IOC Report
01860199.exe

loading gif

Files

File Path
Type
Category
Malicious
01860199.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
 malicious
C:\Users\user\AppData\Local\0e111cbe-1163-4b86-ad03-032e194ee525\build2.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\0e111cbe-1163-4b86-ad03-032e194ee525\build3.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\build2[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\build3[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\cred64[1].dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\388B.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\3C54.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\3E02.exe
PE32 executable (GUI) Intel 80386, for MS Windows
modified
 malicious
C:\Users\user\AppData\Local\Temp\57DC.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\5DA0.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\673.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\6FA9.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\6d73a97b0c\mnolyk.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\913F.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\9F31.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\A170.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\A3D5.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\B46F.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\B8C8.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\BC2.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\C861.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\CBE6.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\D689.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\D804.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\EA44.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\F4F7.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\NewPlayer.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\XandETC.exe
PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\aafg31.exe
PE32+ executable (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\de8c49a6-0e90-48ec-87c8-3cd1f6f0601e\D804.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\07c6bc37dc5087\cred64.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\Microsoft\Network\mstsca.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\ewgujdv
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\hwgujdv
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\hwgujdv:Zone.Identifier
ASCII text, with CRLF line terminators
dropped
 malicious
C:\Users\user\Desktop\CZQKSDDMWR.png
data
dropped
 malicious
C:\Users\user\Desktop\HMPPSXQPQV.png
data
dropped
 malicious
C:\Users\user\Desktop\NWCXBPIUYI.jpg
data
dropped
 malicious
C:\Users\user\Downloads\ChromeSetup.exe
MS-DOS executable
dropped
 malicious
C:\Users\user\Downloads\ChromeSetup.exe.vapo (copy)
MS-DOS executable
dropped
 malicious
C:\Users\user\_readme.txt
ASCII text, with CRLF line terminators
dropped
 malicious
C:\_readme.txt
ASCII text, with CRLF line terminators
dropped
 malicious
C:\ProgramData\02562567454920506534245398
SQLite 3.x database, last written using SQLite version 3038005, file counter 7, database pages 36, 1st free page 10, free pages 1, cookie 0x29, schema 4, UTF-8, version-valid-for 7
dropped
C:\ProgramData\24693879337469440987379525
SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 4, database pages 45, cookie 0x3d, schema 4, UTF-8, version-valid-for 4
dropped
C:\ProgramData\39571994840354560723794613
SQLite 3.x database, last written using SQLite version 3038005, file counter 17, database pages 7, 1st free page 5, free pages 2, cookie 0x13, schema 4, UTF-8, version-valid-for 17
dropped
C:\ProgramData\61788534741070885639801227
SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 2, database pages 23, cookie 0x19, schema 4, UTF-8, version-valid-for 2
dropped
C:\ProgramData\68933564346194372112252072
SQLite 3.x database, last written using SQLite version 3038005, page size 2048, file counter 4, database pages 45, cookie 0x3d, schema 4, UTF-8, version-valid-for 4
dropped
C:\ProgramData\95239249759806897874806564
SQLite 3.x database, last written using SQLite version 3038005, file counter 7, database pages 36, 1st free page 10, free pages 1, cookie 0x29, schema 4, UTF-8, version-valid-for 7
dropped
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_C861.exe_ee73edd8fcc59e6e41b76bbadce78e8978345d94_81c5b0e7_15ae9ed9\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8517.tmp.dmp
Mini DuMP crash report, 14 streams, Sun May 28 17:42:40 2023, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8670.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER86DE.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\SystemID\PersonalID.txt
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old
data
modified
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG.old.vapo (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\2EM0SFDW\www.msn[1].xml
data
dropped
C:\Users\user\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\2EM0SFDW\www.msn[1].xml.vapo (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\NJ1L9FBN\www.google[1].xml
data
dropped
C:\Users\user\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\NJ1L9FBN\www.google[1].xml.vapo (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\WP4N5YVD\contextual.media[1].xml
data
dropped
C:\Users\user\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\WP4N5YVD\contextual.media[1].xml.vapo (copy)
data
dropped
C:\Users\user\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\YU3ONM33\www.microsoft[1].xml
data
dropped
C:\Users\user\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\YU3ONM33\www.microsoft[1].xml.vapo (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\3C54.exe.log
CSV text
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\get[1].htm
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\image[1].jpg
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x1440, components 3
dropped
C:\Users\user\AppData\Local\Temp\853321935212
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1280x1024, components 3
dropped
C:\Users\user\AppData\Local\bowsakkdestx.txt
JSON data
dropped
C:\Users\user\AppData\Roaming\07c6bc37dc5087\clip64.dll
HTML document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\Desktop\CZQKSDDMWR.png.vapo (copy)
data
dropped
C:\Users\user\Desktop\GLTYDMDUST.mp3
data
dropped
C:\Users\user\Desktop\GLTYDMDUST.mp3.vapo (copy)
data
dropped
C:\Users\user\Desktop\GLTYDMDUST.pdf
data
dropped
C:\Users\user\Desktop\GLTYDMDUST.pdf.vapo (copy)
data
dropped
C:\Users\user\Desktop\GLTYDMDUST.xlsx
data
dropped
C:\Users\user\Desktop\GLTYDMDUST.xlsx.vapo (copy)
data
dropped
C:\Users\user\Desktop\GNLQNHOLWB.mp3
data
dropped
C:\Users\user\Desktop\GNLQNHOLWB.mp3.vapo (copy)
data
dropped
C:\Users\user\Desktop\HMPPSXQPQV.png.vapo (copy)
data
dropped
C:\Users\user\Desktop\HQJBRDYKDE.jpg
data
dropped
C:\Users\user\Desktop\HQJBRDYKDE.jpg.vapo (copy)
data
dropped
C:\Users\user\Desktop\LFOPODGVOH.jpg
data
dropped
C:\Users\user\Desktop\LFOPODGVOH.jpg.vapo (copy)
data
dropped
C:\Users\user\Desktop\LFOPODGVOH.xlsx
data
dropped
C:\Users\user\Desktop\LFOPODGVOH.xlsx.vapo (copy)
data
dropped
C:\Users\user\Desktop\LHEPQPGEWF.mp3
data
dropped
C:\Users\user\Desktop\LHEPQPGEWF.mp3.vapo (copy)
data
dropped
C:\Users\user\Desktop\LIJDSFKJZG.pdf
data
dropped
C:\Users\user\Desktop\LIJDSFKJZG.pdf.vapo (copy)
data
dropped
C:\Users\user\Desktop\NIRMEKAMZH.png
data
dropped
C:\Users\user\Desktop\NIRMEKAMZH.png.vapo (copy)
data
dropped
C:\Users\user\Desktop\NWCXBPIUYI.docx
data
dropped
C:\Users\user\Desktop\NWCXBPIUYI.docx.vapo (copy)
data
dropped
C:\Users\user\Desktop\NWCXBPIUYI.jpg.vapo (copy)
data
dropped
C:\Users\user\Desktop\NWCXBPIUYI.xlsx
data
dropped
C:\Users\user\Desktop\NWCXBPIUYI.xlsx.vapo (copy)
data
dropped
C:\Users\user\Desktop\NWCXBPIUYI\GNLQNHOLWB.mp3
data
dropped
C:\Users\user\Desktop\NWCXBPIUYI\GNLQNHOLWB.mp3.vapo (copy)
data
dropped
C:\Users\user\Desktop\NWCXBPIUYI\HQJBRDYKDE.jpg
data
dropped
C:\Users\user\Desktop\NWCXBPIUYI\HQJBRDYKDE.jpg.vapo (copy)
data
dropped
C:\Users\user\Desktop\NWCXBPIUYI\LFOPODGVOH.xlsx
data
dropped
C:\Users\user\Desktop\NWCXBPIUYI\LFOPODGVOH.xlsx.vapo (copy)
data
dropped
C:\Users\user\Desktop\NWCXBPIUYI\NIRMEKAMZH.png
data
dropped
C:\Users\user\Desktop\NWCXBPIUYI\NIRMEKAMZH.png.vapo (copy)
data
dropped
C:\Users\user\Desktop\NWCXBPIUYI\NWCXBPIUYI.docx
data
dropped
C:\Users\user\Desktop\NWCXBPIUYI\NWCXBPIUYI.docx.vapo (copy)
data
dropped
C:\Users\user\Desktop\NWCXBPIUYI\VWDFPKGDUF.pdf
data
dropped
C:\Users\user\Desktop\NWCXBPIUYI\VWDFPKGDUF.pdf.vapo (copy)
data
dropped
C:\Users\user\Desktop\NYMMPCEIMA.docx
data
dropped
C:\Users\user\Desktop\NYMMPCEIMA.docx.vapo (copy)
data
dropped
C:\Users\user\Desktop\NYMMPCEIMA.xlsx
data
dropped
C:\Users\user\Desktop\NYMMPCEIMA.xlsx.vapo (copy)
data
dropped
C:\Users\user\Desktop\NYMMPCEIMA\GLTYDMDUST.pdf
data
dropped
C:\Users\user\Desktop\NYMMPCEIMA\GLTYDMDUST.pdf.vapo (copy)
data
dropped
C:\Users\user\Desktop\NYMMPCEIMA\HMPPSXQPQV.png
data
dropped
C:\Users\user\Desktop\NYMMPCEIMA\HMPPSXQPQV.png.vapo (copy)
data
dropped
C:\Users\user\Desktop\NYMMPCEIMA\LFOPODGVOH.jpg
data
dropped
C:\Users\user\Desktop\NYMMPCEIMA\LFOPODGVOH.jpg.vapo (copy)
data
dropped
C:\Users\user\Desktop\NYMMPCEIMA\NWCXBPIUYI.xlsx
data
dropped
C:\Users\user\Desktop\NYMMPCEIMA\NWCXBPIUYI.xlsx.vapo (copy)
data
dropped
C:\Users\user\Desktop\NYMMPCEIMA\NYMMPCEIMA.docx
data
dropped
C:\Users\user\Desktop\NYMMPCEIMA\NYMMPCEIMA.docx.vapo (copy)
data
dropped
C:\Users\user\Desktop\NYMMPCEIMA\VWDFPKGDUF.mp3
data
dropped
C:\Users\user\Desktop\NYMMPCEIMA\VWDFPKGDUF.mp3.vapo (copy)
data
dropped
C:\Users\user\Desktop\QCOILOQIKC.docx
data
dropped
C:\Users\user\Desktop\QCOILOQIKC.docx.vapo (copy)
data
dropped
C:\Users\user\Desktop\QCOILOQIKC\CZQKSDDMWR.png
data
dropped
C:\Users\user\Desktop\QCOILOQIKC\CZQKSDDMWR.png.vapo (copy)
data
dropped
C:\Users\user\Desktop\QCOILOQIKC\GLTYDMDUST.mp3
data
dropped
C:\Users\user\Desktop\QCOILOQIKC\GLTYDMDUST.mp3.vapo (copy)
data
dropped
C:\Users\user\Desktop\QCOILOQIKC\NWCXBPIUYI.jpg
data
dropped
C:\Users\user\Desktop\QCOILOQIKC\NWCXBPIUYI.jpg.vapo (copy)
data
dropped
C:\Users\user\Desktop\QCOILOQIKC\NYMMPCEIMA.xlsx
data
dropped
C:\Users\user\Desktop\QCOILOQIKC\NYMMPCEIMA.xlsx.vapo (copy)
data
dropped
C:\Users\user\Desktop\QCOILOQIKC\QCOILOQIKC.docx
data
dropped
C:\Users\user\Desktop\QCOILOQIKC\QCOILOQIKC.docx.vapo (copy)
data
dropped
C:\Users\user\Desktop\QCOILOQIKC\ZIPXYXWIOY.pdf
data
dropped
C:\Users\user\Desktop\QCOILOQIKC\ZIPXYXWIOY.pdf.vapo (copy)
data
dropped
C:\Users\user\Desktop\SNIPGPPREP.png
data
dropped
C:\Users\user\Desktop\SNIPGPPREP.png.vapo (copy)
data
dropped
C:\Users\user\Desktop\VWDFPKGDUF.jpg
data
dropped
C:\Users\user\Desktop\VWDFPKGDUF.jpg.vapo (copy)
data
dropped
C:\Users\user\Desktop\VWDFPKGDUF.mp3
data
dropped
C:\Users\user\Desktop\VWDFPKGDUF.mp3.vapo (copy)
data
dropped
C:\Users\user\Desktop\VWDFPKGDUF.pdf
data
dropped
C:\Users\user\Desktop\VWDFPKGDUF.pdf.vapo (copy)
data
dropped
C:\Users\user\Desktop\ZIPXYXWIOY.docx
data
dropped
C:\Users\user\Desktop\ZIPXYXWIOY.docx.vapo (copy)
data
dropped
C:\Users\user\Desktop\ZIPXYXWIOY.pdf
data
dropped
C:\Users\user\Desktop\ZIPXYXWIOY.pdf.vapo (copy)
data
dropped
C:\Users\user\Desktop\ZIPXYXWIOY\GLTYDMDUST.xlsx
data
dropped
C:\Users\user\Desktop\ZIPXYXWIOY\GLTYDMDUST.xlsx.vapo (copy)
data
dropped
C:\Users\user\Desktop\ZIPXYXWIOY\LHEPQPGEWF.mp3
data
dropped
C:\Users\user\Desktop\ZIPXYXWIOY\LHEPQPGEWF.mp3.vapo (copy)
data
dropped
C:\Users\user\Desktop\ZIPXYXWIOY\LIJDSFKJZG.pdf
data
dropped
C:\Users\user\Desktop\ZIPXYXWIOY\LIJDSFKJZG.pdf.vapo (copy)
data
dropped
C:\Users\user\Desktop\ZIPXYXWIOY\SNIPGPPREP.png
data
dropped
C:\Users\user\Desktop\ZIPXYXWIOY\SNIPGPPREP.png.vapo (copy)
data
dropped
C:\Users\user\Desktop\ZIPXYXWIOY\VWDFPKGDUF.jpg
data
dropped
C:\Users\user\Desktop\ZIPXYXWIOY\VWDFPKGDUF.jpg.vapo (copy)
data
dropped
C:\Users\user\Desktop\ZIPXYXWIOY\ZIPXYXWIOY.docx
data
dropped
C:\Users\user\Desktop\ZIPXYXWIOY\ZIPXYXWIOY.docx.vapo (copy)
data
dropped
C:\Users\user\Documents\CZQKSDDMWR.png
data
dropped
C:\Users\user\Documents\CZQKSDDMWR.png.vapo (copy)
data
dropped
C:\Users\user\Documents\GLTYDMDUST.mp3
data
dropped
C:\Users\user\Documents\GLTYDMDUST.mp3.vapo (copy)
data
dropped
C:\Users\user\Documents\GLTYDMDUST.pdf
data
dropped
C:\Users\user\Documents\GLTYDMDUST.pdf.vapo (copy)
data
dropped
C:\Users\user\Documents\GLTYDMDUST.xlsx
data
dropped
C:\Users\user\Documents\GLTYDMDUST.xlsx.vapo (copy)
data
dropped
C:\Users\user\Documents\GNLQNHOLWB.mp3
data
dropped
C:\Users\user\Documents\GNLQNHOLWB.mp3.vapo (copy)
data
dropped
C:\Users\user\Documents\HMPPSXQPQV.png
data
dropped
C:\Users\user\Documents\HMPPSXQPQV.png.vapo (copy)
data
dropped
C:\Users\user\Documents\HQJBRDYKDE.jpg
data
dropped
C:\Users\user\Documents\HQJBRDYKDE.jpg.vapo (copy)
data
dropped
C:\Users\user\Documents\LFOPODGVOH.jpg
data
dropped
C:\Users\user\Documents\LFOPODGVOH.jpg.vapo (copy)
data
dropped
C:\Users\user\Documents\LFOPODGVOH.xlsx
data
dropped
C:\Users\user\Documents\LFOPODGVOH.xlsx.vapo (copy)
data
dropped
C:\Users\user\Documents\LHEPQPGEWF.mp3
data
dropped
C:\Users\user\Documents\LHEPQPGEWF.mp3.vapo (copy)
data
dropped
C:\Users\user\Documents\LIJDSFKJZG.pdf
data
dropped
C:\Users\user\Documents\LIJDSFKJZG.pdf.vapo (copy)
data
dropped
C:\Users\user\Documents\NIRMEKAMZH.png
data
dropped
C:\Users\user\Documents\NIRMEKAMZH.png.vapo (copy)
data
dropped
C:\Users\user\Documents\NWCXBPIUYI.docx
data
dropped
C:\Users\user\Documents\NWCXBPIUYI.docx.vapo (copy)
data
dropped
C:\Users\user\Documents\NWCXBPIUYI.jpg
data
dropped
C:\Users\user\Documents\NWCXBPIUYI.jpg.vapo (copy)
data
dropped
C:\Users\user\Documents\NWCXBPIUYI.xlsx
data
dropped
C:\Users\user\Documents\NWCXBPIUYI.xlsx.vapo (copy)
data
dropped
C:\Users\user\Documents\NWCXBPIUYI\GNLQNHOLWB.mp3
data
dropped
C:\Users\user\Documents\NWCXBPIUYI\GNLQNHOLWB.mp3.vapo (copy)
data
dropped
C:\Users\user\Documents\NWCXBPIUYI\HQJBRDYKDE.jpg
data
dropped
C:\Users\user\Documents\NWCXBPIUYI\HQJBRDYKDE.jpg.vapo (copy)
data
dropped
C:\Users\user\Documents\NWCXBPIUYI\LFOPODGVOH.xlsx
data
dropped
C:\Users\user\Documents\NWCXBPIUYI\LFOPODGVOH.xlsx.vapo (copy)
data
dropped
C:\Users\user\Documents\NWCXBPIUYI\NIRMEKAMZH.png
data
dropped
C:\Users\user\Documents\NWCXBPIUYI\NIRMEKAMZH.png.vapo (copy)
data
dropped
C:\Users\user\Documents\NWCXBPIUYI\NWCXBPIUYI.docx
data
dropped
C:\Users\user\Documents\NWCXBPIUYI\NWCXBPIUYI.docx.vapo (copy)
data
dropped
C:\Users\user\Documents\NWCXBPIUYI\VWDFPKGDUF.pdf
data
dropped
C:\Users\user\Documents\NWCXBPIUYI\VWDFPKGDUF.pdf.vapo (copy)
data
dropped
C:\Users\user\Documents\NYMMPCEIMA.docx
data
dropped
C:\Users\user\Documents\NYMMPCEIMA.docx.vapo (copy)
data
dropped
C:\Users\user\Documents\NYMMPCEIMA.xlsx
data
dropped
C:\Users\user\Documents\NYMMPCEIMA.xlsx.vapo (copy)
data
dropped
C:\Users\user\Documents\NYMMPCEIMA\GLTYDMDUST.pdf
data
dropped
C:\Users\user\Documents\NYMMPCEIMA\GLTYDMDUST.pdf.vapo (copy)
data
dropped
C:\Users\user\Documents\NYMMPCEIMA\HMPPSXQPQV.png
data
dropped
C:\Users\user\Documents\NYMMPCEIMA\HMPPSXQPQV.png.vapo (copy)
data
dropped
C:\Users\user\Documents\NYMMPCEIMA\LFOPODGVOH.jpg
data
dropped
C:\Users\user\Documents\NYMMPCEIMA\LFOPODGVOH.jpg.vapo (copy)
data
dropped
C:\Users\user\Documents\NYMMPCEIMA\NWCXBPIUYI.xlsx
data
dropped
C:\Users\user\Documents\NYMMPCEIMA\NWCXBPIUYI.xlsx.vapo (copy)
data
dropped
C:\Users\user\Documents\NYMMPCEIMA\NYMMPCEIMA.docx
data
dropped
C:\Users\user\Documents\NYMMPCEIMA\NYMMPCEIMA.docx.vapo (copy)
data
dropped
C:\Users\user\Documents\NYMMPCEIMA\VWDFPKGDUF.mp3
data
dropped
C:\Users\user\Documents\NYMMPCEIMA\VWDFPKGDUF.mp3.vapo (copy)
data
dropped
C:\Users\user\Documents\Outlook Files\Outlook.pst
Microsoft Outlook email folder
dropped
C:\Users\user\Documents\Outlook Files\Outlook.pst.vapo (copy)
Microsoft Outlook email folder
dropped
C:\Users\user\Documents\QCOILOQIKC.docx
data
dropped
C:\Users\user\Documents\QCOILOQIKC.docx.vapo (copy)
data
dropped
C:\Users\user\Documents\QCOILOQIKC\CZQKSDDMWR.png
data
dropped
C:\Users\user\Documents\QCOILOQIKC\CZQKSDDMWR.png.vapo (copy)
data
dropped
C:\Users\user\Documents\QCOILOQIKC\GLTYDMDUST.mp3
data
dropped
C:\Users\user\Documents\QCOILOQIKC\GLTYDMDUST.mp3.vapo (copy)
data
dropped
C:\Users\user\Documents\QCOILOQIKC\NWCXBPIUYI.jpg
data
dropped
C:\Users\user\Documents\QCOILOQIKC\NWCXBPIUYI.jpg.vapo (copy)
data
dropped
C:\Users\user\Documents\QCOILOQIKC\NYMMPCEIMA.xlsx
data
dropped
C:\Users\user\Documents\QCOILOQIKC\NYMMPCEIMA.xlsx.vapo (copy)
data
dropped
C:\Users\user\Documents\QCOILOQIKC\QCOILOQIKC.docx
data
dropped
C:\Users\user\Documents\QCOILOQIKC\QCOILOQIKC.docx.vapo (copy)
data
dropped
C:\Users\user\Documents\QCOILOQIKC\ZIPXYXWIOY.pdf
data
dropped
C:\Users\user\Documents\QCOILOQIKC\ZIPXYXWIOY.pdf.vapo (copy)
data
dropped
C:\Users\user\Documents\SNIPGPPREP.png
data
dropped
C:\Users\user\Documents\SNIPGPPREP.png.vapo (copy)
data
dropped
C:\Users\user\Documents\VWDFPKGDUF.jpg
data
dropped
C:\Users\user\Documents\VWDFPKGDUF.jpg.vapo (copy)
data
dropped
C:\Users\user\Documents\VWDFPKGDUF.mp3
data
dropped
C:\Users\user\Documents\VWDFPKGDUF.mp3.vapo (copy)
data
dropped
C:\Users\user\Documents\VWDFPKGDUF.pdf
data
dropped
C:\Users\user\Documents\VWDFPKGDUF.pdf.vapo (copy)
data
dropped
C:\Users\user\Documents\ZIPXYXWIOY.docx
data
dropped
C:\Users\user\Documents\ZIPXYXWIOY.docx.vapo (copy)
data
dropped
C:\Users\user\Documents\ZIPXYXWIOY.pdf
data
dropped
C:\Users\user\Documents\ZIPXYXWIOY.pdf.vapo (copy)
data
dropped
C:\Users\user\Documents\ZIPXYXWIOY\GLTYDMDUST.xlsx
data
dropped
C:\Users\user\Documents\ZIPXYXWIOY\GLTYDMDUST.xlsx.vapo (copy)
data
dropped
C:\Users\user\Documents\ZIPXYXWIOY\LHEPQPGEWF.mp3
data
dropped
C:\Users\user\Documents\ZIPXYXWIOY\LHEPQPGEWF.mp3.vapo (copy)
data
dropped
C:\Users\user\Documents\ZIPXYXWIOY\LIJDSFKJZG.pdf
data
dropped
C:\Users\user\Documents\ZIPXYXWIOY\LIJDSFKJZG.pdf.vapo (copy)
data
dropped
C:\Users\user\Documents\ZIPXYXWIOY\SNIPGPPREP.png
data
dropped
C:\Users\user\Documents\ZIPXYXWIOY\SNIPGPPREP.png.vapo (copy)
data
dropped
C:\Users\user\Documents\ZIPXYXWIOY\VWDFPKGDUF.jpg
data
dropped
C:\Users\user\Documents\ZIPXYXWIOY\VWDFPKGDUF.jpg.vapo (copy)
data
dropped
C:\Users\user\Documents\ZIPXYXWIOY\ZIPXYXWIOY.docx
data
dropped
C:\Users\user\Documents\ZIPXYXWIOY\ZIPXYXWIOY.docx.vapo (copy)
data
dropped
C:\Users\user\Downloads\CZQKSDDMWR.png
data
dropped
C:\Users\user\Downloads\CZQKSDDMWR.png.vapo (copy)
data
dropped
C:\Users\user\Downloads\GLTYDMDUST.mp3
data
dropped
C:\Users\user\Downloads\GLTYDMDUST.mp3.vapo (copy)
data
dropped
C:\Users\user\Downloads\GLTYDMDUST.pdf
data
dropped
C:\Users\user\Downloads\GLTYDMDUST.pdf.vapo (copy)
data
dropped
C:\Users\user\Downloads\GLTYDMDUST.xlsx
data
dropped
C:\Users\user\Downloads\GLTYDMDUST.xlsx.vapo (copy)
data
dropped
C:\Users\user\Downloads\GNLQNHOLWB.mp3
data
dropped
C:\Users\user\Downloads\GNLQNHOLWB.mp3.vapo (copy)
data
dropped
C:\Users\user\Downloads\HMPPSXQPQV.png
data
dropped
C:\Users\user\Downloads\HMPPSXQPQV.png.vapo (copy)
data
dropped
C:\Users\user\Downloads\HQJBRDYKDE.jpg
data
dropped
C:\Users\user\Downloads\HQJBRDYKDE.jpg.vapo (copy)
data
dropped
C:\Users\user\Downloads\LFOPODGVOH.jpg
data
dropped
C:\Users\user\Downloads\LFOPODGVOH.jpg.vapo (copy)
data
dropped
C:\Users\user\Downloads\LFOPODGVOH.xlsx
data
dropped
C:\Users\user\Downloads\LFOPODGVOH.xlsx.vapo (copy)
data
dropped
C:\Users\user\Downloads\LHEPQPGEWF.mp3
data
dropped
C:\Users\user\Downloads\LHEPQPGEWF.mp3.vapo (copy)
data
dropped
C:\Users\user\Downloads\LIJDSFKJZG.pdf
data
dropped
C:\Users\user\Downloads\LIJDSFKJZG.pdf.vapo (copy)
data
dropped
C:\Users\user\Downloads\NIRMEKAMZH.png
data
dropped
C:\Users\user\Downloads\NIRMEKAMZH.png.vapo (copy)
data
dropped
C:\Users\user\Downloads\NWCXBPIUYI.docx
data
dropped
C:\Users\user\Downloads\NWCXBPIUYI.docx.vapo (copy)
data
dropped
C:\Users\user\Downloads\NWCXBPIUYI.jpg
data
dropped
C:\Users\user\Downloads\NWCXBPIUYI.jpg.vapo (copy)
data
dropped
C:\Users\user\Downloads\NWCXBPIUYI.xlsx
data
dropped
C:\Users\user\Downloads\NWCXBPIUYI.xlsx.vapo (copy)
data
dropped
C:\Users\user\Downloads\NYMMPCEIMA.docx
data
dropped
C:\Users\user\Downloads\NYMMPCEIMA.docx.vapo (copy)
data
dropped
C:\Users\user\Downloads\NYMMPCEIMA.xlsx
data
dropped
C:\Users\user\Downloads\NYMMPCEIMA.xlsx.vapo (copy)
data
dropped
C:\Users\user\Downloads\QCOILOQIKC.docx
data
dropped
C:\Users\user\Downloads\QCOILOQIKC.docx.vapo (copy)
data
dropped
C:\Users\user\Downloads\SNIPGPPREP.png
data
dropped
C:\Users\user\Downloads\SNIPGPPREP.png.vapo (copy)
data
dropped
C:\Users\user\Downloads\VWDFPKGDUF.jpg
data
dropped
C:\Users\user\Downloads\VWDFPKGDUF.jpg.vapo (copy)
data
dropped
C:\Users\user\Downloads\VWDFPKGDUF.mp3
data
dropped
C:\Users\user\Downloads\VWDFPKGDUF.mp3.vapo (copy)
data
dropped
C:\Users\user\Downloads\VWDFPKGDUF.pdf
data
dropped
C:\Users\user\Downloads\VWDFPKGDUF.pdf.vapo (copy)
data
dropped
C:\Users\user\Downloads\ZIPXYXWIOY.docx
data
dropped
C:\Users\user\Downloads\ZIPXYXWIOY.docx.vapo (copy)
data
dropped
C:\Users\user\Downloads\ZIPXYXWIOY.pdf
data
dropped
C:\Users\user\Downloads\ZIPXYXWIOY.pdf.vapo (copy)
data
dropped
C:\Users\user\Favorites\Amazon.url
data
dropped
C:\Users\user\Favorites\Amazon.url.vapo (copy)
data
dropped
C:\Users\user\Favorites\Bing.url
data
dropped
C:\Users\user\Favorites\Bing.url.vapo (copy)
data
dropped
C:\Users\user\Favorites\Facebook.url
data
dropped
C:\Users\user\Favorites\Facebook.url.vapo (copy)
data
dropped
C:\Users\user\Favorites\Google.url
data
dropped
C:\Users\user\Favorites\Google.url.vapo (copy)
data
dropped
C:\Users\user\Favorites\Live.url
data
dropped
C:\Users\user\Favorites\Live.url.vapo (copy)
data
dropped
C:\Users\user\Favorites\NYTimes.url
data
dropped
C:\Users\user\Favorites\NYTimes.url.vapo (copy)
data
dropped
C:\Users\user\Favorites\Reddit.url
data
dropped
C:\Users\user\Favorites\Reddit.url.vapo (copy)
data
dropped
C:\Users\user\Favorites\Twitter.url
data
dropped
C:\Users\user\Favorites\Twitter.url.vapo (copy)
data
dropped
C:\Users\user\Favorites\Wikipedia.url
data
dropped
C:\Users\user\Favorites\Wikipedia.url.vapo (copy)
data
dropped
C:\Users\user\Favorites\Youtube.url
data
dropped
C:\Users\user\Favorites\Youtube.url.vapo (copy)
data
dropped
C:\bootTel.dat
data
dropped
C:\bootTel.dat.vapo (copy)
data
dropped
There are 321 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\01860199.exe
C:\Users\user\Desktop\01860199.exe
 malicious
C:\Windows\explorer.exe
C:\Windows\Explorer.EXE
 malicious
C:\Users\user\AppData\Roaming\hwgujdv
C:\Users\user\AppData\Roaming\hwgujdv
 malicious
C:\Users\user\AppData\Local\Temp\D804.exe
C:\Users\user\AppData\Local\Temp\D804.exe
 malicious
C:\Users\user\AppData\Local\Temp\D804.exe
C:\Users\user\AppData\Local\Temp\D804.exe
 malicious
C:\Users\user\AppData\Local\Temp\C861.exe
C:\Users\user\AppData\Local\Temp\C861.exe
 malicious
C:\Users\user\AppData\Local\de8c49a6-0e90-48ec-87c8-3cd1f6f0601e\D804.exe
C:\Users\user\AppData\Local\de8c49a6-0e90-48ec-87c8-3cd1f6f0601e\D804.exe --Task
 malicious
C:\Users\user\AppData\Local\de8c49a6-0e90-48ec-87c8-3cd1f6f0601e\D804.exe
C:\Users\user\AppData\Local\de8c49a6-0e90-48ec-87c8-3cd1f6f0601e\D804.exe --Task
 malicious
C:\Users\user\AppData\Local\Temp\D804.exe
"C:\Users\user\AppData\Local\Temp\D804.exe" --Admin IsNotAutoStart IsNotTask
 malicious
C:\Users\user\AppData\Local\Temp\D804.exe
"C:\Users\user\AppData\Local\Temp\D804.exe" --Admin IsNotAutoStart IsNotTask
 malicious
C:\Users\user\AppData\Local\Temp\3C54.exe
C:\Users\user\AppData\Local\Temp\3C54.exe
 malicious
C:\Users\user\AppData\Local\Temp\aafg31.exe
"C:\Users\user\AppData\Local\Temp\aafg31.exe"
malicious
C:\Users\user\AppData\Local\Temp\NewPlayer.exe
"C:\Users\user\AppData\Local\Temp\NewPlayer.exe"
malicious
C:\Users\user\AppData\Local\Temp\XandETC.exe
"C:\Users\user\AppData\Local\Temp\XandETC.exe"
malicious
C:\Users\user\AppData\Local\0e111cbe-1163-4b86-ad03-032e194ee525\build2.exe
"C:\Users\user\AppData\Local\0e111cbe-1163-4b86-ad03-032e194ee525\build2.exe"
malicious
C:\Users\user\AppData\Local\Temp\B46F.exe
C:\Users\user\AppData\Local\Temp\B46F.exe
 malicious
C:\Users\user\AppData\Local\Temp\B46F.exe
C:\Users\user\AppData\Local\Temp\B46F.exe
 malicious
C:\Users\user\AppData\Local\Temp\A170.exe
C:\Users\user\AppData\Local\Temp\A170.exe
 malicious
C:\Users\user\AppData\Local\de8c49a6-0e90-48ec-87c8-3cd1f6f0601e\D804.exe
"C:\Users\user\AppData\Local\de8c49a6-0e90-48ec-87c8-3cd1f6f0601e\D804.exe" --AutoStart
 malicious
C:\Users\user\AppData\Local\Temp\A170.exe
C:\Users\user\AppData\Local\Temp\A170.exe
 malicious
C:\Users\user\AppData\Local\0e111cbe-1163-4b86-ad03-032e194ee525\build3.exe
"C:\Users\user\AppData\Local\0e111cbe-1163-4b86-ad03-032e194ee525\build3.exe"
malicious
C:\Users\user\AppData\Local\de8c49a6-0e90-48ec-87c8-3cd1f6f0601e\D804.exe
"C:\Users\user\AppData\Local\de8c49a6-0e90-48ec-87c8-3cd1f6f0601e\D804.exe" --AutoStart
 malicious
C:\Users\user\AppData\Local\0e111cbe-1163-4b86-ad03-032e194ee525\build2.exe
"C:\Users\user\AppData\Local\0e111cbe-1163-4b86-ad03-032e194ee525\build2.exe"
malicious
C:\Windows\SysWOW64\schtasks.exe
/C /create /F /sc minute /mo 1 /tn "Azure-Update-Task" /tr "C:\Users\user\AppData\Roaming\Microsoft\Network\mstsca.exe"
 malicious
C:\Users\user\AppData\Local\Temp\913F.exe
C:\Users\user\AppData\Local\Temp\913F.exe
 malicious
C:\Users\user\AppData\Local\Temp\6d73a97b0c\mnolyk.exe
"C:\Users\user\AppData\Local\Temp\6d73a97b0c\mnolyk.exe"
malicious
C:\Users\user\AppData\Local\Temp\913F.exe
C:\Users\user\AppData\Local\Temp\913F.exe
 malicious
C:\Users\user\AppData\Local\Temp\F4F7.exe
C:\Users\user\AppData\Local\Temp\F4F7.exe
 malicious
C:\Users\user\AppData\Roaming\Microsoft\Network\mstsca.exe
C:\Users\user\AppData\Roaming\Microsoft\Network\mstsca.exe
 malicious
C:\Users\user\AppData\Local\Temp\5DA0.exe
C:\Users\user\AppData\Local\Temp\5DA0.exe
 malicious
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Users\user\AppData\Local\de8c49a6-0e90-48ec-87c8-3cd1f6f0601e" /deny *S-1-1-0:(OI)(CI)(DE,DC)
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 508 -p 68 -ip 68
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 68 -s 520
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
There are 24 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://potunulit.org/
188.114.97.7
 malicious
https://shsplatform.co.uk/tmp/index.php
80.66.203.53
 malicious
http://jp.imgjeoighw.com/sts/image.jpg
103.100.211.218
 malicious
http://zexeq.com/files/1/build3.exel
unknown
 malicious
http://colisumy.com/dl/build2.exe$run
unknown
 malicious
http://colisumy.com/dl/build2.exerun3
unknown
 malicious
http://45.9.74.80/0bjdn2Z/Plugins/cred64.dll
45.9.74.80
 malicious
http://zexeq.com/raud/get.php
malicious
45.9.74.80/0bjdn2Z/index.php
malicious
https://we.tl/t-tnzomMj6
unknown
 malicious
http://zexeq.com/raud/get.php?pid=F4B58C92E14ED1DB6A495C4F0112806C&first=trueQ58
unknown
 malicious
http://45.9.74.80/0bjdn2Z/Plugins/clip64.dll
45.9.74.80
 malicious
http://kingpirate.ru/tmp/
malicious
http://194.180.48.90/cc.exe
194.180.48.90
 malicious
https://speedlab.com.eg/tmp/index.php
217.174.148.28
 malicious
http://zexeq.com/files/1/build3.exe$runZT
unknown
 malicious
http://zexeq.com/raud/get.phpep
unknown
 malicious
http://45.9.74.80/power.exe
45.9.74.80
 malicious
http://jp.imgjeoighw.com/sts/image.jpgO
unknown
 malicious
http://toobussy.com/
unknown
 malicious
http://wuc11.com/tmp/
malicious
http://zexeq.com/files/1/build3.exe$run
unknown
 malicious
http://zexeq.com/raud/get.php?pid=F4B58C92E14ED1DB6A495C4F0112806C
211.59.14.90
 malicious
http://zexeq.com/files/1/build3.exe$runyinstall020921_delay721_sec.exe0
unknown
 malicious
http://zexeq.com/raud/get.php?pid=F4B58C92E14ED1DB6A495C4F011280Nkx%
unknown
 malicious
http://45.9.74.80/0bjdn2Z/index.php
45.9.74.80
 malicious
http://colisumy.com/dl/build.exe
211.119.84.112
 malicious
http://zexeq.com/raud/get.php?pid=F4B58C92E14ED1DB6A495C4F0112806C&first=true
175.119.10.231
 malicious
http://colisumy.com/dl/build2.exe
123.140.161.243
 malicious
http://45.9.74.80/0bjdn2Z/index.php?scr=1
45.9.74.80
 malicious
http://toobussy.com/tmp/
222.236.49.123
 malicious
http://ladogatur.ru/tmp/
malicious
https://we.tl/t-tnzomMj6HU
unknown
 malicious
http://zexeq.com/files/1/build3.exe
175.119.10.231
 malicious
http://zexeq.com/raud/get.php?pid=F4B58C92E14ED1DB6A495C4F0112806Cg
unknown
 malicious
https://static.xx.fbcdn.net/rsrc.php/v3/y-/l/0
unknown
https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/v75M7CPu9-P.js?_nc_x=Ij3Wp8lg5Kz
unknown
https://steamcommunity.com/profiles/76561199508624021update.zipopenopen_NULL%s
unknown
https://messenger.com/
unknown
https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/camCPYrr6r7.js?_nc_x=Ij3Wp8lg5Kz
unknown
http://ss.apjeoighw.com/
unknown
https://t.me/looking_glassbotlookataddon.zipMozilla/5.0
unknown
https://steamcommunity.com/profiles/76561199508624021
http://188.34.154.187:30303/addon.zip
188.34.154.187
http://www.reddit.com/
unknown
https://api.2ip.ua/geo.jsonyY&$
unknown
https://api.2ip.ua/u
unknown
http://ss.apjeoighw.com/check/safe3
unknown
https://static.xx.fbcdn.net/rsrc.php/v3/y2/l/0
unknown
https://api.2ip.ua/geo.jsonV
unknown
https://static.xx.fbcdn.net/rsrc.php/v3/yP/l/0
unknown
http://components.groove.net/Groove/Components/Root.osd?Package=net.groove.Groove.Tools.System.Groov
unknown
http://ss.apjeoighw.com/check/safe)
unknown
http://ss.apjeoighw.com:80/check/safe
unknown
https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/_tJ17sGyxOX.js?_nc_x=Ij3Wp8lg5Kz
unknown
http://ss.apjeoighw.com/check/safe1B
unknown
https://api.2ip.ua/geo.jsonG.S
unknown
https://adsmanager.facebook.com/ads/manager/account_settings/account_billing/
157.240.17.17
https://api.2ip.ua/?
unknown
http://www.youtube.com/
unknown
https://api.2ip.ua/geo.json1
unknown
https://static.xx.fbcdn.net/rsrc.php/v3/yB/l/0
unknown
https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/Ib90vcVxYzI.js?_nc_x=Ij3Wp8lg5Kz
unknown
https://api.2ip.ua/geo.jsonA
unknown
https://static.xx.fbcdn.net/rsrc.php/v3/yK/l/0
unknown
https://static.xx.fbcdn.net/rsrc.php/v3/yn/r/A-4As8UDAZ8.js?_nc_x=Ij3Wp8lg5Kz
unknown
https://t.me/looking_glassbot
149.154.167.99
https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/ZZnKfYusN8Z.js?_nc_x=Ij3Wp8lg5Kz
unknown
http://components.groove.net/Groove/Components/SystemComponents/SystemComponents.osd?Package=net.gro
unknown
http://ss.apjeoighw.com/check/?sid=436160&key=a96ab7e5e6412d32675599dfaebc13f6
154.221.31.191
http://www.amazon.com/
unknown
http://www.twitter.com/
unknown
http://www.openssl.org/support/faq.html
unknown
http://https://ns1.kriston.ugns2.chalekin.ugns3.unalelath.ugns4.andromath.ug/Error
unknown
https://static.xx.fbcdn.net/rsrc.php/v3/yT/r/Kp9IMjEGN_T.js?_nc_x=Ij3Wp8lg5Kz
unknown
https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/yWg6mkUCjYR.js?_nc_x=Ij3Wp8lg5Kz
unknown
http://ss.apjeoighw.com/blob:
unknown
https://api.2ip.ua/geo.jsonq
unknown
https://api.2ip.ua/geo.jsons
unknown
http://188.34.154.187:30303/
188.34.154.187
https://static.xx.fbcdn.net/rsrc.php/v3/yq/l/0
unknown
http://www.nytimes.com/
unknown
https://static.xx.fbcdn.net/rsrc.php/v3/yE/l/0
unknown
https://api.2ip.ua/
unknown
http://ss.apjeoighw.com/check/?sid=436336&key=3f9d01718af2d5daf3c654f2052d5bc7
154.221.31.191
http://ss.apjeoighw.com/check/safe
154.221.31.191
https://t.me/looking_glassboeL
unknown
https://api.2ip.ua/geo.json
162.0.217.254
http://188.34.154.187:30303/e44c96dfdf315ccf17cdd4b93cfe6e48
188.34.154.187
https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/_tJ17sGyx
unknown
https://api.2ip.ua/geo.json#&
unknown
https://freebl3.dllmozglue.dllmsvcp140.dllnss3.dllsoftokn3.dllvcruntime140.dll
unknown
http://ss.apjeoighw.com/check/?sid=436234&key=2cef0d99b721939135d08fea0dcaba52
154.221.31.191
http://ss.apjeoighw.com:80/check/?sid=436234&key=2cef0d99b721939135d08fea0dcaba52G_
unknown
https://static.xx.fbcdn.net/rsrc.php/v3/ye/r/sczXDyPA0UL.js?_nc_x=Ij3Wp8lg5Kz
unknown
http://www.wikipedia.com/
unknown
https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yx/l/en_US/LsRZeEzcd6B.js?_nc_x=Ij3Wp8lg5Kz
unknown
http://www.live.com/
unknown
https://www.facebook.com/login.php?next=https%3A%2F%2Fadsmanager.facebook.com%2Fads%2Fmanager%2Faccount_settings%2Faccount_billing%2F
157.240.9.35
http://zexeq.com/files/1/build3.exerunb10
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
toobussy.com
222.236.49.123
 malicious
colisumy.com
211.119.84.112
 malicious
potunulit.org
188.114.97.7
 malicious
jp.imgjeoighw.com
103.100.211.218
 malicious
speedlab.com.eg
217.174.148.28
 malicious
shsplatform.co.uk
80.66.203.53
 malicious
zexeq.com
175.119.10.231
 malicious
star-mini.c10r.facebook.com
157.240.9.35
star.c10r.facebook.com
157.240.17.17
t.me
149.154.167.99
ss.apjeoighw.com
154.221.31.191
api.2ip.ua
162.0.217.254
www.facebook.com
unknown
adsmanager.facebook.com
unknown
There are 4 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
103.100.211.218
jp.imgjeoighw.com
Hong Kong
malicious
217.174.148.28
speedlab.com.eg
Bulgaria
malicious
175.119.10.231
zexeq.com
Korea Republic of
malicious
211.40.39.251
unknown
Korea Republic of
malicious
211.119.84.112
colisumy.com
Korea Republic of
malicious
194.180.48.90
unknown
Germany
malicious
123.140.161.243
unknown
Korea Republic of
malicious
80.66.203.53
shsplatform.co.uk
United Kingdom
malicious
45.9.74.80
unknown
Russian Federation
malicious
211.59.14.90
unknown
Korea Republic of
malicious
188.114.97.7
potunulit.org
European Union
malicious
188.114.96.7
unknown
European Union
malicious
183.100.39.157
unknown
Korea Republic of
malicious
222.236.49.123
toobussy.com
Korea Republic of
malicious
222.236.49.124
unknown
Korea Republic of
malicious
192.168.2.1
unknown
unknown
157.240.9.35
star-mini.c10r.facebook.com
United States
154.221.31.191
ss.apjeoighw.com
Seychelles
149.154.167.99
t.me
United Kingdom
157.240.17.17
star.c10r.facebook.com
United States
162.0.217.254
api.2ip.ua
Canada
188.34.154.187
unknown
Germany
157.240.234.35
unknown
United States
There are 13 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
 malicious
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion
SysHelper
 malicious
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
Startup
 malicious
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000100082
VirtualDesktop
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.Furyy.EhaQvnybt
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\uneqm\NccQngn\Ybpny\qr8p49n6-0r90-48rp-87p8-3pq1s6s0601r\Q804.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
a
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
MRUList
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000110082
VirtualDesktop
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000100082
VirtualDesktop
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Bags\1\Desktop
IconLayouts
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Search
InstalledWin32AppsRevision
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\CloudStore\Store\Cache\DefaultAccount\$de${3292dee6-ca92-481c-872a-88aa4c48ff80}$$windows.data.unifiedtile.localstartvolatiletilepropertiesmap\Current
Data
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.Furyy.EhaQvnybt
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\uneqm\NccQngn\Ybpny\qr8p49n6-0r90-48rp-87p8-3pq1s6s0601r\Q804.rkr
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000110082
VirtualDesktop
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.101
CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.100
CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102
CheckSetting
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Security and Maintenance
MessageTime
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
SysHelper
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property
0018000C92A54083
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
DeviceTicket
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
DeviceId
HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
ApplicationFlags
There are 19 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
7D0000
direct allocation
page read and write
 malicious
61000
unkown
page execute read
 malicious
C47000
heap
page read and write
 malicious
61000
unkown
page execute read
 malicious
400000
remote allocation
page execute and read and write
 malicious
400000
remote allocation
page execute and read and write
 malicious
400000
remote allocation
page execute and read and write
 malicious
24D0000
direct allocation
page execute and read and write
 malicious
2421000
unclassified section
page read and write
 malicious
891000
heap
page read and write
 malicious
2231000
unclassified section
page read and write
 malicious
24C0000
direct allocation
page execute and read and write
 malicious
C47000
heap
page read and write
 malicious
E01000
unkown
page execute read
 malicious
2400000
direct allocation
page read and write
 malicious
E01000
unkown
page execute read
 malicious
C5E000
heap
page read and write
 malicious
840000
direct allocation
page execute and read and write
 malicious
400000
remote allocation
page execute and read and write
 malicious
700000
direct allocation
page read and write
 malicious
2690000
direct allocation
page execute and read and write
 malicious
2460000
direct allocation
page execute and read and write
 malicious
C47000
heap
page read and write
 malicious
2410000
direct allocation
page execute and read and write
 malicious
400000
remote allocation
page execute and read and write
 malicious
BE5000
heap
page read and write
 malicious
C5E000
heap
page read and write
 malicious
22D1000
unclassified section
page read and write
 malicious
24D0000
direct allocation
page execute and read and write
 malicious
400000
remote allocation
page execute and read and write
 malicious
400000
remote allocation
page execute and read and write
 malicious
2530000
direct allocation
page execute and read and write
 malicious
4050000
trusted library allocation
page read and write
 malicious
400000
remote allocation
page execute and read and write
 malicious
C86000
heap
page read and write
7E0000
heap
page read and write
7FFC1B4EC000
unkown
page read and write
126E000
stack
page read and write
84D000
heap
page read and write
4A6000
unkown
page write copy
BAE000
stack
page read and write
F5E6000
unkown
page read and write
288F000
stack
page read and write
1E2922F7000
heap
page read and write
F41C000
unkown
page read and write
7FF534B48000
unkown
page readonly
BAA000
heap
page read and write
14F0000
unkown
page read and write
750000
heap
page read and write
1690000
trusted library allocation
page execute and read and write
29AF000
stack
page read and write
2CDE000
stack
page read and write
7FF534F0B000
unkown
page readonly
5C70000
unkown
page read and write
7FFC1B4EE000
unkown
page read and write
71F0000
unkown
page read and write
1E2922D3000
heap
page read and write
81B0000
heap
page read and write
400000
unkown
page readonly
5930000
unkown
page read and write
14F0000
unkown
page read and write
52B000
remote allocation
page execute and read and write
28F19B02000
heap
page read and write
5930000
unkown
page read and write
5930000
unkown
page read and write
DCCC000
heap
page read and write
234F000
stack
page read and write
2F5E000
stack
page read and write
14D0000
unkown
page read and write
400000
unkown
page readonly
5120000
unkown
page readonly
5930000
unkown
page read and write
8F35000
unkown
page read and write
A5A000
heap
page read and write
5930000
unkown
page read and write
1E292299000
heap
page read and write
1E290161000
heap
page read and write
C01000
heap
page read and write
66F000
unkown
page readonly
E550000
heap
page read and write
66B0000
unkown
page read and write
57B0000
unkown
page read and write
66B0000
unkown
page read and write
8CEC000
stack
page read and write
82A000
heap
page read and write
4A6000
unkown
page read and write
69C000
stack
page read and write
3270000
unkown
page readonly
1E2901D0000
heap
page read and write
4018000
trusted library allocation
page read and write
F270000
unkown
page read and write
2D4E000
stack
page read and write
5F7000
heap
page read and write
631C000
unkown
page read and write
573E000
stack
page read and write
31DB000
heap
page read and write
7FF534BF9000
unkown
page readonly
7FF534F85000
unkown
page readonly
1E2901D5000
heap
page read and write
5850000
unkown
page read and write
7FF534CA6000
unkown
page readonly
7FF534F12000
unkown
page readonly
7FD9000
unkown
page readonly
5850000
unkown
page read and write
2748000
heap
page read and write
5930000
unkown
page read and write
735000
heap
page read and write
1573000
heap
page read and write
1E2901DE000
heap
page read and write
2F30000
heap
page read and write
2E30000
heap
page read and write
7FF534C14000
unkown
page readonly
2B3A000
stack
page read and write
7FF5349E7000
unkown
page readonly
305F000
stack
page read and write
74F000
heap
page read and write
3E88000
trusted library allocation
page read and write
9A0000
direct allocation
page read and write
145D000
trusted library allocation
page execute and read and write
2F8D000
stack
page read and write
115C2000
unkown
page read and write
7FF534C27000
unkown
page readonly
14F0000
unkown
page read and write
11AB7000
stack
page read and write
22BAEE00000
unkown
page read and write
5930000
unkown
page read and write
15B5E000
stack
page read and write
28AE000
stack
page read and write
7FF6A834E000
unkown
page write copy
66B0000
unkown
page read and write
667000
heap
page read and write
C8F000
heap
page read and write
22BAEE02000
unkown
page read and write
1E2901DE000
heap
page read and write
5930000
unkown
page read and write
2F1F000
stack
page read and write
AEF367F000
stack
page read and write
7FF5B1ECE000
unkown
page readonly
60000
unkown
page readonly
8F2A000
unkown
page read and write
1453000
trusted library allocation
page execute and read and write
5340000
unkown
page read and write
32B0000
direct allocation
page read and write
1E2901A1000
heap
page read and write
8F20000
unkown
page read and write
30B0000
remote allocation
page read and write
B6E000
stack
page read and write
645000
heap
page read and write
7FF5B1F61000
unkown
page readonly
316A000
stack
page read and write
5930000
unkown
page read and write
3F93000
trusted library allocation
page read and write
31C6000
heap
page read and write
5E0000
heap
page read and write
28F1983A000
heap
page read and write
1E29229B000
heap
page read and write
4284000
trusted library allocation
page read and write
1005000
unkown
page readonly
400B000
trusted library allocation
page read and write
30000
heap
page read and write
5106000
unkown
page read and write
8D7000
heap
page read and write
5930000
unkown
page read and write
7FF534944000
unkown
page readonly
C2A000
heap
page read and write
859000
heap
page execute and read and write
982000
heap
page read and write
88E000
stack
page read and write
403C000
trusted library allocation
page read and write
7FF534F9A000
unkown
page readonly
14D0000
unkown
page read and write
E1E000
stack
page read and write
74E000
stack
page read and write
7FF5B2011000
unkown
page readonly
C077000
stack
page read and write
2D1E000
stack
page read and write
5A20000
unkown
page readonly
9155000
unkown
page read and write
D733000
unkown
page read and write
11701000
unkown
page read and write
7FF534FB2000
unkown
page readonly
9A50000
trusted library allocation
page read and write
4244000
trusted library allocation
page read and write
82F000
stack
page read and write
583F000
stack
page read and write
1E2922BE000
heap
page read and write
4034000
trusted library allocation
page read and write
1E292290000
heap
page read and write
1E2922F9000
heap
page read and write
1E2922F6000
heap
page read and write
711000
heap
page read and write
3300000
unkown
page read and write
2CBD000
stack
page read and write
4A0000
unkown
page readonly
5930000
unkown
page read and write
7FF534C2C000
unkown
page readonly
14D0000
unkown
page read and write
32B0000
direct allocation
page read and write
34B0000
unkown
page read and write
B43B000
stack
page read and write
7FF534B4D000
unkown
page readonly
14D0000
unkown
page read and write
640000
heap
page read and write
5850000
unkown
page read and write
5C70000
unkown
page read and write
4324000
trusted library allocation
page read and write
5975000
unkown
page read and write
E0D7000
heap
page read and write
1E2922EB000
heap
page read and write
400000
unkown
page readonly
5930000
unkown
page read and write
14D0000
unkown
page read and write
17B000
stack
page read and write
32B0000
direct allocation
page read and write
4000000
trusted library allocation
page read and write
83E000
stack
page read and write
284E000
stack
page read and write
3242000
heap
page read and write
430C000
trusted library allocation
page read and write
1E2922EB000
heap
page read and write
28DF000
stack
page read and write
61E00000
direct allocation
page execute and read and write
A1F000
stack
page read and write
5930000
unkown
page read and write
637000
heap
page read and write
42BD000
trusted library allocation
page read and write
FBD0000
unkown
page read and write
7FF534C9A000
unkown
page readonly
5340000
unkown
page read and write
DCD9000
heap
page read and write
4BE0000
unkown
page readonly
255E000
stack
page read and write
27CF000
stack
page read and write
3FF9000
trusted library allocation
page read and write
1E290193000
heap
page read and write
7FF534BDB000
unkown
page readonly
9D000
stack
page read and write
8725000
stack
page read and write
1E2922BA000
heap
page read and write
42FE000
trusted library allocation
page read and write
66F000
unkown
page readonly
42C7000
trusted library allocation
page read and write
56CE000
stack
page read and write
629D000
unkown
page read and write
7FF5B1FAB000
unkown
page readonly
28F19B13000
heap
page read and write
DDD0000
heap
page read and write
30EE000
stack
page read and write
4290000
trusted library allocation
page read and write
42F8000
trusted library allocation
page read and write
7FF534BE1000
unkown
page readonly
8C5000
heap
page read and write
5340000
unkown
page read and write
3FFE000
trusted library allocation
page read and write
1570000
heap
page read and write
51A000
remote allocation
page execute and read and write
4A6000
unkown
page write copy
7FF535026000
unkown
page readonly
2CCE000
stack
page read and write
4292000
trusted library allocation
page read and write
8FE000
stack
page read and write
7FF534FC5000
unkown
page readonly
AD0000
heap
page read and write
3320000
unkown
page readonly
86E000
stack
page read and write
2B3A000
stack
page read and write
2E1E000
stack
page read and write
2C7F000
stack
page read and write
737000
heap
page read and write
435C000
trusted library allocation
page read and write
8EEB000
stack
page read and write
14F0000
unkown
page read and write
3FE9000
trusted library allocation
page read and write
10029000
stack
page read and write
C5D000
heap
page read and write
5C70000
unkown
page read and write
3F62000
trusted library allocation
page read and write
5CFE000
stack
page read and write
77C000
heap
page read and write
2C7B000
stack
page read and write
7BE000
stack
page read and write
22BAEE41000
unkown
page read and write
30000
heap
page read and write
400000
unkown
page readonly
9A20000
direct allocation
page read and write
196000
stack
page read and write
42EA000
trusted library allocation
page read and write
EB1E000
unkown
page read and write
724000
heap
page read and write
4313000
trusted library allocation
page read and write
3480000
unkown
page read and write
28F19B00000
heap
page read and write
437D000
trusted library allocation
page read and write
800000
direct allocation
page execute and read and write
306C000
stack
page read and write
9A20000
direct allocation
page read and write
7FF535055000
unkown
page readonly
7FF534A99000
unkown
page readonly
401000
unkown
page execute read
7FF5349D4000
unkown
page readonly
2DBE000
stack
page read and write
7FF534E4C000
unkown
page readonly
DDD9000
heap
page read and write
5430000
heap
page execute and read and write
5930000
unkown
page read and write
C3C000
stack
page read and write
7C9E000
unkown
page readonly
74F000
stack
page read and write
9C000
stack
page read and write
1E290184000
heap
page read and write
F069000
stack
page read and write
384F000
stack
page read and write
15E5000
heap
page read and write
22BAF000000
unkown
page readonly
298F000
stack
page read and write
5850000
unkown
page read and write
1F0000
heap
page read and write
404E000
trusted library allocation
page read and write
7FF534E65000
unkown
page readonly
19E000
stack
page read and write
14F0000
unkown
page read and write
4013000
trusted library allocation
page read and write
1270000
trusted library allocation
page read and write
D88C000
unkown
page read and write
1E2922D0000
heap
page read and write
401000
unkown
page execute read
EE5000
stack
page read and write
917000
heap
page read and write
4334000
trusted library allocation
page read and write
89AF000
stack
page read and write
4365000
trusted library allocation
page read and write
7FF5B1F45000
unkown
page readonly
91C000
heap
page read and write
1555A000
stack
page read and write
FBF000
stack
page read and write
196000
stack
page read and write
2B3A000
stack
page read and write
3F7C000
trusted library allocation
page read and write
5930000
unkown
page read and write
2E1E000
stack
page read and write
6230000
unkown
page read and write
D8E2000
unkown
page read and write
91D000
heap
page read and write
28F1983C000
heap
page read and write
7FF534DBC000
unkown
page readonly
1E29229B000
heap
page read and write
435E000
trusted library allocation
page read and write
1E2922E5000
heap
page read and write
14F0000
unkown
page read and write
534E000
stack
page read and write
28F19B13000
heap
page read and write
6274000
unkown
page read and write
31B1000
trusted library allocation
page read and write
72F000
heap
page read and write
775000
heap
page read and write
28F19B13000
heap
page read and write
7FF534BF6000
unkown
page readonly
1E2901D6000
heap
page read and write
324E000
stack
page read and write
2CBE000
stack
page read and write
467000
remote allocation
page execute and read and write
286F000
stack
page read and write
5930000
unkown
page read and write
400000
unkown
page readonly
8B0000
direct allocation
page read and write
28F195A0000
heap
page read and write
4D20000
unkown
page read and write
32B0000
direct allocation
page read and write
B67B000
stack
page read and write
42C4000
trusted library allocation
page read and write
DB8A000
heap
page read and write
7FF534BEE000
unkown
page readonly
5850000
unkown
page read and write
57B0000
unkown
page read and write
31F0000
heap
page read and write
F4C4000
unkown
page read and write
32B0000
direct allocation
page read and write
1E29227D000
heap
page read and write
5930000
unkown
page read and write
42B1000
trusted library allocation
page read and write
1220000
unkown
page readonly
A30000
heap
page read and write
726000
heap
page read and write
32B0000
direct allocation
page read and write
5930000
unkown
page read and write
939000
heap
page read and write
1E292315000
heap
page read and write
DCC2000
heap
page read and write
910000
heap
page read and write
3FE0000
trusted library allocation
page read and write
28F19B13000
heap
page read and write
930000
heap
page read and write
30000
heap
page read and write
436B000
trusted library allocation
page read and write
3170000
heap
page read and write
1E292290000
heap
page read and write
7FF534EBF000
unkown
page readonly
7FF534FCB000
unkown
page readonly
7FF534EC9000
unkown
page readonly
61ECD000
direct allocation
page readonly
1E2901C5000
unkown
page read and write
21A0000
heap
page read and write
1F0000
heap
page read and write
432F000
trusted library allocation
page read and write
9A20000
direct allocation
page read and write
F608000
unkown
page read and write
4240000
trusted library allocation
page read and write
32B0000
heap
page read and write
900000
heap
page read and write
1E2901A2000
heap
page read and write
2F66000
heap
page read and write
9C000
stack
page read and write
C80000
heap
page read and write
19C000
stack
page read and write
842C000
stack
page read and write
2F00000
heap
page read and write
3FE7000
trusted library allocation
page read and write
1E2922BD000
heap
page read and write
1E2901A6000
heap
page read and write
57D0000
unkown
page readonly
1E2922EA000
heap
page read and write
30000
heap
page read and write
354C000
stack
page read and write
5C70000
unkown
page read and write
C4F000
stack
page read and write
52B000
remote allocation
page execute and read and write
7FF534D2A000
unkown
page readonly
32B0000
direct allocation
page read and write
E760000
heap
page read and write
32B0000
direct allocation
page read and write
5400000
unkown
page readonly
279E000
stack
page read and write
1E2902C5000
heap
page read and write
8CC000
heap
page read and write
3110000
heap
page execute and read and write
AEF36FF000
stack
page read and write
409000
unkown
page execute read
400000
unkown
page readonly
1378000
heap
page read and write
9A20000
direct allocation
page read and write
710000
unclassified section
page read and write
8629000
stack
page read and write
1E2922EC000
heap
page read and write
3F88000
trusted library allocation
page read and write
5C0000
heap
page read and write
3FFC000
trusted library allocation
page read and write
10A1000
heap
page read and write
42D0000
trusted library allocation
page read and write
8C2000
heap
page read and write
30000
heap
page read and write
647000
heap
page read and write
22BAEDE0000
unkown
page readonly
116C4000
unkown
page read and write
5C70000
unkown
page read and write
5930000
unkown
page read and write
90A000
heap
page read and write
14D0000
unkown
page read and write
400D000
trusted library allocation
page read and write
3FD4000
trusted library allocation
page read and write
1E29016F000
direct allocation
page read and write
8CF000
heap
page read and write
BFE000
stack
page read and write
5975000
unkown
page read and write
A40000
heap
page read and write
1320000
heap
page read and write
2F70000
heap
page read and write
4036000
trusted library allocation
page read and write
9A20000
direct allocation
page read and write
6A1000
heap
page read and write
4B23000
unkown
page read and write
32B0000
direct allocation
page read and write
5930000
unkown
page read and write
62D5000
unkown
page read and write
5010000
unkown
page read and write
5973000
unkown
page read and write
1F0000
heap
page read and write
3F07000
trusted library allocation
page read and write
1E2922FC000
heap
page read and write
75C000
heap
page read and write
14F0000
unkown
page read and write
5930000
unkown
page read and write
400000
unkown
page readonly
9C0000
heap
page read and write
7FF534F6C000
unkown
page readonly
9A20000
direct allocation
page read and write
7DBA000
unkown
page readonly
401000
unkown
page execute read
1E2922EC000
heap
page read and write
4D30000
unkown
page read and write
1E2901BE000
heap
page read and write
132CC000
stack
page read and write
F3E395D000
stack
page read and write
5930000
unkown
page read and write
6E8000
heap
page read and write
28F19A13000
heap
page read and write
1E2901C0000
heap
page read and write
3070000
heap
page read and write
1E2901A6000
heap
page read and write
32B0000
direct allocation
page read and write
A09C67B000
stack
page read and write
2B7D000
stack
page read and write
5930000
unkown
page read and write
7FF535047000
unkown
page readonly
740000
heap
page read and write
2760000
heap
page read and write
5930000
unkown
page read and write
589D000
unkown
page read and write
7FF534EA5000
unkown
page readonly
F432000
unkown
page read and write
216C1ED0000
heap
page read and write
14F0000
unkown
page read and write
400F000
trusted library allocation
page read and write
8545000
unkown
page read and write
32B0000
direct allocation
page read and write
22BAEC90000
heap
page read and write
3070000
heap
page read and write
632D000
unkown
page read and write
5C70000
unkown
page read and write
230E000
stack
page read and write
C82000
heap
page read and write
7B0000
heap
page read and write
5930000
unkown
page read and write
5930000
unkown
page read and write
62C8000
unkown
page read and write
265F000
stack
page read and write
7229000
unkown
page read and write
4D50000
unkown
page read and write
1E2922D0000
heap
page read and write
5E0000
heap
page read and write
7FF535121000
unkown
page readonly
7FF534F37000
unkown
page readonly
1E2922FB000
heap
page read and write
840000
heap
page read and write
2CBE000
stack
page read and write
30000
heap
page read and write
32B0000
direct allocation
page read and write
CD8000
heap
page read and write
42EC000
trusted library allocation
page read and write
3F91000
trusted library allocation
page read and write
891000
heap
page read and write
7F52000
unkown
page readonly
2A3D000
stack
page read and write
7FF534FB7000
unkown
page readonly
5850000
unkown
page read and write
7FF534ED0000
unkown
page readonly
4363000
trusted library allocation
page read and write
216C2233000
heap
page read and write
8FC1000
unkown
page read and write
1BB000
stack
page read and write
4A6000
unkown
page read and write
30000
heap
page read and write
2F51000
heap
page read and write
5930000
unkown
page read and write
7FF535051000
unkown
page readonly
F802000
unkown
page read and write
711000
heap
page read and write
3FD2000
trusted library allocation
page read and write
34B0000
unkown
page read and write
5930000
unkown
page read and write
14F0000
unkown
page read and write
7FF534C64000
unkown
page readonly
13CCC000
stack
page read and write
7FF534BFF000
unkown
page readonly
580000
heap
page read and write
56FE000
stack
page read and write
32B0000
direct allocation
page read and write
7FF5348A7000
unkown
page readonly
431B000
trusted library allocation
page read and write
5930000
unkown
page read and write
F804000
unkown
page read and write
28CF000
stack
page read and write
AAF000
stack
page read and write
182E000
stack
page read and write
7FCC000
unkown
page readonly
5930000
unkown
page read and write
7FF534D83000
unkown
page readonly
57B0000
unkown
page read and write
2710000
heap
page read and write
32B0000
direct allocation
page read and write
8AD000
heap
page read and write
7FF777092000
unkown
page write copy
3F70000
trusted library allocation
page read and write
22BAF602000
unkown
page read and write
1E2922C1000
heap
page read and write
F3E3E7F000
stack
page read and write
1E29229B000
heap
page read and write
585000
heap
page read and write
6B7000
heap
page read and write
28F1983C000
heap
page read and write
80AD000
stack
page read and write
380A000
stack
page read and write
1E2901D5000
heap
page read and write
7FF5348D7000
unkown
page readonly
9A20000
direct allocation
page read and write
1E292297000
heap
page read and write
4341000
trusted library allocation
page read and write
1E2922F6000
heap
page read and write
2C4E000
stack
page read and write
3FF0000
trusted library allocation
page read and write
83E000
stack
page read and write
433F000
trusted library allocation
page read and write
9A20000
direct allocation
page read and write
3FAD000
trusted library allocation
page read and write
6B5000
heap
page read and write
11807000
unkown
page read and write
9A20000
direct allocation
page read and write
5BE000
stack
page read and write
302F000
stack
page read and write
3248000
heap
page read and write
7FF534B55000
unkown
page readonly
17EE000
stack
page read and write
5930000
unkown
page read and write
F1F000
stack
page read and write
8B2000
heap
page read and write
4DE000
stack
page read and write
8A3C000
stack
page read and write
7FF534F4B000
unkown
page readonly
5930000
unkown
page read and write
42BB000
trusted library allocation
page read and write
5930000
unkown
page read and write
2E00000
trusted library allocation
page read and write
2530000
heap
page read and write
2F33000
heap
page read and write
165DD000
stack
page read and write
5930000
unkown
page read and write
3FE3000
trusted library allocation
page read and write
1E292285000
heap
page read and write
31AE000
stack
page read and write
A50000
heap
page read and write
7FF534E7C000
unkown
page readonly
7BA000
heap
page read and write
32AC000
stack
page read and write
2370000
direct allocation
page read and write
26EC000
stack
page read and write
5930000
unkown
page read and write
808000
heap
page read and write
6CD000
heap
page read and write
9D000
stack
page read and write
5930000
unkown
page read and write
7E83000
unkown
page readonly
11646000
unkown
page read and write
74E000
heap
page read and write
2A3D000
stack
page read and write
1340000
trusted library allocation
page read and write
C88000
heap
page read and write
3FE5000
trusted library allocation
page read and write
90B5000
unkown
page read and write
58C0000
unkown
page read and write
F3E3F7E000
stack
page read and write
109A000
heap
page read and write
F5E2000
unkown
page read and write
1E2901E8000
heap
page read and write
1E29228C000
heap
page read and write
1E2901B4000
heap
page read and write
1164B000
unkown
page read and write
401000
unkown
page execute read
26D0000
heap
page read and write
1E2922BA000
heap
page read and write
3430000
heap
page read and write
1E2922F9000
heap
page read and write
470000
heap
page read and write
7FF534D1C000
unkown
page readonly
1294000
trusted library allocation
page read and write
1E2901BF000
heap
page read and write
1E292290000
heap
page read and write
1E2922FA000
heap
page read and write
3D6C000
heap
page read and write
14F0000
unkown
page read and write
14F0000
unkown
page read and write
32B0000
direct allocation
page read and write
72F000
heap
page read and write
4271000
heap
page read and write
269E000
stack
page read and write
417000
unkown
page write copy
1E2901A9000
heap
page read and write
ACF000
stack
page read and write
725000
heap
page read and write
C2C000
heap
page read and write
F656000
unkown
page read and write
402A000
trusted library allocation
page read and write
1E2901D2000
unkown
page read and write
5930000
unkown
page read and write
3480000
unkown
page read and write
1E2901D7000
heap
page read and write
42D2000
trusted library allocation
page read and write
86F000
heap
page read and write
7FF535107000
unkown
page readonly
87E000
stack
page read and write
14D0000
unkown
page read and write
1E292297000
heap
page read and write
7FF534AA6000
unkown
page readonly
1464000
trusted library allocation
page read and write
28F1983C000
heap
page read and write
87E000
stack
page read and write
5340000
unkown
page read and write
7FF534FCF000
unkown
page readonly
14D0000
unkown
page read and write
279F000
stack
page read and write
14F0000
unkown
page read and write
1E290161000
heap
page read and write
851000
heap
page read and write
31B0000
heap
page read and write
7FF534A9E000
unkown
page readonly
7FF534C5D000
unkown
page readonly
115CB000
unkown
page read and write
4315000
trusted library allocation
page read and write
2340000
heap
page read and write
7FF535004000
unkown
page readonly
272F000
stack
page read and write
3310000
heap
page read and write
A70000
heap
page read and write
93A000
heap
page read and write
5930000
unkown
page read and write
4A6000
unkown
page read and write
3F4A000
trusted library allocation
page read and write
5930000
unkown
page read and write
1E292297000
heap
page read and write
1F0000
heap
page read and write
D898000
unkown
page read and write
7FF5350FB000
unkown
page readonly
61ED3000
direct allocation
page read and write
2C7F000
stack
page read and write
33B6000
unkown
page read and write
1E2922F6000
heap
page read and write
5A7F000
stack
page read and write
7CE000
stack
page read and write
193000
stack
page read and write
8E6E000
stack
page read and write
7FF5B1FB2000
unkown
page readonly
7FF5B1F27000
unkown
page readonly
DCC4000
heap
page read and write
9A20000
direct allocation
page read and write
29E0000
heap
page read and write
22BAEE58000
unkown
page read and write
6261000
unkown
page read and write
633A000
unkown
page read and write
3480000
unkown
page read and write
3646000
stack
page read and write
5C70000
unkown
page read and write
7FF5B1F99000
unkown
page readonly
429000
unkown
page write copy
E964000
stack
page read and write
1E2901DA000
heap
page read and write
2F70000
remote allocation
page read and write
4379000
trusted library allocation
page read and write
F5A7000
unkown
page read and write
5930000
unkown
page read and write
7FF535008000
unkown
page readonly
9B5000
unkown
page readonly
1F0000
heap
page read and write
157FF000
stack
page read and write
4028000
trusted library allocation
page read and write
400000
unkown
page readonly
15D0000
unkown
page read and write
1E292261000
heap
page read and write
2E60000
heap
page execute and read and write
14F0000
unkown
page read and write
7235000
unkown
page read and write
1E2922D0000
heap
page read and write
22BAF602000
unkown
page read and write
5930000
unkown
page read and write
400000
unkown
page readonly
14D0000
unkown
page read and write
2DBE000
stack
page read and write
14F0000
unkown
page read and write
19C000
stack
page read and write
3FB5000
trusted library allocation
page read and write
BF7A000
stack
page read and write
1E2922FB000
heap
page read and write
5930000
unkown
page read and write
343A000
heap
page read and write
32B0000
direct allocation
page read and write
7FF53487B000
unkown
page readonly
6EC000
unkown
page readonly
31E1000
heap
page read and write
2790000
heap
page read and write
5930000
unkown
page read and write
8BF000
stack
page read and write
159DC000
stack
page read and write
4370000
heap
page read and write
5930000
unkown
page read and write
32B0000
direct allocation
page read and write
2F70000
remote allocation
page read and write
1E292285000
heap
page read and write
7FF5348F0000
unkown
page readonly
2A3D000
stack
page read and write
666B000
unkown
page read and write
7FFC1B439000
unkown
page readonly
32B0000
direct allocation
page read and write
4D10000
unkown
page read and write
30B0000
remote allocation
page read and write
7FF5B1F45000
unkown
page readonly
1010000
heap
page read and write
9A20000
direct allocation
page read and write
429000
unkown
page read and write
90F000
heap
page read and write
77F000
stack
page read and write
5370000
unkown
page readonly
6EC000
unkown
page readonly
6EC000
unkown
page readonly
7EAC000
unkown
page readonly
1005000
unkown
page readonly
32B0000
direct allocation
page read and write
DDD0000
heap
page read and write
5930000
unkown
page read and write
33DB000
unkown
page read and write
BCF9000
stack
page read and write
58D0000
unkown
page readonly
5930000
unkown
page read and write
724D000
unkown
page read and write
14D0000
remote allocation
page read and write
7FF534DBF000
unkown
page readonly
6EC000
unkown
page readonly
2540000
heap
page read and write
ADE000
stack
page read and write
A0000
unkown
page readonly
31C9000
heap
page read and write
196000
stack
page read and write
7FF534C19000
unkown
page readonly
1E290196000
heap
page read and write
529000
remote allocation
page execute and read and write
1F0000
heap
page read and write
7FF534E6A000
unkown
page readonly
1E292292000
heap
page read and write
8B2000
heap
page read and write
3480000
unkown
page read and write
6F3737F000
stack
page read and write
8F14000
unkown
page read and write
7FF534B3E000
unkown
page readonly
3FD6000
trusted library allocation
page read and write
3F4F000
trusted library allocation
page read and write
61EB7000
direct allocation
page readonly
5930000
unkown
page read and write
431D000
trusted library allocation
page read and write
5840000
heap
page read and write
610000
heap
page read and write
4016000
trusted library allocation
page read and write
42CB000
trusted library allocation
page read and write
7FF534F96000
unkown
page readonly
30000
heap
page read and write
7FF6A7FC1000
unkown
page execute read
988000
heap
page read and write
3230000
heap
page read and write
5850000
unkown
page read and write
490000
heap
page read and write
8BA000
heap
page read and write
1E28FF90000
heap
page read and write
1E2901AA000
heap
page read and write
5930000
unkown
page read and write
31E0000
unclassified section
page read and write
4A6000
unkown
page write copy
925F000
unkown
page read and write
1E2901C9000
heap
page read and write
216C04E8000
heap
page read and write
262E000
stack
page read and write
733000
heap
page read and write
1E2922D3000
heap
page read and write
C83000
heap
page read and write
7FF6A834E000
unkown
page write copy
7FF534B33000
unkown
page readonly
29E0000
heap
page read and write
840000
heap
page read and write
42F0000
trusted library allocation
page read and write
8F2000
heap
page read and write
1E290196000
heap
page read and write
5930000
unkown
page read and write
28F19900000
trusted library allocation
page read and write
9A20000
direct allocation
page read and write
2C0E000
stack
page read and write
1E29224C000
heap
page read and write
983000
heap
page read and write
A09C57F000
stack
page read and write
306C000
stack
page read and write
7FF534BB4000
unkown
page readonly
541E000
stack
page read and write
4271000
heap
page read and write
32B0000
direct allocation
page read and write
1F0000
heap
page read and write
62C6000
unkown
page read and write
7FF534EB3000
unkown
page readonly
32B0000
direct allocation
page read and write
3060000
heap
page read and write
7FF777031000
unkown
page execute read
7FF534D17000
unkown
page readonly
401000
unkown
page execute read
30F0000
trusted library allocation
page read and write
650000
heap
page read and write
400000
unkown
page execute and read and write
7FF534FB4000
unkown
page readonly
2B20000
heap
page read and write
7FF534E77000
unkown
page readonly
7FF5B1FAB000
unkown
page readonly
1E2901DE000
heap
page read and write
338C000
unkown
page read and write
7FF6A7FC1000
unkown
page execute read
14F0000
unkown
page read and write
4022000
trusted library allocation
page read and write
707000
heap
page read and write
8FC000
stack
page read and write
13347000
stack
page read and write
6CD000
heap
page read and write
15F0000
unkown
page readonly
1E29018F000
unkown
page read and write
5130000
unkown
page readonly
9289000
unkown
page read and write
A09C57F000
stack
page read and write
6EC000
unkown
page readonly
32B0000
direct allocation
page read and write
101AA000
stack
page read and write
1E292350000
remote allocation
page read and write
6FE000
stack
page read and write
1E2922C1000
heap
page read and write
E30000
heap
page read and write
5930000
unkown
page read and write
E00000
unkown
page readonly
7DF442331000
unkown
page execute read
9A20000
direct allocation
page read and write
7FF534C34000
unkown
page readonly
1E292293000
heap
page read and write
1E2901A6000
heap
page read and write
7FF535043000
unkown
page readonly
316F000
stack
page read and write
4F0000
heap
page read and write
1E290184000
heap
page read and write
2434000
heap
page execute and read and write
7FF534DB3000
unkown
page readonly
5BFE000
stack
page read and write
F5E8000
unkown
page read and write
429000
unkown
page write copy
401000
unkown
page execute read
9A20000
direct allocation
page read and write
434C000
trusted library allocation
page read and write
2CBE000
stack
page read and write
419000
unkown
page write copy
1840000
heap
page read and write
939000
heap
page read and write
5930000
unkown
page read and write
216C04E0000
heap
page read and write
3480000
unkown
page read and write
3480000
unkown
page read and write
3FEB000
trusted library allocation
page read and write
42D4000
trusted library allocation
page read and write
7FF534B41000
unkown
page readonly
2E30000
remote allocation
page read and write
7FF535072000
unkown
page readonly
7FF5B1F53000
unkown
page readonly
32BA000
stack
page read and write
61ED0000
direct allocation
page read and write
1340000
heap
page read and write
3BE0000
heap
page read and write
19E000
stack
page read and write
735000
heap
page read and write
C6E000
heap
page read and write
810000
direct allocation
page read and write
28F19A02000
heap
page read and write
14D0000
unkown
page read and write
34B0000
unkown
page read and write
3480000
unkown
page read and write
28F19B13000
heap
page read and write
3221000
heap
page read and write
12B0000
unkown
page readonly
711000
heap
page read and write
1E2922E0000
heap
page read and write
2D80000
remote allocation
page read and write
55FD000
stack
page read and write
6A2000
heap
page read and write
196000
stack
page read and write
6770000
unkown
page read and write
14D0000
unkown
page read and write
7C15000
heap
page read and write
3FCB000
trusted library allocation
page read and write
28F19839000
heap
page read and write
22BAEC90000
heap
page read and write
1E2922E5000
heap
page read and write
15ADE000
stack
page read and write
5880000
unkown
page read and write
5930000
unkown
page read and write
1E2922E5000
heap
page read and write
3340000
heap
page read and write
276E000
stack
page read and write
196000
stack
page read and write
4A6000
unkown
page write copy
2FAB000
stack
page read and write
5930000
unkown
page read and write
563E000
stack
page read and write
32B0000
direct allocation
page read and write
32B0000
direct allocation
page read and write
55C000
stack
page read and write
7FF6A837C000
unkown
page readonly
7FF5349CF000
unkown
page readonly
7FF534E9B000
unkown
page readonly
7FF534D12000
unkown
page readonly
1E292381000
heap
page read and write
A00000
heap
page read and write
401000
unkown
page execute read
7FF5B2018000
unkown
page readonly
272E000
stack
page read and write
5930000
unkown
page read and write
6AF000
heap
page read and write
38A0000
unkown
page read and write
2B3A000
stack
page read and write
1E2901E8000
heap
page read and write
8F0C000
unkown
page read and write
838000
heap
page read and write
14F0000
unkown
page read and write
12D0000
trusted library allocation
page read and write
72D000
heap
page read and write
286F000
stack
page read and write
5930000
unkown
page read and write
1E2901D2000
heap
page read and write
12BB000
trusted library allocation
page execute and read and write
2ACE000
stack
page read and write
5930000
unkown
page read and write
7F3C000
unkown
page readonly
2A1F000
stack
page read and write
F86F000
unkown
page read and write
58C0000
unkown
page read and write
88D000
heap
page read and write
1E292293000
heap
page read and write
4331000
trusted library allocation
page read and write
D312000
unkown
page read and write
500A000
stack
page read and write
3F03000
trusted library allocation
page read and write
D881000
unkown
page read and write
7FF535114000
unkown
page readonly
52B000
remote allocation
page execute and read and write
A09C47C000
stack
page read and write
720000
heap
page read and write
4D50000
unkown
page read and write
4B10000
unkown
page read and write
62E5000
unkown
page read and write
F5D0000
unkown
page read and write
F49C000
unkown
page read and write
9A20000
direct allocation
page read and write
2EFA000
heap
page read and write
5930000
unkown
page read and write
3350000
unkown
page read and write
28F19B02000
heap
page read and write
A3F000
stack
page read and write
34B0000
unkown
page read and write
1E2900F0000
unkown
page read and write
7FF5B1F3F000
unkown
page readonly
7C0000
direct allocation
page execute and read and write
F644000
unkown
page read and write
7F9C000
unkown
page readonly
2400000
direct allocation
page read and write
80E000
stack
page read and write
1E29019B000
heap
page read and write
42F4000
trusted library allocation
page read and write
401000
unkown
page execute read
F31B000
unkown
page read and write
6BC000
stack
page read and write
B979000
stack
page read and write
4384000
trusted library allocation
page read and write
401000
unkown
page execute read
7FF534932000
unkown
page readonly
4A6000
unkown
page write copy
1E2901DE000
heap
page read and write
67E000
stack
page read and write
2F31000
heap
page read and write
14F0000
unkown
page read and write
333E000
stack
page read and write
14D0000
unkown
page read and write
3480000
unkown
page read and write
1E290199000
unkown
page read and write
3200000
heap
page read and write
1E292297000
heap
page read and write
32B0000
direct allocation
page read and write
645000
heap
page read and write
3570000
heap
page read and write
32B0000
direct allocation
page read and write
7FF534EE2000
unkown
page readonly
193000
stack
page read and write
5930000
unkown
page read and write
1445000
heap
page read and write
2A5D000
stack
page read and write
5C70000
unkown
page read and write
8D0000
heap
page read and write
32B0000
direct allocation
page read and write
5850000
unkown
page read and write
3F95000
trusted library allocation
page read and write
5930000
unkown
page read and write
183A000
trusted library allocation
page read and write
3370000
heap
page read and write
8ED000
heap
page read and write
1E2922E9000
heap
page read and write
820000
heap
page read and write
14D0000
unkown
page read and write
1079000
heap
page read and write
55B6000
stack
page read and write
1E2901E8000
heap
page read and write
4348000
trusted library allocation
page read and write
8AC000
heap
page read and write
3FCE000
trusted library allocation
page read and write
30000
heap
page read and write
2730000
heap
page read and write
9C000
stack
page read and write
1E292287000
heap
page read and write
2ED0000
heap
page read and write
131E000
stack
page read and write
3480000
unkown
page read and write
1E2901E8000
heap
page read and write
713B000
unkown
page read and write
22BAEE5E000
unkown
page read and write
6F3727F000
stack
page read and write
5820000
unkown
page read and write
222E000
stack
page read and write
4385000
heap
page read and write
7FF534E57000
unkown
page readonly
FF0000
unkown
page readonly
1425000
heap
page read and write
8F28000
unkown
page read and write
1E292290000
heap
page read and write
2B7E000
stack
page read and write
1E291A70000
direct allocation
page read and write
1E2901C9000
heap
page read and write
F661000
unkown
page read and write
2BCE000
stack
page read and write
3890000
unkown
page readonly
DDCD000
heap
page read and write
6CE000
stack
page read and write
400000
unkown
page readonly
14F0000
unkown
page read and write
7FF534EE6000
unkown
page readonly
429000
unkown
page read and write
720000
heap
page read and write
32B0000
direct allocation
page read and write
22BAEE13000
unkown
page read and write
F759000
unkown
page read and write
4BC0000
unkown
page readonly
5930000
unkown
page read and write
F6A0000
unkown
page read and write
5930000
unkown
page read and write
400000
unkown
page readonly
1E290196000
heap
page read and write
9A20000
direct allocation
page read and write
890000
heap
page read and write
8F10000
unkown
page read and write
1E29229E000
heap
page read and write
760000
heap
page read and write
6A0000
heap
page read and write
2970000
heap
page read and write
5930000
unkown
page read and write
EB10000
unkown
page read and write
5930000
unkown
page read and write
7F8E000
unkown
page readonly
1E2922C1000
heap
page read and write
61ED4000
direct allocation
page readonly
14D0000
unkown
page read and write
7FF534CAE000
unkown
page readonly
289F000
stack
page read and write
80D000
heap
page read and write
7FA3000
unkown
page readonly
DEBD000
heap
page read and write
374E000
stack
page read and write
14D0000
unkown
page read and write
597E000
stack
page read and write
27BF000
stack
page read and write
409000
unkown
page execute read
14D0000
unkown
page read and write
7FF5B1CAD000
unkown
page readonly
5930000
unkown
page read and write
24F0000
heap
page read and write
2DFD000
stack
page read and write
7FF534B6A000
unkown
page readonly
9A20000
direct allocation
page read and write
28F19828000
heap
page read and write
450000
unkown
page read and write
1E2922B0000
heap
page read and write
81E000
stack
page read and write
33EE000
unkown
page read and write
2C7E000
stack
page read and write
66F000
unkown
page readonly
14D0000
unkown
page read and write
964000
heap
page read and write
19C000
stack
page read and write
3E71000
trusted library allocation
page read and write
5930000
unkown
page read and write
7FF5B1F57000
unkown
page readonly
6EC000
unkown
page readonly
32B0000
direct allocation
page read and write
529000
remote allocation
page execute and read and write
4007000
trusted library allocation
page read and write
2E3E000
stack
page read and write
7FF6A7FCC000
unkown
page write copy
3FF5000
trusted library allocation
page read and write
2EEF000
stack
page read and write
1E2922D3000
heap
page read and write
3480000
unkown
page read and write
5930000
unkown
page read and write
4BB0000
unkown
page readonly
402F000
trusted library allocation
page read and write
7FF535017000
unkown
page readonly
52F0000
unkown
page write copy
1E2901F0000
heap
page read and write
32B0000
direct allocation
page read and write
2260000
heap
page read and write
7FF5B2011000
unkown
page readonly
52B000
remote allocation
page execute and read and write
156E1000
stack
page read and write
2480000
heap
page read and write
C85000
heap
page read and write
57B0000
unkown
page read and write
2B9E000
stack
page read and write
19C000
stack
page read and write
1E290158000
heap
page read and write
60000
unkown
page readonly
7FF534B43000
unkown
page readonly
B50000
heap
page read and write
1E2901D2000
heap
page read and write
1E2901E8000
heap
page read and write
1380000
heap
page read and write
2D80000
remote allocation
page read and write
22BAEE24000
unkown
page read and write
2CE0000
remote allocation
page read and write
7FF534FEB000
unkown
page readonly
4271000
heap
page read and write
9FF000
stack
page read and write
14F0000
unkown
page read and write
9A20000
direct allocation
page read and write
14D0000
unkown
page read and write
7FF534FFE000
unkown
page readonly
30000
heap
page read and write
32B0000
direct allocation
page read and write
1E2922D3000
heap
page read and write
721D000
unkown
page read and write
2E7C000
trusted library allocation
page read and write
1E290184000
heap
page read and write
7FF534FBE000
unkown
page readonly
5930000
unkown
page read and write
34B0000
unkown
page read and write
1E2900D0000
heap
page read and write
28F19B02000
heap
page read and write
30000
heap
page read and write
28F19B13000
heap
page read and write
4294000
trusted library allocation
page read and write
8D67000
stack
page read and write
B4BB000
stack
page read and write
3BEA000
heap
page read and write
1290000
trusted library allocation
page read and write
3E75000
trusted library allocation
page read and write
401000
unkown
page execute read
58C0000
unkown
page read and write
436D000
trusted library allocation
page read and write
1E2922BD000
heap
page read and write
42D6000
trusted library allocation
page read and write
5930000
unkown
page read and write
5C70000
unkown
page read and write
1590000
unkown
page readonly
8C5000
heap
page read and write
5C70000
unkown
page read and write
680000
heap
page read and write
1980000
unkown
page readonly
216C2230000
heap
page read and write
AEF327A000
stack
page read and write
4B00000
unkown
page read and write
3310000
heap
page read and write
7FF534FD2000
unkown
page readonly
1E292297000
heap
page read and write
32B0000
direct allocation
page read and write
3FAB000
trusted library allocation
page read and write
2C7B000
stack
page read and write
21EE000
stack
page read and write
3FBF000
trusted library allocation
page read and write
1E2901E8000
heap
page read and write
70E000
heap
page read and write
7FF6A7FCC000
unkown
page write copy
402C000
trusted library allocation
page read and write
8AE000
stack
page read and write
5850000
unkown
page read and write
1F0000
heap
page read and write
400000
unkown
page readonly
AFF000
stack
page read and write
8F31000
unkown
page read and write
7FFC1B557000
unkown
page readonly
B57E000
stack
page read and write
9B000
unkown
page write copy
647000
heap
page read and write
33B0000
heap
page read and write
29FF000
stack
page read and write
5930000
unkown
page read and write
7FFC1B4E3000
unkown
page read and write
35CA000
heap
page read and write
9A20000
direct allocation
page read and write
9A20000
direct allocation
page read and write
640000
heap
page read and write
3F72000
trusted library allocation
page read and write
1E292290000
heap
page read and write
DCD0000
heap
page read and write
28F19B02000
heap
page read and write
A30000
heap
page read and write
680000
heap
page read and write
5930000
unkown
page read and write
5D3E000
stack
page read and write
102A7000
stack
page read and write
1E2901A9000
heap
page read and write
1E2922EB000
heap
page read and write
1E2922BD000
heap
page read and write
510F000
unkown
page read and write
33BE000
stack
page read and write
7FF5349C6000
unkown
page readonly
193000
stack
page read and write
1E292287000
heap
page read and write
647000
heap
page read and write
438C000
heap
page read and write
7FF5B1CAD000
unkown
page readonly
2C7E000
stack
page read and write
1290000
unkown
page read and write
2F70000
remote allocation
page read and write
5930000
unkown
page read and write
31CA000
stack
page read and write
764000
heap
page read and write
1F0000
heap
page read and write
5291000
unkown
page read and write
32B0000
direct allocation
page read and write
8574000
unkown
page read and write
9A20000
direct allocation
page read and write
DCC6000
heap
page read and write
7FF535086000
unkown
page readonly
7FF534DE7000
unkown
page readonly
3390000
unkown
page read and write
1E2901BE000
heap
page read and write
7FF534B59000
unkown
page readonly
1E2901D6000
heap
page read and write
4D50000
unkown
page read and write
BAFD000
stack
page read and write
4382000
heap
page read and write
852000
heap
page read and write
1E292290000
heap
page read and write
3FEE000
trusted library allocation
page read and write
9A20000
direct allocation
page read and write
28F19B02000
heap
page read and write
45E000
stack
page read and write
3F51000
trusted library allocation
page read and write
2F53000
heap
page read and write
154DE000
stack
page read and write
635000
heap
page read and write
8E0000
heap
page read and write
14F0000
unkown
page read and write
66F000
unkown
page readonly
ABE000
stack
page read and write
F4FB000
unkown
page read and write
1354B000
stack
page read and write
14D0000
unkown
page read and write
33E0000
heap
page read and write
529000
remote allocation
page execute and read and write
5930000
unkown
page read and write
8F33000
unkown
page read and write
72A000
heap
page read and write
3480000
unkown
page read and write
AE8000
heap
page read and write
2E30000
heap
page read and write
F5DA000
unkown
page read and write
33FF000
stack
page read and write
523C000
stack
page read and write
9B0000
heap
page read and write
7FF534BA6000
unkown
page readonly
697000
heap
page read and write
1E2901BE000
heap
page read and write
4D50000
unkown
page read and write
4382000
trusted library allocation
page read and write
780000
heap
page read and write
77B0000
unkown
page readonly
432D000
trusted library allocation
page read and write
C100000
unkown
page read and write
91000
unkown
page readonly
14F0000
unkown
page read and write
1E2922D0000
heap
page read and write
52B9000
unkown
page read and write
28F19B02000
heap
page read and write
BB78000
stack
page read and write
C2A000
heap
page read and write
92DD000
unkown
page read and write
90C000
heap
page read and write
5930000
unkown
page read and write
32B0000
direct allocation
page read and write
2B7E000
stack
page read and write
1E29224F000
heap
page read and write
30CE000
stack
page read and write
2F70000
heap
page read and write
23B3000
heap
page execute and read and write
6CC000
unkown
page readonly
29CF000
stack
page read and write
5930000
unkown
page read and write
7FF534D2D000
unkown
page readonly
401000
unkown
page execute read
5930000
unkown
page read and write
432A000
trusted library allocation
page read and write
3070000
heap
page read and write
7AE000
stack
page read and write
5930000
unkown
page read and write
3480000
unkown
page read and write
9B0000
unkown
page readonly
B879000
stack
page read and write
14F0000
unkown
page read and write
1384E000
stack
page read and write
3F45000
trusted library allocation
page read and write
7FF6A834A000
unkown
page readonly
30000
heap
page read and write
5CE000
stack
page read and write
4049000
trusted library allocation
page read and write
429000
unkown
page read and write
2CD0000
trusted library allocation
page execute and read and write
2E8F000
stack
page read and write
1460000
trusted library allocation
page read and write
2E71000
trusted library allocation
page read and write
31BC000
stack
page read and write
1E2901C9000
heap
page read and write
9B3000
unkown
page readonly
3F81000
trusted library allocation
page read and write
51A000
remote allocation
page execute and read and write
4A6000
unkown
page write copy
4D50000
unkown
page read and write
4346000
trusted library allocation
page read and write
D6F0000
unkown
page read and write
14F0000
unkown
page read and write
228A000
heap
page execute and read and write
5930000
unkown
page read and write
401000
unkown
page execute read
F751000
unkown
page read and write
4A6000
unkown
page read and write
7FF534FE4000
unkown
page readonly
90D8000
unkown
page read and write
7FF534C0F000
unkown
page readonly
5720000
unkown
page read and write
5930000
unkown
page read and write
58C0000
unkown
page read and write
1E2900FB000
unkown
page read and write
28F19902000
trusted library allocation
page read and write
6EC000
unkown
page readonly
5E5000
heap
page read and write
193000
stack
page read and write
1E2901AE000
heap
page read and write
66F000
unkown
page readonly
1E2922F9000
heap
page read and write
E40C000
stack
page read and write
1E2922FB000
heap
page read and write
1E29229B000
heap
page read and write
344B000
unkown
page read and write
880000
heap
page read and write
14F0000
unkown
page read and write
7F8000
heap
page execute and read and write
5E5000
heap
page read and write
91D8000
unkown
page read and write
1E29228C000
heap
page read and write
2F71000
heap
page read and write
14D0000
unkown
page read and write
7FF777097000
unkown
page write copy
11603000
unkown
page read and write
2B0F000
stack
page read and write
32B0000
direct allocation
page read and write
30000
heap
page read and write
1E2922F6000
heap
page read and write
37A0000
heap
page read and write
529000
remote allocation
page execute and read and write
437B000
trusted library allocation
page read and write
42B3000
trusted library allocation
page read and write
28F19B13000
heap
page read and write
7FFC1B4ED000
unkown
page write copy
1E2901D6000
heap
page read and write
157DE000
stack
page read and write
7D0000
direct allocation
page read and write
E87C000
heap
page read and write
10AF000
heap
page read and write
E3B000
unkown
page write copy
7FF534F32000
unkown
page readonly
5930000
unkown
page read and write
2B8F000
stack
page read and write
332E000
stack
page read and write
35C8000
stack
page read and write
680000
heap
page read and write
DCBF000
heap
page read and write
7FF534B7D000
unkown
page readonly
9A20000
direct allocation
page read and write
28F19915000
trusted library allocation
page read and write
7FF5348E4000
unkown
page readonly
5C70000
unkown
page read and write
216C0450000
heap
page read and write
62B000
heap
page read and write
14F0000
unkown
page read and write
1E29227E000
heap
page read and write
5930000
unkown
page read and write
346E000
stack
page read and write
57B0000
unkown
page read and write
2C0A000
stack
page read and write
8E0000
heap
page read and write
1001000
unkown
page execute read
5930000
unkown
page read and write
17D000
stack
page read and write
8C1000
heap
page read and write
7FF534D23000
unkown
page readonly
7FF777030000
unkown
page readonly
4A6000
unkown
page write copy
4304000
trusted library allocation
page read and write
9A20000
direct allocation
page read and write
2620000
heap
page read and write
1280000
unkown
page readonly
8E1000
heap
page read and write
1E2901C4000
heap
page read and write
1E2901D2000
heap
page read and write
14D0000
unkown
page read and write
28F19B13000
heap
page read and write
A0000
unkown
page readonly
7FF534CD0000
unkown
page readonly
982000
heap
page read and write
8C5000
heap
page read and write
22BAF000000
unkown
page readonly
5930000
unkown
page read and write
8C4000
heap
page read and write
1E29228F000
heap
page read and write
78E000
stack
page read and write
28F19887000
heap
page read and write
14F0000
unkown
page read and write
6EC000
unkown
page readonly
3F8A000
trusted library allocation
page read and write
780000
heap
page read and write
4047000
trusted library allocation
page read and write
1E2901DB000
heap
page read and write
830000
heap
page read and write
6B0000
heap
page read and write
1E2901AC000
heap
page read and write
22BAF460000
unkown
page read and write
2DF0000
trusted library allocation
page read and write
7FF5B1FB2000
unkown
page readonly
52B000
remote allocation
page execute and read and write
6BB000
heap
page read and write
401000
unkown
page execute read
4372000
trusted library allocation
page read and write
9A20000
direct allocation
page read and write
5930000
unkown
page read and write
31B9000
heap
page read and write
738000
heap
page execute and read and write
8C2000
heap
page read and write
429000
unkown
page write copy
4F88000
stack
page read and write
7FF534DAB000
unkown
page readonly
4386000
trusted library allocation
page read and write
8A5000
heap
page read and write
1E290158000
direct allocation
page read and write
5BE5000
stack
page read and write
3FB3000
trusted library allocation
page read and write
1E29229B000
heap
page read and write
BDA000
heap
page read and write
1E2922B9000
heap
page read and write
D87F000
unkown
page read and write
1E2901A1000
heap
page read and write
4D50000
unkown
page read and write
1F0000
heap
page read and write
2DDF000
stack
page read and write
22BAEF02000
unkown
page read and write
1E292287000
heap
page read and write
9C000
stack
page read and write
2F70000
heap
page read and write
5930000
unkown
page read and write
A37000
heap
page read and write
5930000
unkown
page read and write
C20000
heap
page read and write
6B1000
heap
page read and write
14D0000
unkown
page read and write
7FF777094000
unkown
page write copy
1E2901D6000
heap
page read and write
7FF534DCF000
unkown
page readonly
ECF000
stack
page read and write
1830000
trusted library allocation
page read and write
1E2922FE000
heap
page read and write
4D50000
unkown
page read and write
6EC000
unkown
page readonly
1E290184000
heap
page read and write
1E292251000
heap
page read and write
28F19B02000
heap
page read and write
778000
heap
page read and write
1F0000
heap
page read and write
1E29228F000
heap
page read and write
5720000
heap
page execute and read and write
1E292292000
heap
page read and write
8CC000
heap
page read and write
39AE000
stack
page read and write
7EE3000
unkown
page readonly
36D0000
unkown
page readonly
4A6000
unkown
page read and write
400000
unkown
page execute and read and write
400000
unkown
page readonly
1E2922E4000
heap
page read and write
2C9E000
stack
page read and write
5987000
unkown
page read and write
4026000
trusted library allocation
page read and write
79E000
stack
page read and write
3FB9000
trusted library allocation
page read and write
1E290184000
heap
page read and write
14D0000
unkown
page read and write
9D000
stack
page read and write
7EFE000
unkown
page readonly
2E00000
trusted library allocation
page read and write
9B1000
unkown
page execute read
987000
heap
page read and write
35C0000
heap
page read and write
7FF5B1F65000
unkown
page readonly
7FF534880000
unkown
page readonly
401D000
trusted library allocation
page read and write
3F9B000
trusted library allocation
page read and write
7FF534C80000
unkown
page readonly
5930000
unkown
page read and write
DDB0000
heap
page read and write
9C000
stack
page read and write
2F70000
remote allocation
page read and write
7FF534F17000
unkown
page readonly
7FFC1B350000
unkown
page readonly
1E2901B4000
heap
page read and write
1E2901AE000
heap
page read and write
5930000
unkown
page read and write
7FF53505E000
unkown
page readonly
28F19B02000
heap
page read and write
57B0000
unkown
page read and write
400000
unkown
page readonly
5C70000
unkown
page read and write
7FF534C78000
unkown
page readonly
A3E000
stack
page read and write
66F000
unkown
page readonly
216C1EE0000
heap
page read and write
7CCF000
unkown
page readonly
400000
unkown
page readonly
529000
remote allocation
page execute and read and write
9FF000
stack
page read and write
3FDA000
trusted library allocation
page read and write
32B0000
direct allocation
page read and write
5740000
unkown
page read and write
7166000
unkown
page read and write
2F1F000
stack
page read and write
1E2901DA000
heap
page read and write
15C0000
unkown
page readonly
1E29016F000
unkown
page read and write
1E2901A1000
heap
page read and write
90D6000
unkown
page read and write
28F195B0000
trusted library allocation
page read and write
400000
unkown
page readonly
27DE000
stack
page read and write
6A4000
heap
page read and write
52E0000
unkown
page readonly
216C0505000
heap
page read and write
5C70000
unkown
page read and write
34F0000
heap
page read and write
1E2901A9000
heap
page read and write
7FFC1B4EA000
unkown
page read and write
32B0000
direct allocation
page read and write
28F19A00000
heap
page read and write
838000
heap
page execute and read and write
6EC000
unkown
page readonly
2E1E000
stack
page read and write
1E290196000
unkown
page read and write
C6E000
heap
page read and write
1E2901AE000
heap
page read and write
3480000
unkown
page read and write
4020000
trusted library allocation
page read and write
5930000
unkown
page read and write
773000
heap
page read and write
2DFA000
trusted library allocation
page read and write
1E292285000
heap
page read and write
FFE000
stack
page read and write
9D000
stack
page read and write
7FF777095000
unkown
page read and write
5930000
unkown
page read and write
F1C000
stack
page read and write
2B5A000
stack
page read and write
409000
unkown
page execute read
91C000
heap
page read and write
99F000
stack
page read and write
8F42000
unkown
page read and write
529000
remote allocation
page execute and read and write
14F0000
unkown
page read and write
856F000
unkown
page read and write
8581000
unkown
page read and write
28BF000
stack
page read and write
2CE0000
heap
page read and write
2F30000
heap
page read and write
1490000
unkown
page read and write
A09C27C000
stack
page read and write
1E2922E4000
heap
page read and write
B5A000
heap
page read and write
1E292287000
heap
page read and write
3F7A000
trusted library allocation
page read and write
19D000
stack
page read and write
7FB9000
unkown
page readonly
14D0000
unkown
page read and write
799000
stack
page read and write
7FF5B2018000
unkown
page readonly
1E2922F6000
heap
page read and write
7001000
unkown
page read and write
7FF535101000
unkown
page readonly
8FA000
heap
page read and write
6327000
unkown
page read and write
1300000
unkown
page read and write
3FB1000
trusted library allocation
page read and write
739000
heap
page read and write
7C61000
unkown
page readonly
1E2901DA000
heap
page read and write
7FF534C21000
unkown
page readonly
6238000
unkown
page read and write
1E2901D3000
heap
page read and write
1E290161000
unkown
page read and write
1E2922D0000
heap
page read and write
280D000
stack
page read and write
630000
heap
page read and write
F367000
unkown
page read and write
5850000
unkown
page read and write
7FF534D9D000
unkown
page readonly
400000
unkown
page readonly
4343000
trusted library allocation
page read and write
A5E000
stack
page read and write
3F8F000
trusted library allocation
page read and write
77DE000
unkown
page readonly
30DD000
heap
page read and write
DCCD000
heap
page read and write
DDD0000
heap
page read and write
36CA000
stack
page read and write
3FD8000
trusted library allocation
page read and write
1E29227D000
heap
page read and write
7227000
unkown
page read and write
7FF5B1FA5000
unkown
page readonly
1E29227D000
heap
page read and write
3120000
trusted library allocation
page read and write
3F8D000
trusted library allocation
page read and write
1E29229E000
heap
page read and write
1F0000
heap
page read and write
3860000
unkown
page read and write
6EC000
unkown
page readonly
30B1000
heap
page read and write
1E2922BA000
heap
page read and write
1E29227D000
heap
page read and write
2C80000
heap
page read and write
3371000
unkown
page read and write
7FF534E7E000
unkown
page readonly
4041000
trusted library allocation
page read and write
400000
unkown
page readonly
1E2901E8000
heap
page read and write
28F19B16000
heap
page read and write
6EC000
unkown
page readonly
1E2922F6000
heap
page read and write
28F1984B000
heap
page read and write
77F000
heap
page read and write
7FF535074000
unkown
page readonly
733000
heap
page read and write
32B0000
direct allocation
page read and write
7FF534C1D000
unkown
page readonly
77E2000
unkown
page readonly
7FF5B2027000
unkown
page readonly
7133000
unkown
page read and write
26D0000
heap
page read and write
32B0000
direct allocation
page read and write
4045000
trusted library allocation
page read and write
14F0000
unkown
page read and write
98F000
stack
page read and write
9A20000
direct allocation
page read and write
1E292249000
heap
page read and write
2C7F000
stack
page read and write
360E000
stack
page read and write
1E2901E8000
heap
page read and write
F74B000
unkown
page read and write
14D0000
unkown
page read and write
71BA000
unkown
page read and write
401000
unkown
page execute read
3070000
heap
page read and write
C52000
heap
page read and write
26D1000
heap
page read and write
5930000
unkown
page read and write
93B3000
unkown
page read and write
7FF6A7FC0000
unkown
page readonly
158DB000
stack
page read and write
DFCD000
heap
page read and write
1E2922D6000
heap
page read and write
32B0000
direct allocation
page read and write
5930000
unkown
page read and write
7FF5B1ECE000
unkown
page readonly
3FF7000
trusted library allocation
page read and write
1F0000
heap
page read and write
4C00000
unkown
page readonly
E31000
unkown
page readonly
9A20000
direct allocation
page read and write
1E2922BD000
heap
page read and write
4A6000
unkown
page write copy
1E2901E8000
heap
page read and write
7FF5349D2000
unkown
page readonly
401000
unkown
page execute read
91000
unkown
page readonly
33E8000
unkown
page read and write
429000
unkown
page read and write
438A000
trusted library allocation
page read and write
7FF534F73000
unkown
page readonly
720000
heap
page read and write
464000
remote allocation
page execute and read and write
3250000
heap
page read and write
7FFC1B4F3000
unkown
page readonly
7FF5B1FA2000
unkown
page readonly
28F1984B000
unkown
page read and write
6EC000
unkown
page readonly
1E29229E000
heap
page read and write
32B0000
direct allocation
page read and write
5930000
unkown
page read and write
5930000
unkown
page read and write
22BAEE24000
unkown
page read and write
1E292290000
heap
page read and write
F71F000
unkown
page read and write
3480000
unkown
page read and write
7FF5350AF000
unkown
page readonly
336F000
stack
page read and write
7FF535029000
unkown
page readonly
1E292275000
heap
page read and write
6EE000
stack
page read and write
1E29229B000
heap
page read and write
22BAECA0000
heap
page read and write
4306000
trusted library allocation
page read and write
1E2922DE000
heap
page read and write
14D0000
unkown
page read and write
1F0000
heap
page read and write
1E2901D2000
heap
page read and write
1E2901D7000
heap
page read and write
7FF535024000
unkown
page readonly
9A20000
direct allocation
page read and write
F5FD000
unkown
page read and write
8CB000
heap
page read and write
1E2901DA000
heap
page read and write
5930000
unkown
page read and write
7FF534C60000
unkown
page readonly
2780000
heap
page read and write
2CE0000
remote allocation
page read and write
14D0000
unkown
page read and write
14D0000
unkown
page read and write
7FF534F52000
unkown
page readonly
61F0000
unkown
page read and write
90D000
heap
page read and write
B2F000
stack
page read and write
5930000
unkown
page read and write
57B0000
unkown
page read and write
7FF5B1F53000
unkown
page readonly
3FDC000
trusted library allocation
page read and write
2F71000
heap
page read and write
291E000
stack
page read and write
7B0000
heap
page read and write
F621000
unkown
page read and write
2DDF000
stack
page read and write
1344A000
stack
page read and write
4E8A000
stack
page read and write
1E2901A6000
unkown
page read and write
6A1000
heap
page read and write
9B4000
unkown
page read and write
A7E000
stack
page read and write
1E2901C4000
heap
page read and write
32B0000
direct allocation
page read and write
90F000
heap
page read and write
7FF534DFB000
unkown
page readonly
58C0000
unkown
page read and write
2B3A000
stack
page read and write
1E29229C000
heap
page read and write
7FF534EDE000
unkown
page readonly
2F3E000
heap
page read and write
3085000
heap
page read and write
7FF534872000
unkown
page readonly
24E0000
heap
page read and write
7FF534C67000
unkown
page readonly
7FF6A8351000
unkown
page write copy
620000
heap
page read and write
7FF5B1F61000
unkown
page readonly
1665C000
stack
page read and write
3F76000
trusted library allocation
page read and write
7FF534875000
unkown
page readonly
1E2922D3000
heap
page read and write
6FEB000
stack
page read and write
5930000
unkown
page read and write
1E29227F000
heap
page read and write
1E2901E8000
heap
page read and write
AAF000
stack
page read and write
1E292297000
heap
page read and write
61ECC000
direct allocation
page read and write
28FE000
stack
page read and write
7FF534BD4000
unkown
page readonly
70E000
stack
page read and write
2400000
heap
page read and write
5930000
unkown
page read and write
14F0000
unkown
page read and write
4A6000
unkown
page write copy
7BE000
stack
page read and write
B3AF000
stack
page read and write
29DF000
stack
page read and write
32B0000
direct allocation
page read and write
1E2901A6000
heap
page read and write
1E2922F9000
heap
page read and write
1F0000
heap
page read and write
2CEF000
stack
page read and write
32B0000
direct allocation
page read and write
32B0000
direct allocation
page read and write
1E292241000
heap
page read and write
5340000
unkown
page read and write
29CF000
stack
page read and write
14D0000
unkown
page read and write
1E292230000
direct allocation
page execute and read and write
31C4000
heap
page read and write
401000
unkown
page execute read
7FF535090000
unkown
page readonly
77B000
heap
page read and write
66A0000
unkown
page readonly
105E000
stack
page read and write
9201000
unkown
page read and write
2CE0000
remote allocation
page read and write
4352000
trusted library allocation
page read and write
920F000
unkown
page read and write
401000
unkown
page execute read
334A000
heap
page read and write
4271000
heap
page read and write
403A000
trusted library allocation
page read and write
5590000
heap
page read and write
1E29229B000
heap
page read and write
3FC7000
trusted library allocation
page read and write
4A6000
unkown
page write copy
F5E4000
unkown
page read and write
5296000
unkown
page read and write
1070000
heap
page read and write
7FF534DF4000
unkown
page readonly
5930000
unkown
page read and write
1E290184000
heap
page read and write
4E08000
stack
page read and write
2F31000
heap
page read and write
7F65000
unkown
page readonly
2345000
heap
page read and write
7FF5B1F99000
unkown
page readonly
7FF535019000
unkown
page readonly
1480000
trusted library allocation
page read and write
400000
unkown
page readonly
14D0000
remote allocation
page read and write
14F0000
unkown
page read and write
3860000
unkown
page read and write
A1F000
stack
page read and write
1E2922D0000
heap
page read and write
5930000
unkown
page read and write
2401000
heap
page read and write
E3B000
unkown
page read and write
4B43000
unkown
page read and write
57B0000
unkown
page read and write
32B0000
direct allocation
page read and write
28DE000
stack
page read and write
9C000
stack
page read and write
5F0000
heap
page read and write
3FC9000
trusted library allocation
page read and write
3F48000
trusted library allocation
page read and write
9A20000
direct allocation
page read and write
3480000
unkown
page read and write
1E290161000
direct allocation
page read and write
343C000
stack
page read and write
7FF534EE9000
unkown
page readonly
2DBB000
stack
page read and write
632A000
unkown
page read and write
F8C8000
unkown
page read and write
30000
heap
page read and write
5340000
unkown
page read and write
417000
unkown
page read and write
1E290184000
heap
page read and write
6325000
unkown
page read and write
5930000
unkown
page read and write
7FF51EC9E000
unkown
page readonly
712D000
unkown
page read and write
7ED5000
unkown
page readonly
401B000
trusted library allocation
page read and write
5930000
unkown
page read and write
828000
heap
page read and write
591F000
unkown
page read and write
28F19800000
unkown
page read and write
5930000
unkown
page read and write
16A0000
heap
page read and write
400000
unkown
page readonly
1E29228F000
heap
page read and write
2610000
heap
page read and write
B00000
heap
page read and write
1E2922E5000
heap
page read and write
AEF357F000
stack
page read and write
400000
unkown
page readonly
F5EC000
unkown
page read and write
262F000
stack
page read and write
1E290199000
heap
page read and write
32B0000
direct allocation
page read and write
DDCE000
heap
page read and write
100A8000
stack
page read and write
1E2922E4000
heap
page read and write
1E292285000
heap
page read and write
9A20000
direct allocation
page read and write
5930000
unkown
page read and write
7FFC1B54F000
unkown
page readonly
5930000
unkown
page read and write
5930000
unkown
page read and write
28F19B13000
heap
page read and write
628B000
unkown
page read and write
7FF534BC0000
unkown
page readonly
4389000
heap
page read and write
7FF5B1FA2000
unkown
page readonly
4377000
trusted library allocation
page read and write
2E30000
remote allocation
page read and write
1E2901AE000
heap
page read and write
7FF534E4E000
unkown
page readonly
5930000
unkown
page read and write
D867000
unkown
page read and write
F834000
unkown
page read and write
1E2901E9000
heap
page read and write
14B6000
heap
page read and write
1E291FA0000
direct allocation
page execute and read and write
34A2000
unkown
page read and write
430F000
trusted library allocation
page read and write
30000
heap
page read and write
5950000
unkown
page read and write
64E000
stack
page read and write
4336000
trusted library allocation
page read and write
1F0000
heap
page read and write
14F0000
unkown
page read and write
1E292289000
heap
page read and write
85F000
stack
page read and write
FCAD000
stack
page read and write
77DB000
unkown
page readonly
1E2901D3000
heap
page read and write
F5EE000
unkown
page read and write
5930000
unkown
page read and write
7FF534F9E000
unkown
page readonly
28F19B13000
heap
page read and write
74E000
stack
page read and write
5930000
unkown
page read and write
5930000
unkown
page read and write
BC7E000
stack
page read and write
1E2922EB000
heap
page read and write
4355000
trusted library allocation
page read and write
7FF5349B7000
unkown
page readonly
32B0000
direct allocation
page read and write
9A20000
direct allocation
page read and write
2180000
unclassified section
page read and write
9D000
stack
page read and write
19C000
stack
page read and write
1E2901C9000
heap
page read and write
32B0000
direct allocation
page read and write
57B0000
unkown
page read and write
431F000
trusted library allocation
page read and write
4024000
trusted library allocation
page read and write
1E29016F000
heap
page read and write
5930000
unkown
page read and write
5C70000
unkown
page read and write
ADF000
stack
page read and write
317A000
stack
page read and write
8E7000
heap
page read and write
2EFA000
stack
page read and write
7FF534CF0000
unkown
page readonly
78E000
stack
page read and write
5340000
unkown
page read and write
7FF534C25000
unkown
page readonly
F72B000
unkown
page read and write
2F31000
heap
page read and write
9157000
unkown
page read and write
7FF5B2027000
unkown
page readonly
5B67000
stack
page read and write
2B7E000
stack
page read and write
5360000
unkown
page read and write
7FF535035000
unkown
page readonly
42AF000
trusted library allocation
page read and write
9C000
stack
page read and write
4270000
heap
page read and write
10CD6000
unkown
page read and write
32B0000
direct allocation
page read and write
3FB7000
trusted library allocation
page read and write
401000
unkown
page execute read
5930000
unkown
page read and write
356C000
stack
page read and write
7D44000
unkown
page readonly
1004000
unkown
page read and write
7BE7000
unkown
page readonly
7FF53503B000
unkown
page readonly
4271000
heap
page read and write
6CC000
unkown
page readonly
E50000
heap
page read and write
7FF5B1F57000
unkown
page readonly
5930000
unkown
page read and write
1E2901C5000
heap
page read and write
81E000
stack
page read and write
216C0420000
heap
page read and write
32B0000
direct allocation
page read and write
7FF534DC9000
unkown
page readonly
DDD7000
heap
page read and write
760000
heap
page read and write
34F7000
heap
page read and write
1E292293000
heap
page read and write
8B0000
heap
page read and write
438C000
heap
page read and write
1E2922F9000
heap
page read and write
1E2901D2000
heap
page read and write
7FF534B3A000
unkown
page readonly
7FF5347AE000
unkown
page readonly
9A20000
direct allocation
page read and write
5C70000
unkown
page read and write
6EC000
unkown
page readonly
320F000
heap
page read and write
69E000
stack
page read and write
52B000
remote allocation
page execute and read and write
1E2901D6000
heap
page read and write
272F000
stack
page read and write
9A20000
direct allocation
page read and write
89B0000
unkown
page readonly
4038000
trusted library allocation
page read and write
5930000
unkown
page read and write
1379000
heap
page read and write
3FDE000
trusted library allocation
page read and write
BA0000
heap
page read and write
4D50000
unkown
page read and write
F80000
heap
page read and write
5CF0000
unkown
page read and write
A09C67B000
stack
page read and write
854E000
unkown
page read and write
4388000
heap
page read and write
750000
heap
page read and write
5930000
unkown
page read and write
428E000
trusted library allocation
page read and write
22BAEE13000
unkown
page read and write
1E29229E000
heap
page read and write
7FF53509B000
unkown
page readonly
7FF53502F000
unkown
page readonly
14F0000
unkown
page read and write
9B5000
unkown
page readonly
403F000
trusted library allocation
page read and write
5280000
unkown
page readonly
1E2901DE000
heap
page read and write
53FC000
stack
page read and write
6F0000
direct allocation
page execute and read and write
23D0000
heap
page read and write
9A20000
direct allocation
page read and write
8F97000
unkown
page read and write
1001000
unkown
page execute read
5930000
unkown
page read and write
7FE000
stack
page read and write
193000
stack
page read and write
7FF534B5C000
unkown
page readonly
57B0000
unkown
page read and write
4380000
trusted library allocation
page read and write
32B0000
direct allocation
page read and write
987000
heap
page read and write
4A6000
unkown
page read and write
5930000
unkown
page read and write
820000
heap
page read and write
1F0000
heap
page read and write
7E1C000
unkown
page readonly
9A20000
direct allocation
page read and write
75C000
heap
page read and write
B2F000
stack
page read and write
1E292246000
heap
page read and write
1E2901DE000
heap
page read and write
2740000
heap
page read and write
14F0000
unkown
page read and write
3F4D000
trusted library allocation
page read and write
5930000
unkown
page read and write
1350000
heap
page read and write
1E2922F7000
heap
page read and write
5930000
unkown
page read and write
AEF33FC000
stack
page read and write
1E29228C000
heap
page read and write
7FF5348AC000
unkown
page readonly
5930000
unkown
page read and write
CD0000
heap
page read and write
4375000
trusted library allocation
page read and write
7FF534EEE000
unkown
page readonly
1E2901E8000
heap
page read and write
5930000
unkown
page read and write
2340000
heap
page read and write
7FF51EC9A000
unkown
page readonly
5930000
unkown
page read and write
A00000
heap
page read and write
7FF534D3C000
unkown
page readonly
928E000
unkown
page read and write
137C9000
stack
page read and write
1E2901DB000
heap
page read and write
5930000
unkown
page read and write
5930000
unkown
page read and write
31F4000
heap
page read and write
30F0000
heap
page read and write
AEF377B000
stack
page read and write
AE0000
heap
page read and write
DDCD000
heap
page read and write
7FF534BF1000
unkown
page readonly
8CF000
heap
page read and write
A35000
heap
page read and write
7FF534916000
unkown
page readonly
14F0000
unkown
page read and write
C30000
heap
page read and write
32B0000
direct allocation
page read and write
401000
unkown
page execute read
1310000
unkown
page readonly
5930000
unkown
page read and write
2400000
heap
page read and write
1359000
heap
page read and write
7FF5349C1000
unkown
page readonly
7FF534D9A000
unkown
page readonly
1283000
trusted library allocation
page execute and read and write
30000
heap
page read and write
F5D6000
unkown
page read and write
E00000
unkown
page readonly
32B4000
direct allocation
page read and write
DCD0000
heap
page read and write
4031000
trusted library allocation
page read and write
1E2922E0000
heap
page read and write
3FD0000
trusted library allocation
page read and write
32B0000
direct allocation
page read and write
32B0000
direct allocation
page read and write
32B0000
direct allocation
page read and write
2F70000
remote allocation
page read and write
9A20000
direct allocation
page read and write
14F0000
unkown
page read and write
7CBF000
unkown
page readonly
E40000
unkown
page read and write
4A6000
unkown
page write copy
5930000
unkown
page read and write
4A6000
unkown
page write copy
754000
heap
page read and write
38AE000
stack
page read and write
50000
heap
page read and write
28F19B02000
heap
page read and write
9C000
stack
page read and write
E50C000
stack
page read and write
91C000
heap
page read and write
30000
heap
page read and write
14D0000
unkown
page read and write
7257000
unkown
page read and write
BDF8000
stack
page read and write
1E2922D6000
heap
page read and write
2E31000
heap
page read and write
5930000
unkown
page read and write
196000
stack
page read and write
1E2901A2000
heap
page read and write
42FC000
trusted library allocation
page read and write
7FF5B1F4B000
unkown
page readonly
D38000
stack
page read and write
23CF000
stack
page read and write
9A20000
direct allocation
page read and write
2E31000
heap
page read and write
5E3C000
stack
page read and write
7FF5B1F82000
unkown
page readonly
7FF777031000
unkown
page execute read
28F1983C000
heap
page read and write
1595A000
stack
page read and write
AEF3479000
stack
page read and write
B20000
heap
page read and write
8F2D000
unkown
page read and write
1F0000
heap
page read and write
14D0000
unkown
page read and write
5930000
unkown
page read and write
4367000
trusted library allocation
page read and write
32B0000
direct allocation
page read and write
6AF000
heap
page read and write
51B9000
stack
page read and write
4B50000
unkown
page read and write
31A0000
heap
page read and write
619000
heap
page read and write
17AF000
stack
page read and write
28F19802000
unkown
page read and write
30000
heap
page read and write
1E2922BE000
heap
page read and write
E40000
unkown
page readonly
7EA5000
unkown
page readonly
4388000
trusted library allocation
page read and write
5930000
unkown
page read and write
400000
unkown
page readonly
2F71000
heap
page read and write
91C000
heap
page read and write
401000
unkown
page execute read
6FF0000
unkown
page read and write
8C2C000
stack
page read and write
7FF534FBA000
unkown
page readonly
2DBE000
stack
page read and write
8FD3000
unkown
page read and write
14F0000
unkown
page read and write
5C70000
unkown
page read and write
22BAEE41000
unkown
page read and write
31B1000
heap
page read and write
400000
unkown
page readonly
1E290158000
heap
page read and write
9A20000
direct allocation
page read and write
29CE000
stack
page read and write
24B0000
heap
page read and write
1585C000
stack
page read and write
711000
heap
page read and write
627C000
unkown
page read and write
3F6E000
trusted library allocation
page read and write
4338000
trusted library allocation
page read and write
417000
unkown
page write copy
138D000
heap
page read and write
7FF534D73000
unkown
page readonly
12B0000
trusted library allocation
page read and write
7FF535095000
unkown
page readonly
1E2901DE000
heap
page read and write
BBF000
stack
page read and write
1E290199000
heap
page read and write
239F000
stack
page read and write
4F09000
stack
page read and write
1E2901BE000
heap
page read and write
1E2922F6000
heap
page read and write
73EB000
stack
page read and write
3FBB000
trusted library allocation
page read and write
2F4F000
heap
page read and write
8D2000
heap
page read and write
5340000
unkown
page read and write
42CE000
trusted library allocation
page read and write
4BA0000
unkown
page readonly
3480000
unkown
page read and write
587000
heap
page read and write
B8E000
stack
page read and write
7FF534BA2000
unkown
page readonly
42F6000
trusted library allocation
page read and write
286F000
stack
page read and write
1F0000
heap
page read and write
370B000
stack
page read and write
438F000
trusted library allocation
page read and write
14D0000
unkown
page read and write
2E30000
remote allocation
page read and write
30000
heap
page read and write
236F000
stack
page read and write
964000
heap
page read and write
5E7000
heap
page read and write
1377000
heap
page read and write
1E290199000
heap
page read and write
1E292297000
heap
page read and write
5930000
unkown
page read and write
14A0000
trusted library allocation
page read and write
1E2901AE000
heap
page read and write
DCD9000
heap
page read and write
193000
stack
page read and write
138C000
heap
page read and write
C81000
heap
page read and write
C71000
heap
page read and write
1E29228C000
heap
page read and write
2490000
heap
page execute and read and write
7FF534A71000
unkown
page readonly
FCE000
stack
page read and write
5930000
unkown
page read and write
90D000
heap
page read and write
1003000
unkown
page readonly
5930000
unkown
page read and write
2FCE000
stack
page read and write
1E2901A1000
heap
page read and write
7FF6A834A000
unkown
page readonly
14D0000
unkown
page read and write
14F0000
unkown
page read and write
23E0000
heap
page read and write
7FF534D0F000
unkown
page readonly
77B000
heap
page read and write
2360000
heap
page read and write
7FF77709A000
unkown
page readonly
1230000
unkown
page readonly
29CF000
stack
page read and write
F3E3C7E000
stack
page read and write
34B0000
unkown
page read and write
E31000
unkown
page readonly
917E000
unkown
page read and write
2C4E000
stack
page read and write
272F000
stack
page read and write
4370000
trusted library allocation
page read and write
14F0000
unkown
page read and write
5930000
unkown
page read and write
928B000
unkown
page read and write
1000000
unkown
page readonly
1E2922DD000
heap
page read and write
32B0000
direct allocation
page read and write
6CC000
unkown
page readonly
1E2922F9000
heap
page read and write
435A000
trusted library allocation
page read and write
70E000
stack
page read and write
26CF000
stack
page read and write
F3E4079000
stack
page read and write
14D0000
unkown
page read and write
9B1000
unkown
page execute read
9A20000
direct allocation
page read and write
1E2922E5000
heap
page read and write
DDE000
stack
page read and write
874000
heap
page read and write
A2E000
stack
page read and write
1E2901DE000
heap
page read and write
1E2901DB000
heap
page read and write
5730000
unkown
page read and write
1E2902C0000
heap
page read and write
276E000
stack
page read and write
306E000
stack
page read and write
2D80000
remote allocation
page read and write
90B1000
unkown
page read and write
14D0000
unkown
page read and write
AEF34FF000
stack
page read and write
332E000
stack
page read and write
4280000
heap
page read and write
349D000
stack
page read and write
1E2922CB000
heap
page read and write
2F33000
heap
page read and write
8FF000
stack
page read and write
8BA000
heap
page read and write
5E0000
heap
page read and write
1E29224E000
heap
page read and write
7FF534E02000
unkown
page readonly
28A0000
heap
page read and write
42FA000
trusted library allocation
page read and write
4300000
trusted library allocation
page read and write
90F000
heap
page read and write
9C000
stack
page read and write
10DF000
heap
page read and write
9A20000
direct allocation
page read and write
3430000
heap
page read and write
1E2901D2000
heap
page read and write
700000
heap
page read and write
1E292285000
heap
page read and write
7FFC1B4E5000
unkown
page read and write
2420000
heap
page read and write
88B0000
unkown
page read and write
5850000
unkown
page read and write
6AF000
heap
page read and write
5930000
unkown
page read and write
3F7F000
trusted library allocation
page read and write
400000
unkown
page readonly
32B0000
direct allocation
page read and write
5930000
unkown
page read and write
2450000
heap
page read and write
2FF0000
heap
page read and write
1E2922F6000
heap
page read and write
1E292297000
heap
page read and write
22BAED00000
heap
page read and write
5930000
unkown
page read and write
1E2901E8000
heap
page read and write
7BF000
stack
page read and write
5930000
unkown
page read and write
EB0000
heap
page read and write
5930000
unkown
page read and write
9C000
stack
page read and write
1E2901D7000
unkown
page read and write
6A1000
heap
page read and write
30B0000
heap
page read and write
9B000
unkown
page read and write
3F55000
trusted library allocation
page read and write
2C7E000
stack
page read and write
26BF000
stack
page read and write
42B7000
trusted library allocation
page read and write
2DEF000
stack
page read and write
2CDE000
stack
page read and write
115D9000
unkown
page read and write
1E292297000
heap
page read and write
1E2901A6000
heap
page read and write
1E29229E000
heap
page read and write
1E2901DB000
heap
page read and write
9297000
unkown
page read and write
29E0000
heap
page read and write
7FF5B2031000
unkown
page readonly
28F19B02000
heap
page read and write
14D0000
remote allocation
page read and write
1E292287000
heap
page read and write
5930000
unkown
page read and write
DDC6000
heap
page read and write
1E29229E000
heap
page read and write
1E2901AF000
heap
page read and write
7FE000
stack
page read and write
F2C3000
unkown
page read and write
B0F000
stack
page read and write
41B1000
trusted library allocation
page read and write
19C000
stack
page read and write
5930000
unkown
page read and write
7FF534F2A000
unkown
page readonly
9331000
unkown
page read and write
91D000
heap
page read and write
32B0000
direct allocation
page read and write
8F1C000
unkown
page read and write
7FF534D91000
unkown
page readonly
1E2901E8000
heap
page read and write
691000
heap
page read and write
193000
stack
page read and write
7FE2000
unkown
page readonly
1E2901E8000
heap
page read and write
B8FA000
stack
page read and write
28F19B02000
heap
page read and write
623C000
unkown
page read and write
7FF6A7FC0000
unkown
page readonly
8B0000
heap
page read and write
14F0000
unkown
page read and write
2F70000
remote allocation
page read and write
DCCC000
heap
page read and write
4361000
trusted library allocation
page read and write
28F1983A000
unkown
page read and write
5930000
unkown
page read and write
6267000
unkown
page read and write
E9EF000
stack
page read and write
42F2000
trusted library allocation
page read and write
9A20000
direct allocation
page read and write
30B0000
remote allocation
page read and write
B1F000
stack
page read and write
7248000
unkown
page read and write
6F36FBF000
unkown
page read and write
A3E000
stack
page read and write
58C0000
unkown
page read and write
9A20000
direct allocation
page read and write
DDC2000
heap
page read and write
2F1F000
stack
page read and write
7E45000
unkown
page readonly
1E292261000
heap
page read and write
F5F5000
unkown
page read and write
1E292293000
heap
page read and write
5930000
unkown
page read and write
1E29019E000
heap
page read and write
32B0000
direct allocation
page read and write
1E292297000
heap
page read and write
1E2901A9000
heap
page read and write
D864000
unkown
page read and write
7FF5B1F65000
unkown
page readonly
A09C6FF000
stack
page read and write
14F0000
unkown
page read and write
4298000
trusted library allocation
page read and write
401000
unkown
page execute read
438D000
trusted library allocation
page read and write
5850000
unkown
page read and write
2E30000
heap
page read and write
1F0000
heap
page read and write
2DBE000
stack
page read and write
401000
unkown
page execute read
7FF5B2031000
unkown
page readonly
2F3A000
heap
page read and write
4350000
trusted library allocation
page read and write
32B0000
direct allocation
page read and write
921F000
unkown
page read and write
D875000
unkown
page read and write
8B0000
heap
page read and write
7FF5B1F27000
unkown
page readonly
B9FF000
stack
page read and write
52BE000
unkown
page read and write
4271000
heap
page read and write
1E292297000
heap
page read and write
660000
heap
page read and write
2F6D000
stack
page read and write
7FB0000
unkown
page readonly
8558000
unkown
page read and write
4D70000
unkown
page read and write
66F000
unkown
page readonly
1E292297000
heap
page read and write
1E292293000
heap
page read and write
4242000
trusted library allocation
page read and write
9C000
stack
page read and write
5930000
unkown
page read and write
9D000
stack
page read and write
7FF5B1F3F000
unkown
page readonly
3146000
stack
page read and write
34B0000
unkown
page read and write
1E29228C000
heap
page read and write
66B0000
unkown
page read and write
3820000
unkown
page readonly
342C000
stack
page read and write
401000
unkown
page execute read
1284000
trusted library allocation
page read and write
59F0000
unkown
page read and write
9A20000
direct allocation
page read and write
8F54000
unkown
page read and write
22BAEE3B000
unkown
page read and write
529000
remote allocation
page execute and read and write
7CA5000
unkown
page readonly
9D000
stack
page read and write
2E1F000
stack
page read and write
86E000
stack
page read and write
19C000
stack
page read and write
3F53000
trusted library allocation
page read and write
DDD2000
heap
page read and write
57B0000
unkown
page read and write
E76A000
heap
page read and write
3FC1000
trusted library allocation
page read and write
9A20000
direct allocation
page read and write
4FA000
heap
page read and write
7C88000
unkown
page readonly
401000
unkown
page execute read
4A2000
unkown
page readonly
F3E39DD000
stack
page read and write
7FFC1B50A000
unkown
page readonly
97A000
heap
page read and write
4369000
trusted library allocation
page read and write
3480000
unkown
page read and write
28F19874000
unkown
page read and write
1E2901DE000
heap
page read and write
7CB7000
unkown
page readonly
1E29229C000
heap
page read and write
7FF5349EA000
unkown
page readonly
5930000
unkown
page read and write
2350000
heap
page read and write
2380000
heap
page execute and read and write
E510000
heap
page read and write
4B90000
unkown
page read and write
9FE000
stack
page read and write
89E000
stack
page read and write
1E2901AF000
heap
page read and write
4B60000
unkown
page read and write
83E000
stack
page read and write
42C2000
trusted library allocation
page read and write
28F19923000
heap
page read and write
9A20000
direct allocation
page read and write
32B0000
direct allocation
page read and write
4005000
trusted library allocation
page read and write
4308000
trusted library allocation
page read and write
B4F0000
unkown
page read and write
F52A000
unkown
page read and write
4317000
trusted library allocation
page read and write
81BA000
heap
page read and write
354E000
stack
page read and write
7FF534F2E000
unkown
page readonly
22F0000
heap
page read and write
5AEA000
stack
page read and write
14F0000
unkown
page read and write
1E292293000
heap
page read and write
5E7000
heap
page read and write
4D50000
unkown
page read and write
7FF53496E000
unkown
page readonly
32B0000
direct allocation
page read and write
234F000
stack
page read and write
6F36F3B000
stack
page read and write
7FC5000
unkown
page readonly
88AB000
stack
page read and write
7FF534B9B000
unkown
page readonly
5930000
unkown
page read and write
22BAEE00000
unkown
page read and write
720000
heap
page read and write
77F3000
unkown
page readonly
2A3D000
stack
page read and write
1E2922F7000
heap
page read and write
9B0000
unkown
page readonly
241F000
stack
page read and write
28F19B13000
heap
page read and write
7EA000
heap
page read and write
1E2922FA000
heap
page read and write
1E2901D7000
heap
page read and write
C3F000
stack
page read and write
5340000
unkown
page read and write
5850000
unkown
page read and write
1E2922F6000
heap
page read and write
4287000
trusted library allocation
page read and write
DCC2000
heap
page read and write
CFF000
stack
page read and write
1E292261000
heap
page read and write
8B0000
heap
page read and write
14D0000
unkown
page read and write
800000
heap
page read and write
7FFC1B351000
unkown
page execute read
5930000
unkown
page read and write
22BAEE02000
unkown
page read and write
1E2922EC000
heap
page read and write
BD77000
stack
page read and write
5930000
unkown
page read and write
1E2901DA000
heap
page read and write
1E29228C000
heap
page read and write
22BAEDE0000
unkown
page readonly
22BAF390000
unkown
page readonly
1E292297000
heap
page read and write
9A20000
direct allocation
page read and write
11684000
unkown
page read and write
3480000
unkown
page read and write
14F0000
unkown
page read and write
12B7000
trusted library allocation
page execute and read and write
3F01000
trusted library allocation
page read and write
820000
heap
page read and write
5020000
unkown
page read and write
EB20000
unkown
page read and write
5930000
unkown
page read and write
276E000
stack
page read and write
2680000
heap
page read and write
14D0000
unkown
page read and write
400000
unkown
page execute and read and write
22BAF390000
unkown
page readonly
7FF5350AA000
unkown
page readonly
4F6E000
stack
page read and write
14F0000
unkown
page read and write
5BBE000
stack
page read and write
21CF000
stack
page read and write
1E29224F000
heap
page read and write
19C000
stack
page read and write
AEF35FC000
stack
page read and write
9DF000
stack
page read and write
4311000
trusted library allocation
page read and write
32B0000
direct allocation
page read and write
42D9000
trusted library allocation
page read and write
FB50000
unkown
page read and write
9B3000
unkown
page readonly
7FF77709A000
unkown
page readonly
9A20000
direct allocation
page read and write
28CE000
stack
page read and write
1E2922F9000
heap
page read and write
2F70000
remote allocation
page read and write
32B0000
direct allocation
page read and write
1E2901DE000
heap
page read and write
2F2E000
stack
page read and write
14D0000
unkown
page read and write
7FF534B64000
unkown
page readonly
14F0000
unkown
page read and write
7FF534ED3000
unkown
page readonly
DDA0000
heap
page read and write
33F6000
unkown
page read and write
CCE000
stack
page read and write
2E30000
remote allocation
page read and write
856C000
unkown
page read and write
7F0000
heap
page read and write
5850000
unkown
page read and write
14D0000
unkown
page read and write
7FF534F7F000
unkown
page readonly
4271000
heap
page read and write
1E2901DA000
heap
page read and write
5A50000
unkown
page readonly
70C000
heap
page read and write
700000
direct allocation
page read and write
341A000
unkown
page read and write
1000000
unkown
page readonly
33CC000
unkown
page read and write
7FF534DA5000
unkown
page readonly
5930000
unkown
page read and write
1E292285000
heap
page read and write
57E000
stack
page read and write
B3F000
stack
page read and write
623F000
unkown
page read and write
1E2922D3000
heap
page read and write
22BAED00000
heap
page read and write
28F1983B000
heap
page read and write
6EC000
unkown
page readonly
1E292293000
heap
page read and write
216C050A000
heap
page read and write
2DBE000
stack
page read and write
9A20000
direct allocation
page read and write
400000
unkown
page readonly
1E2922D3000
heap
page read and write
7FF534EC5000
unkown
page readonly
1E2901E8000
unkown
page read and write
D8EB000
unkown
page read and write
1E29229E000
heap
page read and write
62AC000
unkown
page read and write
6EC000
unkown
page readonly
3FBD000
trusted library allocation
page read and write
F6CF000
unkown
page read and write
6EC000
unkown
page readonly
7233000
unkown
page read and write
7FF534B62000
unkown
page readonly
19C000
stack
page read and write
DCC6000
heap
page read and write
2761000
heap
page read and write
14B0000
heap
page read and write
4A6000
unkown
page read and write
E40000
unkown
page readonly
1E292240000
heap
page read and write
3FC5000
trusted library allocation
page read and write
34B0000
unkown
page read and write
339F000
unkown
page read and write
1E2901E8000
heap
page read and write
3170000
heap
page read and write
32B0000
direct allocation
page read and write
400000
unkown
page readonly
7FF534FF2000
unkown
page readonly
7FF534F21000
unkown
page readonly
216C1EE5000
heap
page read and write
E551000
heap
page read and write
1E29229B000
heap
page read and write
5930000
unkown
page read and write
7FF534D9F000
unkown
page readonly
3F05000
trusted library allocation
page read and write
7FF5B1F82000
unkown
page readonly
4319000
trusted library allocation
page read and write
B6FC000
stack
page read and write
1E292249000
heap
page read and write
1454000
trusted library allocation
page read and write
3507000
heap
page read and write
4246000
trusted library allocation
page read and write
32B0000
direct allocation
page read and write
1E292297000
heap
page read and write
14F0000
unkown
page read and write
430A000
trusted library allocation
page read and write
4357000
trusted library allocation
page read and write
2370000
heap
page read and write
7FF534E0C000
unkown
page readonly
6E6000
heap
page read and write
5930000
unkown
page read and write
7FF777030000
unkown
page readonly
2A3D000
stack
page read and write
1E2922D0000
heap
page read and write
14F0000
unkown
page read and write
D8DE000
unkown
page read and write
135E000
heap
page read and write
AEF327C000
stack
page read and write
1E2922C2000
heap
page read and write
9EF000
stack
page read and write
4F0000
heap
page read and write
5930000
unkown
page read and write
F3E4179000
stack
page read and write
DDC2000
heap
page read and write
12F8000
stack
page read and write
A10000
heap
page read and write
32B0000
direct allocation
page read and write
736B000
stack
page read and write
9A20000
direct allocation
page read and write
409000
unkown
page execute read
1003000
unkown
page readonly
7F13000
unkown
page readonly
9A20000
direct allocation
page read and write
3410000
heap
page read and write
4B33000
unkown
page read and write
8CF000
heap
page read and write
28F19887000
heap
page read and write
7FF53502D000
unkown
page readonly
5A10000
unkown
page read and write
14D0000
unkown
page read and write
91CD000
unkown
page read and write
11585000
unkown
page read and write
22CF000
stack
page read and write
90F000
heap
page read and write
2DEE000
stack
page read and write
1E292286000
heap
page read and write
BD000
stack
page read and write
732000
heap
page read and write
1E292292000
heap
page read and write
28F19B13000
heap
page read and write
32B0000
direct allocation
page read and write
8F2F000
unkown
page read and write
4D40000
unkown
page read and write
5930000
unkown
page read and write
8BF000
stack
page read and write
C0F000
stack
page read and write
9A20000
direct allocation
page read and write
630000
heap
page read and write
7FF534F44000
unkown
page readonly
2EBF000
stack
page read and write
52B000
remote allocation
page execute and read and write
5930000
unkown
page read and write
1E292350000
remote allocation
page read and write
28F19610000
heap
page read and write
128D000
trusted library allocation
page execute and read and write
1E2922AD000
heap
page read and write
19C000
stack
page read and write
22BAECA0000
heap
page read and write
1E2901DA000
heap
page read and write
25C0000
heap
page read and write
3F83000
trusted library allocation
page read and write
1E292261000
heap
page read and write
EB0000
heap
page read and write
1E292297000
heap
page read and write
14F0000
unkown
page read and write
156DA000
stack
page read and write
7FF777097000
unkown
page write copy
5350000
unkown
page readonly
7FF53493C000
unkown
page readonly
676C000
stack
page read and write
196000
stack
page read and write
DCD1000
heap
page read and write
1E29229C000
heap
page read and write
1E290199000
heap
page read and write
1E2901B5000
heap
page read and write
9A20000
direct allocation
page read and write
57E000
stack
page read and write
1E292380000
heap
page read and write
DCC4000
heap
page read and write
6EC000
unkown
page readonly
28F19813000
unkown
page read and write
13B4A000
stack
page read and write
8581000
unkown
page read and write
433D000
trusted library allocation
page read and write
7FF5349B9000
unkown
page readonly
134CF000
stack
page read and write
A09C37C000
unkown
page read and write
32B0000
direct allocation
page read and write
4328000
trusted library allocation
page read and write
1360000
unkown
page readonly
434E000
trusted library allocation
page read and write
1E29016F000
heap
page read and write
4002000
trusted library allocation
page read and write
7FF53490A000
unkown
page readonly
3F86000
trusted library allocation
page read and write
19C000
stack
page read and write
77D000
heap
page read and write
88B0000
unkown
page read and write
5063000
unkown
page read and write
1364E000
stack
page read and write
5930000
unkown
page read and write
32B0000
direct allocation
page read and write
90F000
heap
page read and write
2410000
unclassified section
page read and write
14D0000
unkown
page read and write
B07000
heap
page read and write
7FF5350A2000
unkown
page readonly
4011000
trusted library allocation
page read and write
74E000
stack
page read and write
4321000
trusted library allocation
page read and write
32B0000
direct allocation
page read and write
17F000
stack
page read and write
1E2901D6000
heap
page read and write
14D0000
unkown
page read and write
5930000
unkown
page read and write
1575E000
stack
page read and write
7FF53490D000
unkown
page readonly
E9E000
stack
page read and write
A09C27C000
stack
page read and write
3214000
heap
page read and write
8C8000
heap
page execute and read and write
31FB000
heap
page read and write
5930000
unkown
page read and write
102B0000
unkown
page read and write
9C000
stack
page read and write
61E01000
direct allocation
page execute read
1E2901A2000
heap
page read and write
2F30000
heap
page read and write
6EC000
unkown
page readonly
41B5000
trusted library allocation
page read and write
11B0000
heap
page read and write
168F000
stack
page read and write
401000
unkown
page execute read
433B000
trusted library allocation
page read and write
E650000
trusted library allocation
page read and write
8CF000
heap
page read and write
216C03B0000
heap
page read and write
2E30000
remote allocation
page read and write
331A000
heap
page read and write
359E000
stack
page read and write
6EC000
unkown
page readonly
DCBF000
heap
page read and write
156E1000
stack
page read and write
401000
unkown
page execute read
1E2922BD000
heap
page read and write
7FF534E1F000
unkown
page readonly
52D0000
unkown
page read and write
32B0000
direct allocation
page read and write
32B0000
direct allocation
page read and write
4043000
trusted library allocation
page read and write
F5EA000
unkown
page read and write
1E292350000
remote allocation
page read and write
2E31000
heap
page read and write
278F000
stack
page read and write
400000
unkown
page readonly
14D0000
unkown
page read and write
28CE000
stack
page read and write
DCA0000
heap
page read and write
14D0000
unkown
page read and write
1E2901E8000
heap
page read and write
1E2922D0000
heap
page read and write
2B7D000
stack
page read and write
14F0000
unkown
page read and write
6EF000
heap
page read and write
F62F000
unkown
page read and write
401000
unkown
page execute read
85E000
stack
page read and write
70E000
heap
page read and write
2E30000
remote allocation
page read and write
1E2901E8000
heap
page read and write
9257000
unkown
page read and write
400000
unkown
page execute and read and write
87E000
stack
page read and write
3FF2000
trusted library allocation
page read and write
5ABE000
stack
page read and write
7FF534FC1000
unkown
page readonly
156E1000
stack
page read and write
8566000
unkown
page read and write
1E2901E8000
heap
page read and write
1E2901E8000
heap
page read and write
7FF5B1F39000
unkown
page readonly
9A20000
direct allocation
page read and write
AEF337F000
stack
page read and write
5930000
unkown
page read and write
1E2922E5000
heap
page read and write
2B7E000
stack
page read and write
32B0000
direct allocation
page read and write
7E6E000
unkown
page readonly
15E0000
heap
page read and write
7FF534B76000
unkown
page readonly
1E290193000
heap
page read and write
14D0000
unkown
page read and write
42C9000
trusted library allocation
page read and write
28F19B02000
heap
page read and write
14F0000
unkown
page read and write
2530000
heap
page read and write
AFF000
stack
page read and write
33EA000
heap
page read and write
14F0000
unkown
page read and write
3480000
unkown
page read and write
720000
heap
page read and write
58C0000
unkown
page read and write
2A0E000
stack
page read and write
9A20000
direct allocation
page read and write
81B2000
heap
page read and write
23F0000
direct allocation
page execute and read and write
5930000
unkown
page read and write
14F0000
unkown
page read and write
2F70000
remote allocation
page read and write
42C0000
trusted library allocation
page read and write
57B0000
unkown
page read and write
7BB000
stack
page read and write
429000
unkown
page write copy
8EF0000
unkown
page read and write
1E2901DB000
heap
page read and write
7FE000
stack
page read and write
7FF5348FD000
unkown
page readonly
7FF534DAF000
unkown
page readonly
3256000
heap
page read and write
727000
heap
page read and write
1E292297000
heap
page read and write
32B0000
direct allocation
page read and write
22BAEF02000
unkown
page read and write
61EB4000
direct allocation
page read and write
921A000
unkown
page read and write
2F70000
remote allocation
page read and write
1E2901BF000
heap
page read and write
66B0000
unkown
page read and write
8D2000
heap
page read and write
7FF5B1FA5000
unkown
page readonly
1E292297000
heap
page read and write
7FF777092000
unkown
page read and write
1E292110000
direct allocation
page execute and read and write
DCF000
stack
page read and write
6322000
unkown
page read and write
6F373FE000
stack
page read and write
28F19B02000
heap
page read and write
9A20000
direct allocation
page read and write
1E2901C6000
heap
page read and write
900000
heap
page read and write
EB5000
heap
page read and write
B4E000
stack
page read and write
1F0000
heap
page read and write
1E2901BE000
heap
page read and write
F80D000
unkown
page read and write
7D52000
unkown
page readonly
7FF5B1F4B000
unkown
page readonly
28F1980D000
unkown
page read and write
F613000
unkown
page read and write
9A20000
direct allocation
page read and write
15A5B000
stack
page read and write
32B0000
direct allocation
page read and write
29E0000
heap
page read and write
1E2922E2000
heap
page read and write
7FF534924000
unkown
page readonly
4BF0000
unkown
page read and write
1E2901BE000
heap
page read and write
133E000
stack
page read and write
880000
heap
page read and write
84A000
heap
page read and write
7B1D000
unkown
page readonly
1E2901C6000
heap
page read and write
7B7000
heap
page read and write
14D0000
unkown
page read and write
4A6000
unkown
page write copy
5930000
unkown
page read and write
2B0D000
stack
page read and write
7FF6A8351000
unkown
page write copy
7FB7000
unkown
page readonly
34B0000
unkown
page read and write
7FF5B1F39000
unkown
page readonly
1E2901BE000
heap
page read and write
4326000
trusted library allocation
page read and write
4623000
trusted library allocation
page read and write
687000
heap
page read and write
3F98000
trusted library allocation
page read and write
1E2922BA000
heap
page read and write
57E000
stack
page read and write
14F0000
unkown
page read and write
288E000
stack
page read and write
5930000
unkown
page read and write
30000
heap
page read and write
400000
unkown
page readonly
7FF6A837C000
unkown
page readonly
428B000
trusted library allocation
page read and write
C2D000
heap
page read and write
62BF000
unkown
page read and write
23F0000
heap
page read and write
5710000
unkown
page read and write
6254000
unkown
page read and write
C0F7000
stack
page read and write
24A5000
heap
page execute and read and write
5930000
unkown
page read and write
66F000
unkown
page readonly
14F0000
unkown
page read and write
1E2901C5000
heap
page read and write
275F000
stack
page read and write
401000
unkown
page execute read
4289000
trusted library allocation
page read and write
1E290189000
unkown
page read and write
7FF53500F000
unkown
page readonly
1370000
heap
page read and write
F749000
unkown
page read and write
2450000
heap
page read and write
265F000
stack
page read and write
9C000
stack
page read and write
144E000
stack
page read and write
28F19887000
unkown
page read and write
1E292381000
heap
page read and write
1E292251000
heap
page read and write
1E2901A3000
heap
page read and write
1487000
trusted library allocation
page execute and read and write
1340000
unkown
page read and write
6EC000
unkown
page readonly
404C000
trusted library allocation
page read and write
F74F000
unkown
page read and write
BD0000
heap
page read and write
4C10000
unkown
page read and write
A47000
heap
page read and write
A7F000
stack
page read and write
6EE000
stack
page read and write
148B000
trusted library allocation
page execute and read and write
1E29228F000
heap
page read and write
887000
heap
page execute and read and write
7FF534D26000
unkown
page readonly
28F19B13000
heap
page read and write
F3E3D7B000
stack
page read and write
24C0000
heap
page read and write
9A20000
direct allocation
page read and write
DCCD000
heap
page read and write
3480000
unkown
page read and write
D88E000
unkown
page read and write
5930000
unkown
page read and write
1560000
unkown
page readonly
11701000
unkown
page read and write
1E292292000
heap
page read and write
19C000
stack
page read and write
5930000
unkown
page read and write
12E0000
unkown
page readonly
32B0000
direct allocation
page read and write
1E2901C9000
heap
page read and write
28F19B02000
heap
page read and write
5930000
unkown
page read and write
246F000
stack
page read and write
2D8F000
stack
page read and write
4A6000
unkown
page write copy
A30000
heap
page read and write
83AD000
stack
page read and write
14F0000
unkown
page read and write
14F0000
unkown
page read and write
1E2922E2000
heap
page read and write
7FF534E86000
unkown
page readonly
22BAF460000
unkown
page read and write
5C29000
unkown
page read and write
5930000
unkown
page read and write
1E2922C1000
heap
page read and write
There are 3111 hidden memdumps, click here to show them.