FE71000
|
direct allocation
|
page read and write
|
||
|
29DADC61000
|
heap
|
page read and write
|
||
|
1ED71F00000
|
heap
|
page read and write
|
||
|
8FF2FB000
|
stack
|
page read and write
|
||
|
14E14B5A000
|
heap
|
page read and write
|
||
|
1B6BD5B2000
|
heap
|
page read and write
|
||
|
26AA000
|
direct allocation
|
page read and write
|
||
|
1B6BD58B000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
214A9840000
|
heap
|
page read and write
|
||
|
CE0D07B000
|
stack
|
page read and write
|
||
|
E130D7F000
|
stack
|
page read and write
|
||
|
DB6000
|
heap
|
page read and write
|
||
|
1B6BD56E000
|
heap
|
page read and write
|
||
|
7FF72BF62000
|
unkown
|
page write copy
|
||
|
1E220680000
|
heap
|
page read and write
|
||
|
36D3000
|
direct allocation
|
page read and write
|
||
|
2390C46A000
|
heap
|
page read and write
|
||
|
36E0000
|
direct allocation
|
page read and write
|
||
|
1B6BC9E0000
|
heap
|
page read and write
|
||
|
29DADB50000
|
heap
|
page read and write
|
||
|
2720000
|
direct allocation
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
898000
|
heap
|
page read and write
|
||
|
12DB2429000
|
heap
|
page read and write
|
||
|
2390C45C000
|
heap
|
page read and write
|
||
|
17556452000
|
heap
|
page read and write
|
||
|
5291B0F000
|
stack
|
page read and write
|
||
|
1B6BD5AB000
|
heap
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
3401000
|
heap
|
page read and write
|
||
|
17556400000
|
heap
|
page read and write
|
||
|
670000
|
unkown
|
page readonly
|
||
|
8EC000
|
heap
|
page read and write
|
||
|
214A9802000
|
heap
|
page read and write
|
||
|
14E14D80000
|
heap
|
page read and write
|
||
|
36F0000
|
direct allocation
|
page read and write
|
||
|
24DCC05A000
|
heap
|
page read and write
|
||
|
17556489000
|
heap
|
page read and write
|
||
|
1F1FF540000
|
heap
|
page read and write
|
||
|
371A000
|
direct allocation
|
page read and write
|
||
|
2B56F702000
|
heap
|
page read and write
|
||
|
29DADC74000
|
heap
|
page read and write
|
||
|
12DB2E13000
|
heap
|
page read and write
|
||
|
62CDAFE000
|
stack
|
page read and write
|
||
|
1B6BD577000
|
heap
|
page read and write
|
||
|
AACC47F000
|
stack
|
page read and write
|
||
|
8F6000
|
heap
|
page read and write
|
||
|
1B6BD5B8000
|
heap
|
page read and write
|
||
|
7FF72BF88000
|
unkown
|
page readonly
|
||
|
23F6828A000
|
heap
|
page read and write
|
||
|
36B6000
|
direct allocation
|
page read and write
|
||
|
228B000
|
direct allocation
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
29DADC40000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
1E2208D0000
|
heap
|
page read and write
|
||
|
2260000
|
direct allocation
|
page read and write
|
||
|
8D8000
|
heap
|
page read and write
|
||
|
7FE98000
|
direct allocation
|
page read and write
|
||
|
1755643C000
|
heap
|
page read and write
|
||
|
C6E000
|
direct allocation
|
page read and write
|
||
|
924000
|
heap
|
page read and write
|
||
|
23F6823E000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
12DB2458000
|
heap
|
page read and write
|
||
|
AACC0FC000
|
stack
|
page read and write
|
||
|
1ED71C30000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
C76000
|
direct allocation
|
page read and write
|
||
|
24DCA264000
|
heap
|
page read and write
|
||
|
214A96B0000
|
heap
|
page read and write
|
||
|
B794DF9000
|
stack
|
page read and write
|
||
|
1B6BD59B000
|
heap
|
page read and write
|
||
|
2390C502000
|
heap
|
page read and write
|
||
|
922000
|
heap
|
page read and write
|
||
|
2292000
|
direct allocation
|
page read and write
|
||
|
12DB2513000
|
heap
|
page read and write
|
||
|
1B6BD592000
|
heap
|
page read and write
|
||
|
214A97B0000
|
trusted library allocation
|
page read and write
|
||
|
1B6BD56E000
|
heap
|
page read and write
|
||
|
2348000
|
direct allocation
|
page read and write
|
||
|
29DADC5A000
|
heap
|
page read and write
|
||
|
2489C7C000
|
stack
|
page read and write
|
||
|
95A000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
7FF72BF0B000
|
unkown
|
page readonly
|
||
|
901000
|
heap
|
page read and write
|
||
|
7FBB0000
|
direct allocation
|
page read and write
|
||
|
90F000
|
heap
|
page read and write
|
||
|
1F1FF4E0000
|
heap
|
page read and write
|
||
|
29DADC00000
|
heap
|
page read and write
|
||
|
36E3000
|
direct allocation
|
page read and write
|
||
|
33F0000
|
direct allocation
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
8FED9B000
|
stack
|
page read and write
|
||
|
18971447000
|
heap
|
page read and write
|
||
|
B7953F9000
|
stack
|
page read and write
|
||
|
24DCA271000
|
heap
|
page read and write
|
||
|
1B8CBD20000
|
heap
|
page read and write
|
||
|
78947E000
|
stack
|
page read and write
|
||
|
7C0000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
36E5000
|
direct allocation
|
page read and write
|
||
|
1B6BD5D3000
|
heap
|
page read and write
|
||
|
48E10FF000
|
stack
|
page read and write
|
||
|
55E6000
|
heap
|
page read and write
|
||
|
CE0D67E000
|
stack
|
page read and write
|
||
|
65D000
|
unkown
|
page write copy
|
||
|
24DCC064000
|
heap
|
page read and write
|
||
|
26B8000
|
direct allocation
|
page read and write
|
||
|
12DB2D6F000
|
heap
|
page read and write
|
||
|
2489CF9000
|
stack
|
page read and write
|
||
|
7FF72BF62000
|
unkown
|
page write copy
|
||
|
902000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
B7954FF000
|
stack
|
page read and write
|
||
|
12DB2E27000
|
heap
|
page read and write
|
||
|
29DADC55000
|
heap
|
page read and write
|
||
|
12DB246B000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
5E5D6FE000
|
stack
|
page read and write
|
||
|
24DCC062000
|
heap
|
page read and write
|
||
|
D83000
|
direct allocation
|
page read and write
|
||
|
929000
|
heap
|
page read and write
|
||
|
924000
|
heap
|
page read and write
|
||
|
C7D000
|
direct allocation
|
page read and write
|
||
|
24DCA26A000
|
heap
|
page read and write
|
||
|
1F464B13000
|
heap
|
page read and write
|
||
|
45AB4FD000
|
stack
|
page read and write
|
||
|
33F0000
|
direct allocation
|
page read and write
|
||
|
1B6BD5BB000
|
heap
|
page read and write
|
||
|
23F680E0000
|
heap
|
page read and write
|
||
|
29DADC60000
|
heap
|
page read and write
|
||
|
C5C847F000
|
stack
|
page read and write
|
||
|
954000
|
heap
|
page read and write
|
||
|
1B8CD873000
|
heap
|
page read and write
|
||
|
1B8CC005000
|
heap
|
page read and write
|
||
|
90E000
|
heap
|
page read and write
|
||
|
83841BB000
|
stack
|
page read and write
|
||
|
12DB258E000
|
heap
|
page read and write
|
||
|
12DB2200000
|
heap
|
page read and write
|
||
|
345B000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
AACC37D000
|
stack
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
2489DFF000
|
stack
|
page read and write
|
||
|
2B56F628000
|
heap
|
page read and write
|
||
|
1B6BCA49000
|
heap
|
page read and write
|
||
|
8C1000
|
heap
|
page read and write
|
||
|
24DCC030000
|
remote allocation
|
page read and write
|
||
|
2B56F668000
|
heap
|
page read and write
|
||
|
2710000
|
direct allocation
|
page read and write
|
||
|
2733000
|
heap
|
page read and write
|
||
|
3405000
|
heap
|
page read and write
|
||
|
921000
|
heap
|
page read and write
|
||
|
5291FFD000
|
stack
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
55E1000
|
heap
|
page read and write
|
||
|
24DCA230000
|
heap
|
page read and write
|
||
|
278A000
|
direct allocation
|
page read and write
|
||
|
2390C2F0000
|
heap
|
page read and write
|
||
|
1B6BCA50000
|
heap
|
page read and write
|
||
|
24A3F290000
|
heap
|
page read and write
|
||
|
8FC000
|
heap
|
page read and write
|
||
|
91D000
|
heap
|
page read and write
|
||
|
8B8000
|
heap
|
page read and write
|
||
|
37D0000
|
direct allocation
|
page read and write
|
||
|
7FE9F000
|
direct allocation
|
page read and write
|
||
|
8FF6FF000
|
stack
|
page read and write
|
||
|
2B56F600000
|
heap
|
page read and write
|
||
|
1F1FF536000
|
heap
|
page read and write
|
||
|
18971437000
|
heap
|
page read and write
|
||
|
1B6BDA18000
|
heap
|
page read and write
|
||
|
1B6BCAE7000
|
heap
|
page read and write
|
||
|
4B7000
|
unkown
|
page write copy
|
||
|
AACC27B000
|
stack
|
page read and write
|
||
|
7FE81000
|
direct allocation
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
24DCA3A0000
|
heap
|
page read and write
|
||
|
D06000
|
direct allocation
|
page read and write
|
||
|
29DADBF0000
|
trusted library allocation
|
page read and write
|
||
|
17556424000
|
heap
|
page read and write
|
||
|
347A000
|
direct allocation
|
page read and write
|
||
|
8F6000
|
heap
|
page read and write
|
||
|
24DCA32A000
|
heap
|
page read and write
|
||
|
12DB2300000
|
trusted library allocation
|
page read and write
|
||
|
2390C350000
|
heap
|
page read and write
|
||
|
2B56F63D000
|
heap
|
page read and write
|
||
|
1B8CBDF7000
|
heap
|
page read and write
|
||
|
83848FD000
|
stack
|
page read and write
|
||
|
14E14AC0000
|
heap
|
page read and write
|
||
|
1B6BD586000
|
heap
|
page read and write
|
||
|
723447F000
|
stack
|
page read and write
|
||
|
8B3000
|
heap
|
page read and write
|
||
|
2390C508000
|
heap
|
page read and write
|
||
|
2489FFE000
|
stack
|
page read and write
|
||
|
24A3F2B0000
|
heap
|
page read and write
|
||
|
2B56F602000
|
heap
|
page read and write
|
||
|
29DADC57000
|
heap
|
page read and write
|
||
|
1B6BD340000
|
remote allocation
|
page read and write
|
||
|
8E0000
|
heap
|
page read and write
|
||
|
29DADC42000
|
heap
|
page read and write
|
||
|
62CD35C000
|
stack
|
page read and write
|
||
|
1E7FB890000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
3C10000
|
direct allocation
|
page read and write
|
||
|
8FF0FF000
|
stack
|
page read and write
|
||
|
7FE76000
|
direct allocation
|
page read and write
|
||
|
3455000
|
direct allocation
|
page read and write
|
||
|
1755647D000
|
heap
|
page read and write
|
||
|
7FE61000
|
direct allocation
|
page read and write
|
||
|
18971456000
|
heap
|
page read and write
|
||
|
7FF796864000
|
unkown
|
page read and write
|
||
|
AACC67F000
|
stack
|
page read and write
|
||
|
2390C481000
|
heap
|
page read and write
|
||
|
29DADB60000
|
heap
|
page read and write
|
||
|
723487A000
|
stack
|
page read and write
|
||
|
8FF5FC000
|
stack
|
page read and write
|
||
|
1E220650000
|
heap
|
page read and write
|
||
|
1B6BD59C000
|
heap
|
page read and write
|
||
|
12DB2DAE000
|
heap
|
page read and write
|
||
|
C5C814D000
|
stack
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
789BF8000
|
stack
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
1B6BD5A0000
|
heap
|
page read and write
|
||
|
92B000
|
heap
|
page read and write
|
||
|
E130A7E000
|
stack
|
page read and write
|
||
|
3470000
|
direct allocation
|
page read and write
|
||
|
1B6BD5C0000
|
heap
|
page read and write
|
||
|
17556460000
|
heap
|
page read and write
|
||
|
94000
|
stack
|
page read and write
|
||
|
1ED72602000
|
trusted library allocation
|
page read and write
|
||
|
1ED71E3C000
|
heap
|
page read and write
|
||
|
3721000
|
direct allocation
|
page read and write
|
||
|
7FF796837000
|
unkown
|
page readonly
|
||
|
1B6BD58B000
|
heap
|
page read and write
|
||
|
48E15F7000
|
stack
|
page read and write
|
||
|
D2B000
|
direct allocation
|
page read and write
|
||
|
1ED71E4C000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
1B6BCADC000
|
heap
|
page read and write
|
||
|
93B000
|
heap
|
page read and write
|
||
|
2797000
|
direct allocation
|
page read and write
|
||
|
AACC07F000
|
stack
|
page read and write
|
||
|
B7955FF000
|
stack
|
page read and write
|
||
|
8EC000
|
heap
|
page read and write
|
||
|
1ED71E67000
|
heap
|
page read and write
|
||
|
1ED71E76000
|
heap
|
page read and write
|
||
|
E130AFE000
|
stack
|
page read and write
|
||
|
24DCA2E8000
|
heap
|
page read and write
|
||
|
1ED71E13000
|
heap
|
page read and write
|
||
|
6CF000
|
unkown
|
page readonly
|
||
|
4C2000
|
unkown
|
page write copy
|
||
|
959000
|
heap
|
page read and write
|
||
|
18971400000
|
heap
|
page read and write
|
||
|
1B6BD5A4000
|
heap
|
page read and write
|
||
|
23F68302000
|
heap
|
page read and write
|
||
|
1B6BCAA7000
|
heap
|
page read and write
|
||
|
24DCA470000
|
heap
|
page read and write
|
||
|
23F680D0000
|
heap
|
page read and write
|
||
|
36DD000
|
direct allocation
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
7FE6C000
|
direct allocation
|
page read and write
|
||
|
1B6BD5C6000
|
heap
|
page read and write
|
||
|
1897143E000
|
heap
|
page read and write
|
||
|
8BA000
|
heap
|
page read and write
|
||
|
1B8CBD90000
|
heap
|
page read and write
|
||
|
D03000
|
direct allocation
|
page read and write
|
||
|
8F7000
|
heap
|
page read and write
|
||
|
B7949FE000
|
stack
|
page read and write
|
||
|
59AF000
|
stack
|
page read and write
|
||
|
7FF7967A0000
|
unkown
|
page readonly
|
||
|
29DADD02000
|
heap
|
page read and write
|
||
|
8FF4FF000
|
stack
|
page read and write
|
||
|
26B1000
|
direct allocation
|
page read and write
|
||
|
48E107B000
|
stack
|
page read and write
|
||
|
644CA7F000
|
stack
|
page read and write
|
||
|
723477F000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2B56F679000
|
heap
|
page read and write
|
||
|
3477000
|
direct allocation
|
page read and write
|
||
|
2390CE02000
|
trusted library allocation
|
page read and write
|
||
|
34A4000
|
direct allocation
|
page read and write
|
||
|
789777000
|
stack
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
29DADC56000
|
heap
|
page read and write
|
||
|
65E000
|
stack
|
page read and write
|
||
|
2383000
|
direct allocation
|
page read and write
|
||
|
536B000
|
heap
|
page read and write
|
||
|
8CC000
|
heap
|
page read and write
|
||
|
1B6BD5A5000
|
heap
|
page read and write
|
||
|
3475000
|
direct allocation
|
page read and write
|
||
|
517000
|
unkown
|
page readonly
|
||
|
1F1FF4C0000
|
heap
|
page read and write
|
||
|
1ED71BD0000
|
heap
|
page read and write
|
||
|
DB9000
|
heap
|
page read and write
|
||
|
8DE000
|
stack
|
page read and write
|
||
|
690000
|
heap
|
page read and write
|
||
|
62CDEFE000
|
stack
|
page read and write
|
||
|
24DCA272000
|
heap
|
page read and write
|
||
|
789AF8000
|
stack
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
29DADC41000
|
heap
|
page read and write
|
||
|
533000
|
unkown
|
page readonly
|
||
|
2390C466000
|
heap
|
page read and write
|
||
|
521000
|
unkown
|
page readonly
|
||
|
944000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
29DADC62000
|
heap
|
page read and write
|
||
|
1B6BD5D9000
|
heap
|
page read and write
|
||
|
D0D000
|
direct allocation
|
page read and write
|
||
|
231C000
|
direct allocation
|
page read and write
|
||
|
1B6BD58C000
|
heap
|
page read and write
|
||
|
915000
|
heap
|
page read and write
|
||
|
12DB2E00000
|
heap
|
page read and write
|
||
|
1B6BD552000
|
heap
|
page read and write
|
||
|
7FF72BF5A000
|
unkown
|
page write copy
|
||
|
8BC000
|
heap
|
page read and write
|
||
|
29DADC64000
|
heap
|
page read and write
|
||
|
924000
|
heap
|
page read and write
|
||
|
1F1FF55E000
|
heap
|
page read and write
|
||
|
1ED71D30000
|
trusted library allocation
|
page read and write
|
||
|
233A000
|
direct allocation
|
page read and write
|
||
|
8CD000
|
heap
|
page read and write
|
||
|
90F000
|
heap
|
page read and write
|
||
|
1B6BD402000
|
heap
|
page read and write
|
||
|
12DB2D02000
|
heap
|
page read and write
|
||
|
1B6BCAEA000
|
heap
|
page read and write
|
||
|
17556413000
|
heap
|
page read and write
|
||
|
1F1FF6C0000
|
heap
|
page read and write
|
||
|
1B6BD585000
|
heap
|
page read and write
|
||
|
12DB248D000
|
heap
|
page read and write
|
||
|
7FF72BF6A000
|
unkown
|
page read and write
|
||
|
29DADC6F000
|
heap
|
page read and write
|
||
|
2390C413000
|
heap
|
page read and write
|
||
|
2390C400000
|
heap
|
page read and write
|
||
|
2B56F700000
|
heap
|
page read and write
|
||
|
D74000
|
direct allocation
|
page read and write
|
||
|
1B6BCAA8000
|
heap
|
page read and write
|
||
|
8FA000
|
heap
|
page read and write
|
||
|
1B6BD591000
|
heap
|
page read and write
|
||
|
7FF796867000
|
unkown
|
page readonly
|
||
|
541000
|
unkown
|
page readonly
|
||
|
45AB57F000
|
stack
|
page read and write
|
||
|
92A000
|
heap
|
page read and write
|
||
|
17556210000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
7FF72BF0B000
|
unkown
|
page readonly
|
||
|
22A1000
|
direct allocation
|
page read and write
|
||
|
7FF72BD91000
|
unkown
|
page execute read
|
||
|
24DCC030000
|
heap
|
page read and write
|
||
|
D1C000
|
direct allocation
|
page read and write
|
||
|
1B6BD58A000
|
heap
|
page read and write
|
||
|
1B6BD518000
|
heap
|
page read and write
|
||
|
C7E297E000
|
stack
|
page read and write
|
||
|
2391000
|
direct allocation
|
page read and write
|
||
|
8384BFE000
|
stack
|
page read and write
|
||
|
23F682CA000
|
heap
|
page read and write
|
||
|
29DADC7E000
|
heap
|
page read and write
|
||
|
1F464A41000
|
heap
|
page read and write
|
||
|
22B8000
|
direct allocation
|
page read and write
|
||
|
1B6BD58F000
|
heap
|
page read and write
|
||
|
8F7000
|
heap
|
page read and write
|
||
|
8384A7D000
|
stack
|
page read and write
|
||
|
1B6BCA53000
|
heap
|
page read and write
|
||
|
5300000
|
heap
|
page read and write
|
||
|
B794EFE000
|
stack
|
page read and write
|
||
|
7FF72BF6A000
|
unkown
|
page read and write
|
||
|
24DCA32A000
|
heap
|
page read and write
|
||
|
2390C43C000
|
heap
|
page read and write
|
||
|
24DCA32C000
|
heap
|
page read and write
|
||
|
7FF796867000
|
unkown
|
page readonly
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
18971429000
|
heap
|
page read and write
|
||
|
1B6BCA57000
|
heap
|
page read and write
|
||
|
1B6BD55C000
|
heap
|
page read and write
|
||
|
29DADC75000
|
heap
|
page read and write
|
||
|
14E14980000
|
heap
|
page read and write
|
||
|
348B000
|
direct allocation
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
24DCC056000
|
heap
|
page read and write
|
||
|
2B56F570000
|
trusted library allocation
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
D91000
|
direct allocation
|
page read and write
|
||
|
E130E7E000
|
stack
|
page read and write
|
||
|
1ED71E51000
|
heap
|
page read and write
|
||
|
1755645C000
|
heap
|
page read and write
|
||
|
AACB99B000
|
stack
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
1B6BD585000
|
heap
|
page read and write
|
||
|
12DB2443000
|
heap
|
page read and write
|
||
|
24DCC050000
|
heap
|
page read and write
|
||
|
1F1FF54F000
|
heap
|
page read and write
|
||
|
668000
|
unkown
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
1F464A5B000
|
heap
|
page read and write
|
||
|
1F1FF55E000
|
heap
|
page read and write
|
||
|
78927E000
|
stack
|
page read and write
|
||
|
214A9902000
|
heap
|
page read and write
|
||
|
22A9000
|
direct allocation
|
page read and write
|
||
|
2390C2E0000
|
heap
|
page read and write
|
||
|
1B8CD880000
|
heap
|
page read and write
|
||
|
12DB243C000
|
heap
|
page read and write
|
||
|
22C6000
|
direct allocation
|
page read and write
|
||
|
24899FF000
|
stack
|
page read and write
|
||
|
D6D000
|
direct allocation
|
page read and write
|
||
|
2390C459000
|
heap
|
page read and write
|
||
|
1B6BD588000
|
heap
|
page read and write
|
||
|
2B56F613000
|
heap
|
page read and write
|
||
|
48E16FF000
|
stack
|
page read and write
|
||
|
29DADC58000
|
heap
|
page read and write
|
||
|
7FF72BF88000
|
unkown
|
page readonly
|
||
|
1B6BCA00000
|
heap
|
page read and write
|
||
|
23F68140000
|
heap
|
page read and write
|
||
|
8C7000
|
heap
|
page read and write
|
||
|
24DCC030000
|
remote allocation
|
page read and write
|
||
|
23F682E2000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
1B6BCA58000
|
heap
|
page read and write
|
||
|
1B6BCA81000
|
heap
|
page read and write
|
||
|
366A000
|
direct allocation
|
page read and write
|
||
|
4C6000
|
unkown
|
page readonly
|
||
|
C7E27F7000
|
stack
|
page read and write
|
||
|
90C000
|
heap
|
page read and write
|
||
|
1B8CBDFB000
|
heap
|
page read and write
|
||
|
7FF72BD90000
|
unkown
|
page readonly
|
||
|
7FF72BF85000
|
unkown
|
page read and write
|
||
|
1B6BD586000
|
heap
|
page read and write
|
||
|
1B6BD5D9000
|
heap
|
page read and write
|
||
|
214AA002000
|
trusted library allocation
|
page read and write
|
||
|
2267000
|
direct allocation
|
page read and write
|
||
|
1B6BD5BA000
|
heap
|
page read and write
|
||
|
12DB2C02000
|
heap
|
page read and write
|
||
|
1755647D000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
789CFE000
|
stack
|
page read and write
|
||
|
1B6BD577000
|
heap
|
page read and write
|
||
|
5291EFA000
|
stack
|
page read and write
|
||
|
74E000
|
stack
|
page read and write
|
||
|
2B56F410000
|
heap
|
page read and write
|
||
|
1F1FF532000
|
heap
|
page read and write
|
||
|
C67000
|
direct allocation
|
page read and write
|
||
|
7FF72BD91000
|
unkown
|
page execute read
|
||
|
1B6BDA02000
|
heap
|
page read and write
|
||
|
1F464B02000
|
heap
|
page read and write
|
||
|
1B6BD59A000
|
heap
|
page read and write
|
||
|
1B6BD56F000
|
heap
|
page read and write
|
||
|
79F000
|
stack
|
page read and write
|
||
|
C60000
|
direct allocation
|
page read and write
|
||
|
1B6BCAC6000
|
heap
|
page read and write
|
||
|
48E14FC000
|
stack
|
page read and write
|
||
|
1B6BD56E000
|
heap
|
page read and write
|
||
|
1B6BCABF000
|
heap
|
page read and write
|
||
|
214A9829000
|
heap
|
page read and write
|
||
|
1B6BD591000
|
heap
|
page read and write
|
||
|
CE0D37B000
|
stack
|
page read and write
|
||
|
5301000
|
heap
|
page read and write
|
||
|
2B56F726000
|
heap
|
page read and write
|
||
|
18D000
|
stack
|
page read and write
|
||
|
922000
|
heap
|
page read and write
|
||
|
3467000
|
direct allocation
|
page read and write
|
||
|
723457A000
|
stack
|
page read and write
|
||
|
277B000
|
direct allocation
|
page read and write
|
||
|
1F1FF537000
|
heap
|
page read and write
|
||
|
94C000
|
heap
|
page read and write
|
||
|
4FE000
|
unkown
|
page readonly
|
||
|
907000
|
heap
|
page read and write
|
||
|
1F464910000
|
trusted library allocation
|
page read and write
|
||
|
1B6BD58F000
|
heap
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
1B6BDA00000
|
heap
|
page read and write
|
||
|
7FE83000
|
direct allocation
|
page read and write
|
||
|
62CDDFE000
|
stack
|
page read and write
|
||
|
D66000
|
direct allocation
|
page read and write
|
||
|
346E000
|
direct allocation
|
page read and write
|
||
|
1F1FF546000
|
heap
|
page read and write
|
||
|
B5F000
|
stack
|
page read and write
|
||
|
7FF72BF88000
|
unkown
|
page readonly
|
||
|
1B6BD59F000
|
heap
|
page read and write
|
||
|
1B6BD56F000
|
heap
|
page read and write
|
||
|
C5F000
|
stack
|
page read and write
|
||
|
1B6BCB08000
|
heap
|
page read and write
|
||
|
24DCC05C000
|
heap
|
page read and write
|
||
|
1F464A02000
|
heap
|
page read and write
|
||
|
214A97E0000
|
remote allocation
|
page read and write
|
||
|
1B6BD590000
|
heap
|
page read and write
|
||
|
2390C463000
|
heap
|
page read and write
|
||
|
214A97E0000
|
remote allocation
|
page read and write
|
||
|
1B6BD587000
|
heap
|
page read and write
|
||
|
915000
|
heap
|
page read and write
|
||
|
65F000
|
unkown
|
page read and write
|
||
|
1B6BD598000
|
heap
|
page read and write
|
||
|
93E000
|
heap
|
page read and write
|
||
|
556E000
|
stack
|
page read and write
|
||
|
24A3F2BA000
|
heap
|
page read and write
|
||
|
1B6BD59A000
|
heap
|
page read and write
|
||
|
2284000
|
direct allocation
|
page read and write
|
||
|
1ED71E82000
|
heap
|
page read and write
|
||
|
1ED71E29000
|
heap
|
page read and write
|
||
|
1E220689000
|
heap
|
page read and write
|
||
|
214A985C000
|
heap
|
page read and write
|
||
|
29DADC34000
|
heap
|
page read and write
|
||
|
CF0000
|
direct allocation
|
page read and write
|
||
|
12DB25E5000
|
heap
|
page read and write
|
||
|
1B6BD5A1000
|
heap
|
page read and write
|
||
|
29DADC65000
|
heap
|
page read and write
|
||
|
23F68C02000
|
heap
|
page read and write
|
||
|
7FF72BF59000
|
unkown
|
page read and write
|
||
|
7892FF000
|
stack
|
page read and write
|
||
|
1B6BCA29000
|
heap
|
page read and write
|
||
|
23F68213000
|
heap
|
page read and write
|
||
|
1ED71E00000
|
heap
|
page read and write
|
||
|
D58000
|
direct allocation
|
page read and write
|
||
|
1B6BD280000
|
trusted library allocation
|
page read and write
|
||
|
1B6BDA18000
|
heap
|
page read and write
|
||
|
23F68313000
|
heap
|
page read and write
|
||
|
1B6BD585000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
12DB2400000
|
heap
|
page read and write
|
||
|
959000
|
heap
|
page read and write
|
||
|
1B6BD57F000
|
heap
|
page read and write
|
||
|
1ED71F13000
|
heap
|
page read and write
|
||
|
1B8CBDC8000
|
heap
|
page read and write
|
||
|
7FF72BD91000
|
unkown
|
page execute read
|
||
|
2374000
|
direct allocation
|
page read and write
|
||
|
7FE67000
|
direct allocation
|
page read and write
|
||
|
D98000
|
direct allocation
|
page read and write
|
||
|
36D5000
|
direct allocation
|
page read and write
|
||
|
3496000
|
direct allocation
|
page read and write
|
||
|
723467C000
|
stack
|
page read and write
|
||
|
C7E24FE000
|
stack
|
page read and write
|
||
|
29DADC13000
|
heap
|
page read and write
|
||
|
1F1FF52B000
|
heap
|
page read and write
|
||
|
644CB7E000
|
stack
|
page read and write
|
||
|
1B6BCA70000
|
heap
|
page read and write
|
||
|
2276000
|
direct allocation
|
page read and write
|
||
|
12DB2DBE000
|
heap
|
page read and write
|
||
|
3704000
|
direct allocation
|
page read and write
|
||
|
7FF7967A1000
|
unkown
|
page execute read
|
||
|
1ED71E71000
|
heap
|
page read and write
|
||
|
48E13FB000
|
stack
|
page read and write
|
||
|
12DB2D43000
|
heap
|
page read and write
|
||
|
1897142F000
|
heap
|
page read and write
|
||
|
48E12FF000
|
stack
|
page read and write
|
||
|
7FF72BD90000
|
unkown
|
page readonly
|
||
|
341C000
|
heap
|
page read and write
|
||
|
29DADC6A000
|
heap
|
page read and write
|
||
|
7FE5E000
|
direct allocation
|
page read and write
|
||
|
5339000
|
heap
|
page read and write
|
||
|
2390C500000
|
heap
|
page read and write
|
||
|
1F4647B0000
|
heap
|
page read and write
|
||
|
29DADC67000
|
heap
|
page read and write
|
||
|
29DADC59000
|
heap
|
page read and write
|
||
|
29DADC29000
|
heap
|
page read and write
|
||
|
1B6BD340000
|
remote allocation
|
page read and write
|
||
|
800000
|
heap
|
page read and write
|
||
|
2B56F654000
|
heap
|
page read and write
|
||
|
17556220000
|
heap
|
page read and write
|
||
|
7FF796857000
|
unkown
|
page write copy
|
||
|
1B6BD589000
|
heap
|
page read and write
|
||
|
1B8CBF90000
|
heap
|
page read and write
|
||
|
7FF72BF5A000
|
unkown
|
page write copy
|
||
|
1B6BCAD3000
|
heap
|
page read and write
|
||
|
B7952F9000
|
stack
|
page read and write
|
||
|
1B6BCA4A000
|
heap
|
page read and write
|
||
|
907000
|
heap
|
page read and write
|
||
|
24DCA330000
|
heap
|
page read and write
|
||
|
644C87D000
|
stack
|
page read and write
|
||
|
94C000
|
heap
|
page read and write
|
||
|
95B000
|
heap
|
page read and write
|
||
|
1B6BCA7B000
|
heap
|
page read and write
|
||
|
7FF796857000
|
unkown
|
page read and write
|
||
|
3426000
|
heap
|
page read and write
|
||
|
838467F000
|
stack
|
page read and write
|
||
|
8C8000
|
heap
|
page read and write
|
||
|
938000
|
heap
|
page read and write
|
||
|
55DF000
|
heap
|
page read and write
|
||
|
1F1FF520000
|
heap
|
page read and write
|
||
|
1B6BD58B000
|
heap
|
page read and write
|
||
|
1E7FB750000
|
heap
|
page read and write
|
||
|
2398000
|
direct allocation
|
page read and write
|
||
|
D32000
|
direct allocation
|
page read and write
|
||
|
B794CFE000
|
stack
|
page read and write
|
||
|
24DCA2E3000
|
heap
|
page read and write
|
||
|
23F682CC000
|
heap
|
page read and write
|
||
|
62CD8FD000
|
stack
|
page read and write
|
||
|
1ED71E67000
|
heap
|
page read and write
|
||
|
2390C464000
|
heap
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
29DADC7D000
|
heap
|
page read and write
|
||
|
55DF000
|
heap
|
page read and write
|
||
|
18971413000
|
heap
|
page read and write
|
||
|
1B6BCAD8000
|
heap
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
6B7000
|
unkown
|
page readonly
|
||
|
48E117F000
|
stack
|
page read and write
|
||
|
4B9000
|
unkown
|
page read and write
|
||
|
2489B7F000
|
stack
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
2BE0000
|
heap
|
page read and write
|
||
|
8D8000
|
heap
|
page read and write
|
||
|
367F000
|
direct allocation
|
page read and write
|
||
|
18971C90000
|
trusted library allocation
|
page read and write
|
||
|
1B6BD589000
|
heap
|
page read and write
|
||
|
62CDCFF000
|
stack
|
page read and write
|
||
|
7C4000
|
heap
|
page read and write
|
||
|
7FF72BF62000
|
unkown
|
page write copy
|
There are 1038 hidden memdumps, click here to show them.