Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
86NKwZGvwn.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Roaming\evcgwtu
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\evcgwtu:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
modified
|
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\86NKwZGvwn.exe
|
C:\Users\user\Desktop\86NKwZGvwn.exe
|
|
|
|
C:\Users\user\Desktop\86NKwZGvwn.exe
|
C:\Users\user\Desktop\86NKwZGvwn.exe
|
|
|
|
C:\Windows\explorer.exe
|
C:\Windows\Explorer.EXE
|
|
|
|
C:\Users\user\AppData\Roaming\evcgwtu
|
C:\Users\user\AppData\Roaming\evcgwtu
|
|
|
|
C:\Users\user\AppData\Roaming\evcgwtu
|
C:\Users\user\AppData\Roaming\evcgwtu
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://host-file-host6.com/
|
194.50.153.68
|
|
|
|
http://host-host-file8.com/
|
|
||
|
http://components.groove.net/Groove/Components/Root.osd?Package=net.groove.Groove.Tools.System.Groov
|
unknown
|
||
|
http://components.groove.net/Groove/Components/SystemComponents/SystemComponents.osd?Package=net.gro
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
host-file-host6.com
|
194.50.153.68
|
|
|
|
host-host-file8.com
|
unknown
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
194.50.153.68
|
host-file-host6.com
|
United Kingdom
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zip\OpenWithProgids
|
Unpacker
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
|
{A38B883C-1682-497E-97B0-0A3A9E801682} {886D8EEB-8CF2-4446-8D02-CDBA1DBDCF99} 0xFFFF
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.101
|
CheckSetting
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.100
|
CheckSetting
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102
|
CheckSetting
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Security and Maintenance
|
MessageTime
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\OpenWithProgids
|
WMP11.AssocFile.3G2
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\OpenWithProgids
|
WMP11.AssocFile.3GP
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\OpenWithProgids
|
WMP11.AssocFile.3G2
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\OpenWithProgids
|
WMP11.AssocFile.3GP
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aac\OpenWithProgids
|
WMP11.AssocFile.ADTS
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.adt\OpenWithProgids
|
WMP11.AssocFile.ADTS
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.adts\OpenWithProgids
|
WMP11.AssocFile.ADTS
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\OpenWithProgids
|
WMP11.AssocFile.AIFF
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\OpenWithProgids
|
WMP11.AssocFile.AIFF
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\OpenWithProgids
|
WMP11.AssocFile.AIFF
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\OpenWithProgids
|
WMP11.AssocFile.ASF
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\OpenWithProgids
|
WMP11.AssocFile.ASX
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\OpenWithProgids
|
WMP11.AssocFile.AU
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au3\OpenWithProgids
|
AutoIt3Script
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\OpenWithProgids
|
WMP11.AssocFile.AVI
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\OpenWithProgids
|
Paint.Picture
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cab\OpenWithProgids
|
CABFolder
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cdxml\OpenWithProgids
|
Microsoft.PowerShellCmdletDefinitionXML.1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.contact\OpenWithProgids
|
contact_wab_auto_file
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.css\OpenWithProgids
|
CSSfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.csv\OpenWithProgids
|
Excel.CSV
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dds\OpenWithProgids
|
ddsfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\OpenWithProgids
|
Paint.Picture
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dll\OpenWithProgids
|
dllfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\OpenWithProgids
|
Word.Document.8
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docm\OpenWithProgids
|
Word.DocumentMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\OpenWithProgids
|
Word.Document.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dot\OpenWithProgids
|
Word.Template.8
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotm\OpenWithProgids
|
Word.TemplateMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotx\OpenWithProgids
|
Word.Template.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\OpenWithProgids
|
emffile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids
|
exefile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\OpenWithProgids
|
WMP11.AssocFile.FLAC
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fon\OpenWithProgids
|
fonfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\OpenWithProgids
|
giffile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithProgids
|
htmlfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\OpenWithProgids
|
htmlfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\OpenWithProgids
|
icofile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ini\OpenWithProgids
|
inifile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\OpenWithProgids
|
pjpegfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\OpenWithProgids
|
jpegfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\OpenWithProgids
|
jpegfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithProgids
|
jpegfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jxr\OpenWithProgids
|
wdpfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\OpenWithProgids
|
lnkfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2t\OpenWithProgids
|
WMP11.AssocFile.M2TS
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2ts\OpenWithProgids
|
WMP11.AssocFile.M2TS
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2v\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\OpenWithProgids
|
WMP11.AssocFile.m3u
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\OpenWithProgids
|
WMP11.AssocFile.M4A
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\OpenWithProgids
|
WMP11.AssocFile.MP4
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\OpenWithProgids
|
mhtmlfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\OpenWithProgids
|
mhtmlfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\OpenWithProgids
|
WMP11.AssocFile.MIDI
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\OpenWithProgids
|
WMP11.AssocFile.MIDI
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MK3D\OpenWithProgids
|
WMP11.AssocFile.MK3D
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mka\OpenWithProgids
|
WMP11.AssocFile.MKA
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\OpenWithProgids
|
WMP11.AssocFile.MKV
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mod\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\OpenWithProgids
|
WMP11.AssocFile.MOV
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MP2\OpenWithProgids
|
WMP11.AssocFile.MP3
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\OpenWithProgids
|
WMP11.AssocFile.MP3
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\OpenWithProgids
|
WMP11.AssocFile.MP4
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\OpenWithProgids
|
WMP11.AssocFile.MP4
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MPE\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\OpenWithProgids
|
WMP11.AssocFile.MPEG
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.msg\OpenWithProgids
|
Outlook.File.msg.15
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mts\OpenWithProgids
|
WMP11.AssocFile.M2TS
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ocx\OpenWithProgids
|
ocxfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odp\OpenWithProgids
|
PowerPoint.OpenDocumentPresentation.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ods\OpenWithProgids
|
Excel.OpenDocumentSpreadsheet.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odt\OpenWithProgids
|
Word.OpenDocumentText.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.otf\OpenWithProgids
|
otffile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithProgids
|
pngfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pot\OpenWithProgids
|
PowerPoint.Template.8
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potm\OpenWithProgids
|
PowerPoint.TemplateMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potx\OpenWithProgids
|
PowerPoint.Template.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppam\OpenWithProgids
|
PowerPoint.Addin.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsm\OpenWithProgids
|
PowerPoint.SlideShowMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsx\OpenWithProgids
|
PowerPoint.SlideShow.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppt\OpenWithProgids
|
PowerPoint.Show.8
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptm\OpenWithProgids
|
PowerPoint.ShowMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptx\OpenWithProgids
|
PowerPoint.Show.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1xml\OpenWithProgids
|
Microsoft.PowerShellXMLData.1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pssc\OpenWithProgids
|
Microsoft.PowerShellSessionConfiguration.1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\OpenWithProgids
|
rlefile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\OpenWithProgids
|
WMP11.AssocFile.MIDI
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rtf\OpenWithProgids
|
Word.RTF.8
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scf\OpenWithProgids
|
SHCmdFile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.search-ms\OpenWithProgids
|
SearchFolder
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldm\OpenWithProgids
|
PowerPoint.SlideMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldx\OpenWithProgids
|
PowerPoint.Slide.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\OpenWithProgids
|
WMP11.AssocFile.AU
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sys\OpenWithProgids
|
sysfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\OpenWithProgids
|
TIFImage.Document
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\OpenWithProgids
|
TIFImage.Document
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\OpenWithProgids
|
WMP11.AssocFile.TTS
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\OpenWithProgids
|
ttcfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\OpenWithProgids
|
ttffile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\OpenWithProgids
|
WMP11.AssocFile.TTS
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithProgids
|
txtfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vsto\OpenWithProgids
|
bootstrap.vsto.1
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\OpenWithProgids
|
WMP11.AssocFile.WAV
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\OpenWithProgids
|
WMP11.AssocFile.WAX
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdp\OpenWithProgids
|
wdpfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\OpenWithProgids
|
WMP11.AssocFile.ASF
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\OpenWithProgids
|
WMP11.AssocFile.WMA
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\OpenWithProgids
|
wmffile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\OpenWithProgids
|
WMP11.AssocFile.WMV
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\OpenWithProgids
|
WMP11.AssocFile.ASX
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WPL\OpenWithProgids
|
WMP11.AssocFile.WPL
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\OpenWithProgids
|
WMP11.AssocFile.WVX
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlam\OpenWithProgids
|
Excel.AddInMacroEnabled
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xls\OpenWithProgids
|
Excel.Sheet.8
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsb\OpenWithProgids
|
Excel.SheetBinaryMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsm\OpenWithProgids
|
Excel.SheetMacroEnabled.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsx\OpenWithProgids
|
Excel.Sheet.12
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlt\OpenWithProgids
|
Excel.Template.8
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltm\OpenWithProgids
|
Excel.TemplateMacroEnabled
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltx\OpenWithProgids
|
Excel.Template
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\OpenWithProgids
|
xmlfile
|
||
|
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xsl\OpenWithProgids
|
xslfile
|
There are 125 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
6A1000
|
unclassified section
|
page read and write
|
|
|
|
530000
|
direct allocation
|
page read and write
|
|
|
|
1F30000
|
direct allocation
|
page read and write
|
|
|
|
1F51000
|
unclassified section
|
page read and write
|
|
|
|
D0E1000
|
unkown
|
page read and write
|
||
|
7DF4F7920000
|
unkown
|
page readonly
|
||
|
8216000
|
unkown
|
page read and write
|
||
|
EBB0000
|
unkown
|
page read and write
|
||
|
4BE3000
|
unkown
|
page read and write
|
||
|
16806000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
7FF5DBCC5000
|
unkown
|
page readonly
|
||
|
ABEE000
|
unkown
|
page read and write
|
||
|
4A70000
|
unkown
|
page read and write
|
||
|
D4E7000
|
unkown
|
page read and write
|
||
|
D4DB000
|
unkown
|
page read and write
|
||
|
67EC000
|
stack
|
page read and write
|
||
|
830B000
|
unkown
|
page read and write
|
||
|
7FF5DBC1A000
|
unkown
|
page readonly
|
||
|
16745000
|
unkown
|
page read and write
|
||
|
16728000
|
unkown
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
7830000
|
unkown
|
page readonly
|
||
|
7FF5DB97D000
|
unkown
|
page readonly
|
||
|
4E7000
|
heap
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
8519000
|
unkown
|
page read and write
|
||
|
4C10000
|
unkown
|
page read and write
|
||
|
D12D000
|
unkown
|
page read and write
|
||
|
7FF5DB9A8000
|
unkown
|
page readonly
|
||
|
84D7000
|
unkown
|
page read and write
|
||
|
8471000
|
unkown
|
page read and write
|
||
|
D2BA000
|
unkown
|
page read and write
|
||
|
7B07000
|
unkown
|
page read and write
|
||
|
4A80000
|
unkown
|
page read and write
|
||
|
28C0000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
C120000
|
unkown
|
page read and write
|
||
|
16880000
|
unkown
|
page read and write
|
||
|
164FD000
|
unkown
|
page read and write
|
||
|
7FF5DBA01000
|
unkown
|
page readonly
|
||
|
D56D000
|
unkown
|
page read and write
|
||
|
7FF5DBB96000
|
unkown
|
page readonly
|
||
|
8506000
|
unkown
|
page read and write
|
||
|
4AC6000
|
unkown
|
page read and write
|
||
|
16509000
|
unkown
|
page read and write
|
||
|
8509000
|
unkown
|
page read and write
|
||
|
1658B000
|
unkown
|
page read and write
|
||
|
84FD000
|
unkown
|
page read and write
|
||
|
16730000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
16705000
|
unkown
|
page read and write
|
||
|
4996000
|
stack
|
page read and write
|
||
|
7AB0000
|
unkown
|
page read and write
|
||
|
D4BB000
|
unkown
|
page read and write
|
||
|
B167000
|
stack
|
page read and write
|
||
|
6CE000
|
stack
|
page read and write
|
||
|
16705000
|
unkown
|
page read and write
|
||
|
7FF5DBA06000
|
unkown
|
page readonly
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
7B07000
|
unkown
|
page read and write
|
||
|
D49E000
|
unkown
|
page read and write
|
||
|
2E18000
|
stack
|
page read and write
|
||
|
D15B000
|
unkown
|
page read and write
|
||
|
164E3000
|
unkown
|
page read and write
|
||
|
16884000
|
unkown
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
7FF5DBF4D000
|
unkown
|
page readonly
|
||
|
8509000
|
unkown
|
page read and write
|
||
|
1688C000
|
unkown
|
page read and write
|
||
|
16892000
|
unkown
|
page read and write
|
||
|
7AB0000
|
unkown
|
page read and write
|
||
|
85B9000
|
unkown
|
page read and write
|
||
|
D4F3000
|
unkown
|
page read and write
|
||
|
7FF5DBAD9000
|
unkown
|
page readonly
|
||
|
164ED000
|
unkown
|
page read and write
|
||
|
D4EE000
|
unkown
|
page read and write
|
||
|
ABD0000
|
unkown
|
page read and write
|
||
|
16871000
|
unkown
|
page read and write
|
||
|
167BF000
|
unkown
|
page read and write
|
||
|
1741D000
|
stack
|
page read and write
|
||
|
16975000
|
unkown
|
page read and write
|
||
|
CF82000
|
unkown
|
page read and write
|
||
|
4E83000
|
unkown
|
page read and write
|
||
|
CFB6000
|
unkown
|
page read and write
|
||
|
2CE0000
|
unkown
|
page readonly
|
||
|
4E90000
|
unkown
|
page read and write
|
||
|
164F9000
|
unkown
|
page read and write
|
||
|
D38D000
|
unkown
|
page read and write
|
||
|
7823000
|
unkown
|
page readonly
|
||
|
1650B000
|
unkown
|
page read and write
|
||
|
D4E7000
|
unkown
|
page read and write
|
||
|
168EA000
|
unkown
|
page read and write
|
||
|
2010000
|
heap
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
27C0000
|
unkown
|
page read and write
|
||
|
66F000
|
unkown
|
page readonly
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
1683C000
|
unkown
|
page read and write
|
||
|
ABEE000
|
unkown
|
page read and write
|
||
|
B6EA000
|
stack
|
page read and write
|
||
|
7FF5DBC20000
|
unkown
|
page readonly
|
||
|
2D97000
|
stack
|
page read and write
|
||
|
7AB0000
|
unkown
|
page read and write
|
||
|
8519000
|
unkown
|
page read and write
|
||
|
ABEA000
|
unkown
|
page read and write
|
||
|
8519000
|
unkown
|
page read and write
|
||
|
167CC000
|
unkown
|
page read and write
|
||
|
CF25000
|
unkown
|
page read and write
|
||
|
ABD0000
|
unkown
|
page read and write
|
||
|
16EAD440000
|
trusted library allocation
|
page read and write
|
||
|
7FF5DBBD1000
|
unkown
|
page readonly
|
||
|
16880000
|
unkown
|
page read and write
|
||
|
1687D000
|
unkown
|
page read and write
|
||
|
16501000
|
unkown
|
page read and write
|
||
|
27C0000
|
unkown
|
page read and write
|
||
|
4A70000
|
unkown
|
page read and write
|
||
|
42BA000
|
unkown
|
page read and write
|
||
|
16779000
|
unkown
|
page read and write
|
||
|
4C03000
|
unkown
|
page read and write
|
||
|
A9814B000
|
stack
|
page read and write
|
||
|
AC05000
|
unkown
|
page read and write
|
||
|
4BE5000
|
unkown
|
page read and write
|
||
|
16806000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
D08A000
|
unkown
|
page read and write
|
||
|
D545000
|
unkown
|
page read and write
|
||
|
16507000
|
unkown
|
page read and write
|
||
|
D54C000
|
unkown
|
page read and write
|
||
|
84CD000
|
unkown
|
page read and write
|
||
|
7FF5DBCB3000
|
unkown
|
page readonly
|
||
|
1554C000
|
stack
|
page read and write
|
||
|
165C6000
|
unkown
|
page read and write
|
||
|
7FF5DBA08000
|
unkown
|
page readonly
|
||
|
F17B000
|
stack
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
4FA3000
|
unkown
|
page read and write
|
||
|
16888000
|
unkown
|
page read and write
|
||
|
EAFE000
|
stack
|
page read and write
|
||
|
7A9C000
|
unkown
|
page read and write
|
||
|
AA0000
|
heap
|
page read and write
|
||
|
16730000
|
unkown
|
page read and write
|
||
|
D04E000
|
unkown
|
page read and write
|
||
|
165C6000
|
unkown
|
page read and write
|
||
|
D55B000
|
unkown
|
page read and write
|
||
|
167D1000
|
unkown
|
page read and write
|
||
|
7FF5DBDDF000
|
unkown
|
page readonly
|
||
|
7FF5DBFDF000
|
unkown
|
page readonly
|
||
|
7FF5DBCBD000
|
unkown
|
page readonly
|
||
|
8507000
|
unkown
|
page read and write
|
||
|
16A1A000
|
unkown
|
page read and write
|
||
|
1658B000
|
unkown
|
page read and write
|
||
|
7703000
|
unkown
|
page readonly
|
||
|
5A1C000
|
unkown
|
page read and write
|
||
|
167C1000
|
unkown
|
page read and write
|
||
|
808000
|
heap
|
page execute and read and write
|
||
|
D509000
|
unkown
|
page read and write
|
||
|
28FF000
|
unkown
|
page read and write
|
||
|
166FA000
|
unkown
|
page read and write
|
||
|
2271000
|
heap
|
page read and write
|
||
|
D12D000
|
unkown
|
page read and write
|
||
|
D274000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
16713000
|
unkown
|
page read and write
|
||
|
16729000
|
unkown
|
page read and write
|
||
|
2AD1000
|
unkown
|
page read and write
|
||
|
16740000
|
unkown
|
page read and write
|
||
|
4BE0000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
1494E000
|
stack
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
CF54000
|
unkown
|
page read and write
|
||
|
7FF5DBB9C000
|
unkown
|
page readonly
|
||
|
D4E7000
|
unkown
|
page read and write
|
||
|
CFB1000
|
unkown
|
page read and write
|
||
|
4AA0000
|
unkown
|
page read and write
|
||
|
2927000
|
unkown
|
page read and write
|
||
|
7FF5DBC0F000
|
unkown
|
page readonly
|
||
|
16503000
|
unkown
|
page read and write
|
||
|
164E5000
|
unkown
|
page read and write
|
||
|
4671000
|
unkown
|
page read and write
|
||
|
1688A000
|
unkown
|
page read and write
|
||
|
16EAC720000
|
heap
|
page read and write
|
||
|
2A90000
|
unkown
|
page read and write
|
||
|
D2C8000
|
unkown
|
page read and write
|
||
|
AB91000
|
unkown
|
page read and write
|
||
|
16806000
|
unkown
|
page read and write
|
||
|
7FF5DBD20000
|
unkown
|
page readonly
|
||
|
16472000
|
unkown
|
page read and write
|
||
|
D010000
|
unkown
|
page read and write
|
||
|
1683C000
|
unkown
|
page read and write
|
||
|
754F000
|
unkown
|
page readonly
|
||
|
CF23000
|
unkown
|
page read and write
|
||
|
80FB000
|
stack
|
page read and write
|
||
|
A984F9000
|
stack
|
page read and write
|
||
|
169B0000
|
unkown
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
166F6000
|
unkown
|
page read and write
|
||
|
4070000
|
unkown
|
page readonly
|
||
|
940000
|
unkown
|
page read and write
|
||
|
16871000
|
unkown
|
page read and write
|
||
|
D04E000
|
unkown
|
page read and write
|
||
|
8453000
|
unkown
|
page read and write
|
||
|
7FF5DBDBB000
|
unkown
|
page readonly
|
||
|
7FF5DC015000
|
unkown
|
page readonly
|
||
|
7F7C000
|
stack
|
page read and write
|
||
|
164FB000
|
unkown
|
page read and write
|
||
|
D432000
|
unkown
|
page read and write
|
||
|
6DB000
|
heap
|
page read and write
|
||
|
D0E1000
|
unkown
|
page read and write
|
||
|
D120000
|
unkown
|
page read and write
|
||
|
8509000
|
unkown
|
page read and write
|
||
|
D2D2000
|
unkown
|
page read and write
|
||
|
E9A6000
|
unkown
|
page read and write
|
||
|
7FF5DBC0C000
|
unkown
|
page readonly
|
||
|
7ADD000
|
unkown
|
page read and write
|
||
|
D148000
|
unkown
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
7FF8838E3000
|
unkown
|
page read and write
|
||
|
164F9000
|
unkown
|
page read and write
|
||
|
7DF4F7841000
|
unkown
|
page execute read
|
||
|
822F000
|
unkown
|
page read and write
|
||
|
16556000
|
unkown
|
page read and write
|
||
|
1672B000
|
unkown
|
page read and write
|
||
|
7DF4F7931000
|
unkown
|
page execute read
|
||
|
753F000
|
unkown
|
page readonly
|
||
|
16745000
|
unkown
|
page read and write
|
||
|
7A9C000
|
unkown
|
page read and write
|
||
|
7AC3000
|
unkown
|
page read and write
|
||
|
D38D000
|
unkown
|
page read and write
|
||
|
D04C000
|
unkown
|
page read and write
|
||
|
D4F3000
|
unkown
|
page read and write
|
||
|
7FF5DC144000
|
unkown
|
page readonly
|
||
|
1689C000
|
unkown
|
page read and write
|
||
|
4C10000
|
unkown
|
page read and write
|
||
|
D4DB000
|
unkown
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
168EA000
|
unkown
|
page read and write
|
||
|
7FF5DBE7E000
|
unkown
|
page readonly
|
||
|
1672B000
|
unkown
|
page read and write
|
||
|
D12D000
|
unkown
|
page read and write
|
||
|
856B000
|
unkown
|
page read and write
|
||
|
844B000
|
unkown
|
page read and write
|
||
|
C7EF000
|
stack
|
page read and write
|
||
|
7FF5DBF45000
|
unkown
|
page readonly
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
807C000
|
stack
|
page read and write
|
||
|
166F5000
|
unkown
|
page read and write
|
||
|
167CC000
|
unkown
|
page read and write
|
||
|
168EE000
|
unkown
|
page read and write
|
||
|
2BF0000
|
unkown
|
page readonly
|
||
|
165E4000
|
unkown
|
page read and write
|
||
|
16743000
|
unkown
|
page read and write
|
||
|
4A00000
|
unkown
|
page readonly
|
||
|
168FE000
|
unkown
|
page read and write
|
||
|
D50F000
|
unkown
|
page read and write
|
||
|
85BA000
|
unkown
|
page read and write
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
164E3000
|
unkown
|
page read and write
|
||
|
5F0000
|
unkown
|
page read and write
|
||
|
7DF4F7880000
|
unkown
|
page readonly
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
7ADD000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
AC05000
|
unkown
|
page read and write
|
||
|
D37E000
|
unkown
|
page read and write
|
||
|
D469000
|
unkown
|
page read and write
|
||
|
168D9000
|
unkown
|
page read and write
|
||
|
84CB000
|
unkown
|
page read and write
|
||
|
16517000
|
unkown
|
page read and write
|
||
|
149CB000
|
stack
|
page read and write
|
||
|
16886000
|
unkown
|
page read and write
|
||
|
6813000
|
unkown
|
page read and write
|
||
|
D4F8000
|
unkown
|
page read and write
|
||
|
168FD000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
D120000
|
unkown
|
page read and write
|
||
|
7FF5DBBC9000
|
unkown
|
page readonly
|
||
|
85BA000
|
unkown
|
page read and write
|
||
|
7AE9000
|
unkown
|
page read and write
|
||
|
BB6A000
|
stack
|
page read and write
|
||
|
7FF5DB9C3000
|
unkown
|
page readonly
|
||
|
D15B000
|
unkown
|
page read and write
|
||
|
165CD000
|
unkown
|
page read and write
|
||
|
7FF5DBE6B000
|
unkown
|
page readonly
|
||
|
16871000
|
unkown
|
page read and write
|
||
|
7FF8838EA000
|
unkown
|
page read and write
|
||
|
1673D000
|
unkown
|
page read and write
|
||
|
7DF4F7910000
|
unkown
|
page readonly
|
||
|
D04C000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
4FB0000
|
unkown
|
page read and write
|
||
|
7062000
|
unkown
|
page readonly
|
||
|
D159000
|
unkown
|
page read and write
|
||
|
4A33000
|
unkown
|
page read and write
|
||
|
4230000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
47A0000
|
unkown
|
page readonly
|
||
|
1FE0000
|
heap
|
page read and write
|
||
|
16876000
|
unkown
|
page read and write
|
||
|
B3EB000
|
stack
|
page read and write
|
||
|
D3FD000
|
unkown
|
page read and write
|
||
|
164FB000
|
unkown
|
page read and write
|
||
|
16888000
|
unkown
|
page read and write
|
||
|
D4B0000
|
unkown
|
page read and write
|
||
|
164F7000
|
unkown
|
page read and write
|
||
|
1624C000
|
stack
|
page read and write
|
||
|
7FF5DC027000
|
unkown
|
page readonly
|
||
|
1524C000
|
stack
|
page read and write
|
||
|
299D000
|
unkown
|
page read and write
|
||
|
2A70000
|
unkown
|
page readonly
|
||
|
AC08000
|
unkown
|
page read and write
|
||
|
16892000
|
unkown
|
page read and write
|
||
|
D432000
|
unkown
|
page read and write
|
||
|
7FF5DB9F3000
|
unkown
|
page readonly
|
||
|
D148000
|
unkown
|
page read and write
|
||
|
D112000
|
unkown
|
page read and write
|
||
|
16509000
|
unkown
|
page read and write
|
||
|
7FF8838F3000
|
unkown
|
page readonly
|
||
|
D432000
|
unkown
|
page read and write
|
||
|
2CF0000
|
unkown
|
page read and write
|
||
|
559A000
|
heap
|
page read and write
|
||
|
7FF5DBF68000
|
unkown
|
page readonly
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
D27A000
|
unkown
|
page read and write
|
||
|
4E93000
|
unkown
|
page read and write
|
||
|
D56D000
|
unkown
|
page read and write
|
||
|
D009000
|
unkown
|
page read and write
|
||
|
D148000
|
unkown
|
page read and write
|
||
|
7FF5DBFF2000
|
unkown
|
page readonly
|
||
|
D2CA000
|
unkown
|
page read and write
|
||
|
D4CD000
|
unkown
|
page read and write
|
||
|
7A6D000
|
unkown
|
page read and write
|
||
|
D56D000
|
unkown
|
page read and write
|
||
|
D2A5000
|
unkown
|
page read and write
|
||
|
D159000
|
unkown
|
page read and write
|
||
|
D21C000
|
unkown
|
page read and write
|
||
|
1749C000
|
stack
|
page read and write
|
||
|
D282000
|
unkown
|
page read and write
|
||
|
D010000
|
unkown
|
page read and write
|
||
|
D54C000
|
unkown
|
page read and write
|
||
|
167C1000
|
unkown
|
page read and write
|
||
|
7FF5DBBF6000
|
unkown
|
page readonly
|
||
|
7AE9000
|
unkown
|
page read and write
|
||
|
D3FE000
|
unkown
|
page read and write
|
||
|
22A1000
|
heap
|
page read and write
|
||
|
4645000
|
unkown
|
page read and write
|
||
|
D08A000
|
unkown
|
page read and write
|
||
|
D54C000
|
unkown
|
page read and write
|
||
|
7DF000
|
stack
|
page read and write
|
||
|
165DC000
|
unkown
|
page read and write
|
||
|
7FF5DC0C8000
|
unkown
|
page readonly
|
||
|
E140000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
AC08000
|
unkown
|
page read and write
|
||
|
E9AC000
|
unkown
|
page read and write
|
||
|
4240000
|
unkown
|
page read and write
|
||
|
F37F000
|
stack
|
page read and write
|
||
|
D38D000
|
unkown
|
page read and write
|
||
|
27C0000
|
unkown
|
page read and write
|
||
|
2359000
|
stack
|
page read and write
|
||
|
7ADD000
|
unkown
|
page read and write
|
||
|
D4EE000
|
unkown
|
page read and write
|
||
|
D509000
|
unkown
|
page read and write
|
||
|
7FF5DBC7C000
|
unkown
|
page readonly
|
||
|
5A25000
|
unkown
|
page read and write
|
||
|
168CB000
|
unkown
|
page read and write
|
||
|
CFCE000
|
unkown
|
page read and write
|
||
|
D4F3000
|
unkown
|
page read and write
|
||
|
7FF5DC119000
|
unkown
|
page readonly
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
B0EE000
|
stack
|
page read and write
|
||
|
165E4000
|
unkown
|
page read and write
|
||
|
156CF000
|
stack
|
page read and write
|
||
|
16720000
|
unkown
|
page read and write
|
||
|
4C40000
|
unkown
|
page read and write
|
||
|
792B000
|
stack
|
page read and write
|
||
|
7FF88394F000
|
unkown
|
page readonly
|
||
|
7FF8838EC000
|
unkown
|
page read and write
|
||
|
7FF5DB9DD000
|
unkown
|
page readonly
|
||
|
8509000
|
unkown
|
page read and write
|
||
|
D54C000
|
unkown
|
page read and write
|
||
|
4C60000
|
unkown
|
page read and write
|
||
|
D12D000
|
unkown
|
page read and write
|
||
|
16513000
|
unkown
|
page read and write
|
||
|
D4F8000
|
unkown
|
page read and write
|
||
|
7AC3000
|
unkown
|
page read and write
|
||
|
7FF5DB9E4000
|
unkown
|
page readonly
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
7FF5DC082000
|
unkown
|
page readonly
|
||
|
7AA0000
|
unkown
|
page read and write
|
||
|
168FF000
|
unkown
|
page read and write
|
||
|
849C000
|
unkown
|
page read and write
|
||
|
7FF5DBC3C000
|
unkown
|
page readonly
|
||
|
D4B0000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
168F6000
|
unkown
|
page read and write
|
||
|
1574F000
|
stack
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
4621000
|
unkown
|
page read and write
|
||
|
85BA000
|
unkown
|
page read and write
|
||
|
168CB000
|
unkown
|
page read and write
|
||
|
D55B000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
16728000
|
unkown
|
page read and write
|
||
|
4F80000
|
unkown
|
page read and write
|
||
|
7839000
|
unkown
|
page readonly
|
||
|
22A0000
|
direct allocation
|
page execute and read and write
|
||
|
D3FD000
|
unkown
|
page read and write
|
||
|
4C33000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
83C2000
|
unkown
|
page read and write
|
||
|
D56D000
|
unkown
|
page read and write
|
||
|
7FF5DBB85000
|
unkown
|
page readonly
|
||
|
19D000
|
stack
|
page read and write
|
||
|
D4FC000
|
unkown
|
page read and write
|
||
|
1650B000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
2736000
|
stack
|
page read and write
|
||
|
7B0F000
|
unkown
|
page read and write
|
||
|
4B20000
|
unkown
|
page read and write
|
||
|
430000
|
unkown
|
page read and write
|
||
|
CFD1000
|
unkown
|
page read and write
|
||
|
77BC000
|
unkown
|
page readonly
|
||
|
168CB000
|
unkown
|
page read and write
|
||
|
16A1A000
|
unkown
|
page read and write
|
||
|
40DA000
|
unkown
|
page read and write
|
||
|
59F0000
|
unkown
|
page read and write
|
||
|
16519000
|
unkown
|
page read and write
|
||
|
ABA4000
|
unkown
|
page read and write
|
||
|
D04C000
|
unkown
|
page read and write
|
||
|
6CE000
|
stack
|
page read and write
|
||
|
7DF4F78A1000
|
unkown
|
page execute read
|
||
|
EBAE000
|
unkown
|
page read and write
|
||
|
167CC000
|
unkown
|
page read and write
|
||
|
7FF8838EE000
|
unkown
|
page read and write
|
||
|
8504000
|
unkown
|
page read and write
|
||
|
16888000
|
unkown
|
page read and write
|
||
|
4640000
|
unkown
|
page read and write
|
||
|
D4CD000
|
unkown
|
page read and write
|
||
|
168FF000
|
unkown
|
page read and write
|
||
|
168F4000
|
unkown
|
page read and write
|
||
|
16655000
|
unkown
|
page read and write
|
||
|
D010000
|
unkown
|
page read and write
|
||
|
7DF4F7821000
|
unkown
|
page execute read
|
||
|
8513000
|
unkown
|
page read and write
|
||
|
16886000
|
unkown
|
page read and write
|
||
|
85BA000
|
unkown
|
page read and write
|
||
|
7FF5DC13C000
|
unkown
|
page readonly
|
||
|
D2CC000
|
unkown
|
page read and write
|
||
|
28BD000
|
unkown
|
page read and write
|
||
|
D009000
|
unkown
|
page read and write
|
||
|
F9CB000
|
unkown
|
page read and write
|
||
|
ABD0000
|
unkown
|
page read and write
|
||
|
D11A000
|
unkown
|
page read and write
|
||
|
9C8000
|
heap
|
page read and write
|
||
|
7FF5DBC17000
|
unkown
|
page readonly
|
||
|
D2BA000
|
unkown
|
page read and write
|
||
|
16711000
|
unkown
|
page read and write
|
||
|
46B0000
|
unkown
|
page read and write
|
||
|
F47A000
|
stack
|
page read and write
|
||
|
16709000
|
unkown
|
page read and write
|
||
|
7DF4F7921000
|
unkown
|
page execute read
|
||
|
ABE3000
|
unkown
|
page read and write
|
||
|
7FF5DBB7F000
|
unkown
|
page readonly
|
||
|
8509000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
7FF5DBCB5000
|
unkown
|
page readonly
|
||
|
4D5000
|
stack
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
7DF4F7891000
|
unkown
|
page execute read
|
||
|
4C30000
|
unkown
|
page read and write
|
||
|
2990000
|
unkown
|
page read and write
|
||
|
A6C000
|
heap
|
page read and write
|
||
|
7AC3000
|
unkown
|
page read and write
|
||
|
1683C000
|
unkown
|
page read and write
|
||
|
16501000
|
unkown
|
page read and write
|
||
|
1697C000
|
unkown
|
page read and write
|
||
|
E998000
|
unkown
|
page read and write
|
||
|
D381000
|
unkown
|
page read and write
|
||
|
7AE9000
|
unkown
|
page read and write
|
||
|
D04C000
|
unkown
|
page read and write
|
||
|
7DF4F78E0000
|
unkown
|
page readonly
|
||
|
4CB0000
|
unkown
|
page read and write
|
||
|
16736000
|
unkown
|
page read and write
|
||
|
7793000
|
unkown
|
page readonly
|
||
|
DCA7000
|
stack
|
page read and write
|
||
|
16740000
|
unkown
|
page read and write
|
||
|
D4F8000
|
unkown
|
page read and write
|
||
|
163D1000
|
unkown
|
page read and write
|
||
|
16513000
|
unkown
|
page read and write
|
||
|
165DA000
|
unkown
|
page read and write
|
||
|
D55B000
|
unkown
|
page read and write
|
||
|
681E000
|
unkown
|
page read and write
|
||
|
16886000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
46C0000
|
unkown
|
page read and write
|
||
|
7FF5DBB87000
|
unkown
|
page readonly
|
||
|
D11C000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
4F95000
|
unkown
|
page read and write
|
||
|
168E6000
|
unkown
|
page read and write
|
||
|
7B0F000
|
unkown
|
page read and write
|
||
|
1688C000
|
unkown
|
page read and write
|
||
|
5E0000
|
unkown
|
page readonly
|
||
|
7DF4F7901000
|
unkown
|
page execute read
|
||
|
7ACA000
|
unkown
|
page read and write
|
||
|
165E4000
|
unkown
|
page read and write
|
||
|
7FF5DC02E000
|
unkown
|
page readonly
|
||
|
452C000
|
stack
|
page read and write
|
||
|
D3FD000
|
unkown
|
page read and write
|
||
|
ABF000
|
stack
|
page read and write
|
||
|
166FA000
|
unkown
|
page read and write
|
||
|
D4FC000
|
unkown
|
page read and write
|
||
|
27BE000
|
stack
|
page read and write
|
||
|
D309000
|
unkown
|
page read and write
|
||
|
7AF3000
|
unkown
|
page read and write
|
||
|
B669000
|
stack
|
page read and write
|
||
|
1664F000
|
unkown
|
page read and write
|
||
|
7FF5DC062000
|
unkown
|
page readonly
|
||
|
4640000
|
unkown
|
page read and write
|
||
|
27C0000
|
unkown
|
page read and write
|
||
|
166F5000
|
unkown
|
page read and write
|
||
|
7FF5DBC7F000
|
unkown
|
page readonly
|
||
|
4100000
|
unkown
|
page readonly
|
||
|
2D00000
|
unkown
|
page readonly
|
||
|
5B2A000
|
unkown
|
page read and write
|
||
|
D0F7000
|
unkown
|
page read and write
|
||
|
167CC000
|
unkown
|
page read and write
|
||
|
7FF5DBBD5000
|
unkown
|
page readonly
|
||
|
4C60000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
168EE000
|
unkown
|
page read and write
|
||
|
84CD000
|
unkown
|
page read and write
|
||
|
7FF5DBC41000
|
unkown
|
page readonly
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
D26B000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
168EE000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
D4DB000
|
unkown
|
page read and write
|
||
|
16511000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
D4B3000
|
unkown
|
page read and write
|
||
|
EB90000
|
heap
|
page read and write
|
||
|
16728000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
D2A5000
|
unkown
|
page read and write
|
||
|
7FF883839000
|
unkown
|
page readonly
|
||
|
49A0000
|
unkown
|
page readonly
|
||
|
84FD000
|
unkown
|
page read and write
|
||
|
168D1000
|
unkown
|
page read and write
|
||
|
27C0000
|
unkown
|
page read and write
|
||
|
66F000
|
unkown
|
page readonly
|
||
|
7B43000
|
unkown
|
page read and write
|
||
|
7EFC000
|
stack
|
page read and write
|
||
|
16888000
|
unkown
|
page read and write
|
||
|
57A0000
|
unkown
|
page read and write
|
||
|
1687D000
|
unkown
|
page read and write
|
||
|
763A000
|
unkown
|
page readonly
|
||
|
16705000
|
unkown
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
16907000
|
unkown
|
page read and write
|
||
|
167D1000
|
unkown
|
page read and write
|
||
|
D49E000
|
unkown
|
page read and write
|
||
|
7DF4F7820000
|
unkown
|
page readonly
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
7FF5DC0CD000
|
unkown
|
page readonly
|
||
|
821F000
|
unkown
|
page read and write
|
||
|
1670B000
|
unkown
|
page read and write
|
||
|
F983000
|
unkown
|
page read and write
|
||
|
1688C000
|
unkown
|
page read and write
|
||
|
4A70000
|
unkown
|
page read and write
|
||
|
49C0000
|
unkown
|
page read and write
|
||
|
167C1000
|
unkown
|
page read and write
|
||
|
D4FC000
|
unkown
|
page read and write
|
||
|
16892000
|
unkown
|
page read and write
|
||
|
53E000
|
stack
|
page read and write
|
||
|
D08A000
|
unkown
|
page read and write
|
||
|
7FF5DBBA1000
|
unkown
|
page readonly
|
||
|
4C43000
|
unkown
|
page read and write
|
||
|
D2D5000
|
unkown
|
page read and write
|
||
|
D469000
|
unkown
|
page read and write
|
||
|
D0E1000
|
unkown
|
page read and write
|
||
|
896B000
|
stack
|
page read and write
|
||
|
1668C000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
4F4000
|
heap
|
page read and write
|
||
|
8513000
|
unkown
|
page read and write
|
||
|
16720000
|
unkown
|
page read and write
|
||
|
164F1000
|
unkown
|
page read and write
|
||
|
7ACA000
|
unkown
|
page read and write
|
||
|
16A22000
|
unkown
|
page read and write
|
||
|
7FF5DBD9C000
|
unkown
|
page readonly
|
||
|
7FF5DC093000
|
unkown
|
page readonly
|
||
|
8218000
|
unkown
|
page read and write
|
||
|
16886000
|
unkown
|
page read and write
|
||
|
8200000
|
unkown
|
page read and write
|
||
|
7FF5DBDFE000
|
unkown
|
page readonly
|
||
|
7DF4F7801000
|
unkown
|
page execute read
|
||
|
7AB1000
|
unkown
|
page read and write
|
||
|
D565000
|
unkown
|
page read and write
|
||
|
7FF5DBD37000
|
unkown
|
page readonly
|
||
|
D15B000
|
unkown
|
page read and write
|
||
|
D120000
|
unkown
|
page read and write
|
||
|
1689C000
|
unkown
|
page read and write
|
||
|
1670F000
|
unkown
|
page read and write
|
||
|
7FF5DC0C5000
|
unkown
|
page readonly
|
||
|
D49E000
|
unkown
|
page read and write
|
||
|
29AB000
|
unkown
|
page read and write
|
||
|
4C10000
|
unkown
|
page read and write
|
||
|
8513000
|
unkown
|
page read and write
|
||
|
D0F7000
|
unkown
|
page read and write
|
||
|
167D1000
|
unkown
|
page read and write
|
||
|
7763000
|
unkown
|
page readonly
|
||
|
7FF5DB9CB000
|
unkown
|
page readonly
|
||
|
2951000
|
unkown
|
page read and write
|
||
|
16728000
|
unkown
|
page read and write
|
||
|
8507000
|
unkown
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
D272000
|
unkown
|
page read and write
|
||
|
2A90000
|
unkown
|
page read and write
|
||
|
82BD000
|
unkown
|
page read and write
|
||
|
16713000
|
unkown
|
page read and write
|
||
|
7FF5DBE18000
|
unkown
|
page readonly
|
||
|
FA0B000
|
unkown
|
page read and write
|
||
|
7B0F000
|
unkown
|
page read and write
|
||
|
CFD7000
|
unkown
|
page read and write
|
||
|
167D2000
|
unkown
|
page read and write
|
||
|
F9C6000
|
unkown
|
page read and write
|
||
|
7FF5DC020000
|
unkown
|
page readonly
|
||
|
2A3C000
|
stack
|
page read and write
|
||
|
7AE9000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
705B000
|
unkown
|
page readonly
|
||
|
167C1000
|
unkown
|
page read and write
|
||
|
810000
|
unkown
|
page readonly
|
||
|
1674F000
|
unkown
|
page read and write
|
||
|
AC19000
|
unkown
|
page read and write
|
||
|
7A71000
|
unkown
|
page read and write
|
||
|
16EAC83B000
|
heap
|
page read and write
|
||
|
4C30000
|
unkown
|
page read and write
|
||
|
16EACA80000
|
heap
|
page read and write
|
||
|
7FF5DBD8D000
|
unkown
|
page readonly
|
||
|
16711000
|
unkown
|
page read and write
|
||
|
16740000
|
unkown
|
page read and write
|
||
|
16884000
|
unkown
|
page read and write
|
||
|
164EB000
|
unkown
|
page read and write
|
||
|
168F4000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
19C000
|
stack
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
4C10000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
49D0000
|
unkown
|
page read and write
|
||
|
7FF5DBAE1000
|
unkown
|
page readonly
|
||
|
4A70000
|
unkown
|
page read and write
|
||
|
1687D000
|
unkown
|
page read and write
|
||
|
690000
|
unclassified section
|
page read and write
|
||
|
167C7000
|
unkown
|
page read and write
|
||
|
7FF5DBB7D000
|
unkown
|
page readonly
|
||
|
165C0000
|
unkown
|
page read and write
|
||
|
16517000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
16EAC5E0000
|
heap
|
page read and write
|
||
|
16888000
|
unkown
|
page read and write
|
||
|
7FF5DB9D9000
|
unkown
|
page readonly
|
||
|
6510000
|
unkown
|
page read and write
|
||
|
D05E000
|
unkown
|
page read and write
|
||
|
D4E7000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
8509000
|
unkown
|
page read and write
|
||
|
7FF883750000
|
unkown
|
page readonly
|
||
|
469E000
|
unkown
|
page read and write
|
||
|
165C5000
|
unkown
|
page read and write
|
||
|
7AB4000
|
unkown
|
page read and write
|
||
|
D556000
|
unkown
|
page read and write
|
||
|
D4CD000
|
unkown
|
page read and write
|
||
|
D11A000
|
unkown
|
page read and write
|
||
|
7FF5DC054000
|
unkown
|
page readonly
|
||
|
7FF5DC005000
|
unkown
|
page readonly
|
||
|
7FF5DBDC7000
|
unkown
|
page readonly
|
||
|
16884000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
16713000
|
unkown
|
page read and write
|
||
|
7FF5DB9D4000
|
unkown
|
page readonly
|
||
|
1674F000
|
unkown
|
page read and write
|
||
|
7FF5DBEB1000
|
unkown
|
page readonly
|
||
|
2949000
|
unkown
|
page read and write
|
||
|
168D9000
|
unkown
|
page read and write
|
||
|
D309000
|
unkown
|
page read and write
|
||
|
16EAD680000
|
heap
|
page readonly
|
||
|
16A20000
|
unkown
|
page read and write
|
||
|
16A28000
|
unkown
|
page read and write
|
||
|
D2D2000
|
unkown
|
page read and write
|
||
|
16728000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
4FA0000
|
unkown
|
page read and write
|
||
|
16705000
|
unkown
|
page read and write
|
||
|
16875000
|
unkown
|
page read and write
|
||
|
400000
|
remote allocation
|
page execute and read and write
|
||
|
5A25000
|
unkown
|
page read and write
|
||
|
7A9C000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
D11C000
|
unkown
|
page read and write
|
||
|
167BF000
|
unkown
|
page read and write
|
||
|
7FF5DBF55000
|
unkown
|
page readonly
|
||
|
8507000
|
unkown
|
page read and write
|
||
|
7AC3000
|
unkown
|
page read and write
|
||
|
16EAC83B000
|
heap
|
page read and write
|
||
|
D05E000
|
unkown
|
page read and write
|
||
|
D469000
|
unkown
|
page read and write
|
||
|
7FF5DC060000
|
unkown
|
page readonly
|
||
|
7DF4F7931000
|
unkown
|
page execute read
|
||
|
D288000
|
unkown
|
page read and write
|
||
|
1651B000
|
unkown
|
page read and write
|
||
|
7AF4000
|
unkown
|
page read and write
|
||
|
164EB000
|
unkown
|
page read and write
|
||
|
7DF4F7850000
|
unkown
|
page readonly
|
||
|
16730000
|
unkown
|
page read and write
|
||
|
7B39000
|
unkown
|
page read and write
|
||
|
856B000
|
unkown
|
page read and write
|
||
|
1668C000
|
unkown
|
page read and write
|
||
|
165CD000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
4BC0000
|
unkown
|
page readonly
|
||
|
4CA0000
|
unkown
|
page read and write
|
||
|
164F1000
|
unkown
|
page read and write
|
||
|
4798000
|
stack
|
page read and write
|
||
|
168FF000
|
unkown
|
page read and write
|
||
|
7FF5DBF88000
|
unkown
|
page readonly
|
||
|
4643000
|
unkown
|
page read and write
|
||
|
164FF000
|
unkown
|
page read and write
|
||
|
7FF5DBF59000
|
unkown
|
page readonly
|
||
|
D545000
|
unkown
|
page read and write
|
||
|
7FF5DBFC9000
|
unkown
|
page readonly
|
||
|
2BD6000
|
stack
|
page read and write
|
||
|
168D1000
|
unkown
|
page read and write
|
||
|
D4FC000
|
unkown
|
page read and write
|
||
|
163D0000
|
unkown
|
page read and write
|
||
|
7FF5DBE11000
|
unkown
|
page readonly
|
||
|
A98679000
|
stack
|
page read and write
|
||
|
D2C7000
|
unkown
|
page read and write
|
||
|
165CD000
|
unkown
|
page read and write
|
||
|
16EAD670000
|
trusted library allocation
|
page read and write
|
||
|
40CA000
|
unkown
|
page read and write
|
||
|
7ACA000
|
unkown
|
page read and write
|
||
|
167C7000
|
unkown
|
page read and write
|
||
|
CF13000
|
unkown
|
page read and write
|
||
|
16515000
|
unkown
|
page read and write
|
||
|
164E7000
|
unkown
|
page read and write
|
||
|
ABEC000
|
unkown
|
page read and write
|
||
|
4A80000
|
unkown
|
page read and write
|
||
|
7030000
|
unkown
|
page readonly
|
||
|
7FF5DBB68000
|
unkown
|
page readonly
|
||
|
16880000
|
unkown
|
page read and write
|
||
|
165DC000
|
unkown
|
page read and write
|
||
|
7FF5DC00B000
|
unkown
|
page readonly
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
168FD000
|
unkown
|
page read and write
|
||
|
16EAD690000
|
trusted library allocation
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
CFB6000
|
unkown
|
page read and write
|
||
|
4220000
|
unkown
|
page read and write
|
||
|
2373000
|
heap
|
page read and write
|
||
|
40EA000
|
unkown
|
page read and write
|
||
|
7AE9000
|
unkown
|
page read and write
|
||
|
16806000
|
unkown
|
page read and write
|
||
|
7FF5DBF01000
|
unkown
|
page readonly
|
||
|
16884000
|
unkown
|
page read and write
|
||
|
1668A000
|
unkown
|
page read and write
|
||
|
16700000
|
unkown
|
page read and write
|
||
|
7FF5DBB77000
|
unkown
|
page readonly
|
||
|
27C0000
|
unkown
|
page read and write
|
||
|
2D10000
|
unkown
|
page read and write
|
||
|
67F0000
|
unkown
|
page read and write
|
||
|
D21C000
|
unkown
|
page read and write
|
||
|
1688A000
|
unkown
|
page read and write
|
||
|
9FE000
|
stack
|
page read and write
|
||
|
7B07000
|
unkown
|
page read and write
|
||
|
66F000
|
unkown
|
page readonly
|
||
|
7FF5DBA28000
|
unkown
|
page readonly
|
||
|
16655000
|
unkown
|
page read and write
|
||
|
D49E000
|
unkown
|
page read and write
|
||
|
D0E1000
|
unkown
|
page read and write
|
||
|
1672B000
|
unkown
|
page read and write
|
||
|
D12D000
|
unkown
|
page read and write
|
||
|
7DF4F78F1000
|
unkown
|
page execute read
|
||
|
D54C000
|
unkown
|
page read and write
|
||
|
168FD000
|
unkown
|
page read and write
|
||
|
45AB000
|
stack
|
page read and write
|
||
|
16907000
|
unkown
|
page read and write
|
||
|
1689C000
|
unkown
|
page read and write
|
||
|
167CC000
|
unkown
|
page read and write
|
||
|
16EAC7D0000
|
trusted library allocation
|
page read and write
|
||
|
16806000
|
unkown
|
page read and write
|
||
|
7467000
|
unkown
|
page readonly
|
||
|
4324000
|
unkown
|
page read and write
|
||
|
6D0000
|
heap
|
page read and write
|
||
|
166FE000
|
unkown
|
page read and write
|
||
|
1670B000
|
unkown
|
page read and write
|
||
|
780E000
|
unkown
|
page readonly
|
||
|
16743000
|
unkown
|
page read and write
|
||
|
8390000
|
unkown
|
page read and write
|
||
|
D4CD000
|
unkown
|
page read and write
|
||
|
1668A000
|
unkown
|
page read and write
|
||
|
164FF000
|
unkown
|
page read and write
|
||
|
D384000
|
unkown
|
page read and write
|
||
|
7FF5DB915000
|
unkown
|
page readonly
|
||
|
28F7000
|
unkown
|
page read and write
|
||
|
D11C000
|
unkown
|
page read and write
|
||
|
7FF5DBE23000
|
unkown
|
page readonly
|
||
|
D565000
|
unkown
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
4EC0000
|
unkown
|
page read and write
|
||
|
164DE000
|
unkown
|
page read and write
|
||
|
16888000
|
unkown
|
page read and write
|
||
|
7FF5DBB72000
|
unkown
|
page readonly
|
||
|
4E80000
|
unkown
|
page read and write
|
||
|
7AA0000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
16746000
|
unkown
|
page read and write
|
||
|
85BA000
|
unkown
|
page read and write
|
||
|
164FD000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
16888000
|
unkown
|
page read and write
|
||
|
16880000
|
unkown
|
page read and write
|
||
|
7FF5DBE67000
|
unkown
|
page readonly
|
||
|
CF2B000
|
unkown
|
page read and write
|
||
|
7FF5DBE35000
|
unkown
|
page readonly
|
||
|
D56D000
|
unkown
|
page read and write
|
||
|
7FF5DC002000
|
unkown
|
page readonly
|
||
|
164F9000
|
unkown
|
page read and write
|
||
|
7FF5DBDAA000
|
unkown
|
page readonly
|
||
|
168E6000
|
unkown
|
page read and write
|
||
|
8514000
|
unkown
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
7B07000
|
unkown
|
page read and write
|
||
|
164FB000
|
unkown
|
page read and write
|
||
|
4BE0000
|
unkown
|
page read and write
|
||
|
7FF5DBB6E000
|
unkown
|
page readonly
|
||
|
D112000
|
unkown
|
page read and write
|
||
|
168F6000
|
unkown
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
AC19000
|
unkown
|
page read and write
|
||
|
7DF4F7911000
|
unkown
|
page execute read
|
||
|
CD70000
|
unkown
|
page read and write
|
||
|
7FF5DBDE5000
|
unkown
|
page readonly
|
||
|
D37E000
|
unkown
|
page read and write
|
||
|
7FF8838ED000
|
unkown
|
page write copy
|
||
|
16520000
|
unkown
|
page read and write
|
||
|
7FF5DBDBF000
|
unkown
|
page readonly
|
||
|
16888000
|
unkown
|
page read and write
|
||
|
7FF5DBD8A000
|
unkown
|
page readonly
|
||
|
16709000
|
unkown
|
page read and write
|
||
|
7ACA000
|
unkown
|
page read and write
|
||
|
1683C000
|
unkown
|
page read and write
|
||
|
FA19000
|
unkown
|
page read and write
|
||
|
166FA000
|
unkown
|
page read and write
|
||
|
CFD7000
|
unkown
|
page read and write
|
||
|
16740000
|
unkown
|
page read and write
|
||
|
4C03000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
D54C000
|
unkown
|
page read and write
|
||
|
7FF88390A000
|
unkown
|
page readonly
|
||
|
8504000
|
unkown
|
page read and write
|
||
|
1688A000
|
unkown
|
page read and write
|
||
|
A986FF000
|
stack
|
page read and write
|
||
|
7DF4F7920000
|
unkown
|
page readonly
|
||
|
852C000
|
unkown
|
page read and write
|
||
|
7FA000
|
heap
|
page read and write
|
||
|
1673D000
|
unkown
|
page read and write
|
||
|
D26D000
|
unkown
|
page read and write
|
||
|
7DF4F78F1000
|
unkown
|
page execute read
|
||
|
D50F000
|
unkown
|
page read and write
|
||
|
D11C000
|
unkown
|
page read and write
|
||
|
1697C000
|
unkown
|
page read and write
|
||
|
777E000
|
unkown
|
page readonly
|
||
|
852C000
|
unkown
|
page read and write
|
||
|
D4F8000
|
unkown
|
page read and write
|
||
|
7862000
|
unkown
|
page readonly
|
||
|
8501000
|
unkown
|
page read and write
|
||
|
D006000
|
unkown
|
page read and write
|
||
|
7DF4F7931000
|
unkown
|
page execute read
|
||
|
16507000
|
unkown
|
page read and write
|
||
|
167BF000
|
unkown
|
page read and write
|
||
|
16728000
|
unkown
|
page read and write
|
||
|
8244000
|
unkown
|
page read and write
|
||
|
16907000
|
unkown
|
page read and write
|
||
|
D509000
|
unkown
|
page read and write
|
||
|
2270000
|
heap
|
page read and write
|
||
|
84D4000
|
unkown
|
page read and write
|
||
|
8465000
|
unkown
|
page read and write
|
||
|
167CC000
|
unkown
|
page read and write
|
||
|
7FF5DBBC5000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
D4C4000
|
unkown
|
page read and write
|
||
|
7FF8838E5000
|
unkown
|
page read and write
|
||
|
16711000
|
unkown
|
page read and write
|
||
|
167C7000
|
unkown
|
page read and write
|
||
|
8481000
|
unkown
|
page read and write
|
||
|
1688C000
|
unkown
|
page read and write
|
||
|
4080000
|
unkown
|
page read and write
|
||
|
40F0000
|
unkown
|
page read and write
|
||
|
7B0F000
|
unkown
|
page read and write
|
||
|
ABAB000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
856B000
|
unkown
|
page read and write
|
||
|
850C000
|
unkown
|
page read and write
|
||
|
D4B3000
|
unkown
|
page read and write
|
||
|
CE5E000
|
unkown
|
page read and write
|
||
|
D55B000
|
unkown
|
page read and write
|
||
|
167D1000
|
unkown
|
page read and write
|
||
|
16743000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
544000
|
heap
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
D284000
|
unkown
|
page read and write
|
||
|
8D8000
|
heap
|
page execute and read and write
|
||
|
D11C000
|
unkown
|
page read and write
|
||
|
4C13000
|
unkown
|
page read and write
|
||
|
2C20000
|
unkown
|
page readonly
|
||
|
D11C000
|
unkown
|
page read and write
|
||
|
164DE000
|
unkown
|
page read and write
|
||
|
16880000
|
unkown
|
page read and write
|
||
|
D4CD000
|
unkown
|
page read and write
|
||
|
7FF5DB909000
|
unkown
|
page readonly
|
||
|
7FF5DBC8C000
|
unkown
|
page readonly
|
||
|
7AB0000
|
unkown
|
page read and write
|
||
|
CF52000
|
unkown
|
page read and write
|
||
|
66F000
|
unkown
|
page readonly
|
||
|
4C30000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
75C4000
|
unkown
|
page readonly
|
||
|
7B11000
|
unkown
|
page read and write
|
||
|
16711000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
D20D000
|
unkown
|
page read and write
|
||
|
1688E000
|
unkown
|
page read and write
|
||
|
D545000
|
unkown
|
page read and write
|
||
|
D4DB000
|
unkown
|
page read and write
|
||
|
296A000
|
unkown
|
page read and write
|
||
|
D2CC000
|
unkown
|
page read and write
|
||
|
6530000
|
unkown
|
page readonly
|
||
|
7FF5DBDB1000
|
unkown
|
page readonly
|
||
|
D4FA000
|
unkown
|
page read and write
|
||
|
4F70000
|
unkown
|
page read and write
|
||
|
8513000
|
unkown
|
page read and write
|
||
|
1672B000
|
unkown
|
page read and write
|
||
|
4B30000
|
unkown
|
page read and write
|
||
|
D08A000
|
unkown
|
page read and write
|
||
|
F4F000
|
stack
|
page read and write
|
||
|
D556000
|
unkown
|
page read and write
|
||
|
7FF5DBD28000
|
unkown
|
page readonly
|
||
|
168EA000
|
unkown
|
page read and write
|
||
|
4A65000
|
unkown
|
page read and write
|
||
|
D12D000
|
unkown
|
page read and write
|
||
|
1670F000
|
unkown
|
page read and write
|
||
|
7FF5DBFEF000
|
unkown
|
page readonly
|
||
|
7ADD000
|
unkown
|
page read and write
|
||
|
D565000
|
unkown
|
page read and write
|
||
|
167C1000
|
unkown
|
page read and write
|
||
|
167D1000
|
unkown
|
page read and write
|
||
|
7DF4F7841000
|
unkown
|
page execute read
|
||
|
D04E000
|
unkown
|
page read and write
|
||
|
429000
|
unkown
|
page write copy
|
||
|
164F3000
|
unkown
|
page read and write
|
||
|
16EAC5F0000
|
trusted library allocation
|
page read and write
|
||
|
167C7000
|
unkown
|
page read and write
|
||
|
165DA000
|
unkown
|
page read and write
|
||
|
49F0000
|
unkown
|
page readonly
|
||
|
D3FD000
|
unkown
|
page read and write
|
||
|
166FE000
|
unkown
|
page read and write
|
||
|
2A90000
|
unkown
|
page read and write
|
||
|
7ACA000
|
unkown
|
page read and write
|
||
|
7FF5DBCC1000
|
unkown
|
page readonly
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
16884000
|
unkown
|
page read and write
|
||
|
D11A000
|
unkown
|
page read and write
|
||
|
9C000
|
stack
|
page read and write
|
||
|
1687D000
|
unkown
|
page read and write
|
||
|
84CB000
|
unkown
|
page read and write
|
||
|
D50F000
|
unkown
|
page read and write
|
||
|
4E85000
|
unkown
|
page read and write
|
||
|
165DA000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
7FF5DBFB2000
|
unkown
|
page readonly
|
||
|
16471000
|
unkown
|
page read and write
|
||
|
D37A000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
4C83000
|
unkown
|
page read and write
|
||
|
5A2E000
|
unkown
|
page read and write
|
||
|
4640000
|
unkown
|
page read and write
|
||
|
40A0000
|
unkown
|
page read and write
|
||
|
4A80000
|
unkown
|
page read and write
|
||
|
6960000
|
heap
|
page read and write
|
||
|
1673D000
|
unkown
|
page read and write
|
||
|
16875000
|
unkown
|
page read and write
|
||
|
16711000
|
unkown
|
page read and write
|
||
|
16700000
|
unkown
|
page read and write
|
||
|
16892000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
EBA0000
|
unkown
|
page read and write
|
||
|
1688A000
|
unkown
|
page read and write
|
||
|
16EAC833000
|
heap
|
page read and write
|
||
|
7FF5DBDC2000
|
unkown
|
page readonly
|
||
|
67E000
|
stack
|
page read and write
|
||
|
739D000
|
unkown
|
page readonly
|
||
|
4C10000
|
unkown
|
page read and write
|
||
|
16880000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
64F000
|
stack
|
page read and write
|
||
|
164E7000
|
unkown
|
page read and write
|
||
|
7FF5DBC96000
|
unkown
|
page readonly
|
||
|
D2CC000
|
unkown
|
page read and write
|
||
|
6D65000
|
stack
|
page read and write
|
||
|
7B11000
|
unkown
|
page read and write
|
||
|
D381000
|
unkown
|
page read and write
|
||
|
AC0000
|
unkown
|
page readonly
|
||
|
F944000
|
unkown
|
page read and write
|
||
|
AC08000
|
unkown
|
page read and write
|
||
|
1672B000
|
unkown
|
page read and write
|
||
|
72E000
|
stack
|
page read and write
|
||
|
7FF5DBEBD000
|
unkown
|
page readonly
|
||
|
7FF5DBFA5000
|
unkown
|
page readonly
|
||
|
1672B000
|
unkown
|
page read and write
|
||
|
164FF000
|
unkown
|
page read and write
|
||
|
900000
|
unkown
|
page readonly
|
||
|
167CC000
|
unkown
|
page read and write
|
||
|
7FF5DBD10000
|
unkown
|
page readonly
|
||
|
4A30000
|
unkown
|
page read and write
|
||
|
D006000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
152CC000
|
stack
|
page read and write
|
||
|
40B0000
|
unkown
|
page read and write
|
||
|
CF82000
|
unkown
|
page read and write
|
||
|
7FF5D20ED000
|
unkown
|
page readonly
|
||
|
D381000
|
unkown
|
page read and write
|
||
|
4C80000
|
unkown
|
page read and write
|
||
|
7FF5DC079000
|
unkown
|
page readonly
|
||
|
4CB3000
|
unkown
|
page read and write
|
||
|
167C1000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
16907000
|
unkown
|
page read and write
|
||
|
16519000
|
unkown
|
page read and write
|
||
|
16880000
|
unkown
|
page read and write
|
||
|
4F70000
|
unkown
|
page read and write
|
||
|
6830000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
D006000
|
unkown
|
page read and write
|
||
|
27C0000
|
unkown
|
page read and write
|
||
|
850C000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
D565000
|
unkown
|
page read and write
|
||
|
169E5000
|
unkown
|
page read and write
|
||
|
84C4000
|
unkown
|
page read and write
|
||
|
4A10000
|
unkown
|
page readonly
|
||
|
16700000
|
unkown
|
page read and write
|
||
|
7AC3000
|
unkown
|
page read and write
|
||
|
4FD0000
|
unkown
|
page read and write
|
||
|
7A9C000
|
unkown
|
page read and write
|
||
|
16503000
|
unkown
|
page read and write
|
||
|
16A2A000
|
unkown
|
page read and write
|
||
|
D04E000
|
unkown
|
page read and write
|
||
|
166F5000
|
unkown
|
page read and write
|
||
|
D05E000
|
unkown
|
page read and write
|
||
|
D4FC000
|
unkown
|
page read and write
|
||
|
7FF5DBB66000
|
unkown
|
page readonly
|
||
|
154CE000
|
stack
|
page read and write
|
||
|
8504000
|
unkown
|
page read and write
|
||
|
7FF5DBCC9000
|
unkown
|
page readonly
|
||
|
BD67000
|
stack
|
page read and write
|
||
|
705E000
|
unkown
|
page readonly
|
||
|
27C0000
|
unkown
|
page read and write
|
||
|
856B000
|
unkown
|
page read and write
|
||
|
16EAD6A0000
|
trusted library allocation
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
D545000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
772C000
|
unkown
|
page readonly
|
||
|
8519000
|
unkown
|
page read and write
|
||
|
D4EE000
|
unkown
|
page read and write
|
||
|
ABE3000
|
unkown
|
page read and write
|
||
|
CFB1000
|
unkown
|
page read and write
|
||
|
8296000
|
unkown
|
page read and write
|
||
|
2490000
|
heap
|
page read and write
|
||
|
84CD000
|
unkown
|
page read and write
|
||
|
D11C000
|
unkown
|
page read and write
|
||
|
168E2000
|
unkown
|
page read and write
|
||
|
4A63000
|
unkown
|
page read and write
|
||
|
7FF5DC134000
|
unkown
|
page readonly
|
||
|
1F40000
|
unclassified section
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
1674F000
|
unkown
|
page read and write
|
||
|
74E1000
|
unkown
|
page readonly
|
||
|
82BF000
|
unkown
|
page read and write
|
||
|
D11A000
|
unkown
|
page read and write
|
||
|
16886000
|
unkown
|
page read and write
|
||
|
7FF5DBF27000
|
unkown
|
page readonly
|
||
|
63F000
|
stack
|
page read and write
|
||
|
9D000
|
stack
|
page read and write
|
||
|
7DF4F7820000
|
unkown
|
page readonly
|
||
|
167C7000
|
unkown
|
page read and write
|
||
|
ABC4000
|
unkown
|
page read and write
|
||
|
168F6000
|
unkown
|
page read and write
|
||
|
4EA0000
|
unkown
|
page read and write
|
||
|
CFB6000
|
unkown
|
page read and write
|
||
|
16730000
|
unkown
|
page read and write
|
||
|
4EB0000
|
unkown
|
page read and write
|
||
|
BCE7000
|
stack
|
page read and write
|
||
|
168DE000
|
unkown
|
page read and write
|
||
|
7FF5DB976000
|
unkown
|
page readonly
|
||
|
4290000
|
unkown
|
page read and write
|
||
|
5A25000
|
unkown
|
page read and write
|
||
|
84FD000
|
unkown
|
page read and write
|
||
|
856B000
|
unkown
|
page read and write
|
||
|
CE53000
|
unkown
|
page read and write
|
||
|
1651B000
|
unkown
|
page read and write
|
||
|
7AA0000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
168D9000
|
unkown
|
page read and write
|
||
|
2880000
|
unkown
|
page readonly
|
||
|
4AA0000
|
unkown
|
page read and write
|
||
|
D216000
|
unkown
|
page read and write
|
||
|
166C0000
|
unkown
|
page read and write
|
||
|
7DF4F7920000
|
unkown
|
page readonly
|
||
|
2970000
|
unkown
|
page read and write
|
||
|
164E5000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
D4F3000
|
unkown
|
page read and write
|
||
|
7DF4F78B1000
|
unkown
|
page execute read
|
||
|
D159000
|
unkown
|
page read and write
|
||
|
D2A5000
|
unkown
|
page read and write
|
||
|
4650000
|
unkown
|
page read and write
|
||
|
BAE8000
|
stack
|
page read and write
|
||
|
16507000
|
unkown
|
page read and write
|
||
|
167C5000
|
unkown
|
page read and write
|
||
|
1670F000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
4C33000
|
unkown
|
page read and write
|
||
|
D05E000
|
unkown
|
page read and write
|
||
|
168E5000
|
unkown
|
page read and write
|
||
|
4C85000
|
unkown
|
page read and write
|
||
|
168DE000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
BA69000
|
stack
|
page read and write
|
||
|
D565000
|
unkown
|
page read and write
|
||
|
CF19000
|
unkown
|
page read and write
|
||
|
4676000
|
unkown
|
page read and write
|
||
|
D010000
|
unkown
|
page read and write
|
||
|
AAD000
|
heap
|
page read and write
|
||
|
D15B000
|
unkown
|
page read and write
|
||
|
D2B1000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
16713000
|
unkown
|
page read and write
|
||
|
16655000
|
unkown
|
page read and write
|
||
|
16509000
|
unkown
|
page read and write
|
||
|
CFB1000
|
unkown
|
page read and write
|
||
|
4C70000
|
unkown
|
page read and write
|
||
|
5A2E000
|
unkown
|
page read and write
|
||
|
850C000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
7DF4F7890000
|
unkown
|
page readonly
|
||
|
16730000
|
unkown
|
page read and write
|
||
|
D4EE000
|
unkown
|
page read and write
|
||
|
D510000
|
unkown
|
page read and write
|
||
|
49C0000
|
unkown
|
page read and write
|
||
|
27C0000
|
unkown
|
page read and write
|
||
|
7AB0000
|
unkown
|
page read and write
|
||
|
D2D2000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
CFD7000
|
unkown
|
page read and write
|
||
|
7FF5DBE95000
|
unkown
|
page readonly
|
||
|
7FF5DBDCB000
|
unkown
|
page readonly
|
||
|
823C000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
7B11000
|
unkown
|
page read and write
|
||
|
16705000
|
unkown
|
page read and write
|
||
|
7FF5DC0AF000
|
unkown
|
page readonly
|
||
|
4C30000
|
unkown
|
page read and write
|
||
|
D290000
|
unkown
|
page read and write
|
||
|
7FF5DB905000
|
unkown
|
page readonly
|
||
|
D05E000
|
unkown
|
page read and write
|
||
|
76EE000
|
unkown
|
page readonly
|
||
|
7AEA000
|
unkown
|
page read and write
|
||
|
848F000
|
unkown
|
page read and write
|
||
|
168E5000
|
unkown
|
page read and write
|
||
|
1674F000
|
unkown
|
page read and write
|
||
|
7FF5DBC34000
|
unkown
|
page readonly
|
||
|
7FF5DC008000
|
unkown
|
page readonly
|
||
|
16745000
|
unkown
|
page read and write
|
||
|
429000
|
unkown
|
page write copy
|
||
|
7B07000
|
unkown
|
page read and write
|
||
|
7FF5DBED7000
|
unkown
|
page readonly
|
||
|
1689C000
|
unkown
|
page read and write
|
||
|
D4FC000
|
unkown
|
page read and write
|
||
|
D120000
|
unkown
|
page read and write
|
||
|
D159000
|
unkown
|
page read and write
|
||
|
CDC8000
|
unkown
|
page read and write
|
||
|
16892000
|
unkown
|
page read and write
|
||
|
B9EE000
|
stack
|
page read and write
|
||
|
7DF4F7901000
|
unkown
|
page execute read
|
||
|
16655000
|
unkown
|
page read and write
|
||
|
168D1000
|
unkown
|
page read and write
|
||
|
7FF5DBEA1000
|
unkown
|
page readonly
|
||
|
16711000
|
unkown
|
page read and write
|
||
|
8C0000
|
unkown
|
page readonly
|
||
|
540000
|
heap
|
page read and write
|
||
|
164F3000
|
unkown
|
page read and write
|
||
|
D08A000
|
unkown
|
page read and write
|
||
|
429000
|
unkown
|
page read and write
|
||
|
47E0000
|
unkown
|
page readonly
|
||
|
16503000
|
unkown
|
page read and write
|
||
|
16886000
|
unkown
|
page read and write
|
||
|
7B20000
|
unkown
|
page read and write
|
||
|
D545000
|
unkown
|
page read and write
|
||
|
4210000
|
unkown
|
page read and write
|
||
|
1689C000
|
unkown
|
page read and write
|
||
|
16745000
|
unkown
|
page read and write
|
||
|
AC19000
|
unkown
|
page read and write
|
||
|
7FF5DBFDB000
|
unkown
|
page readonly
|
||
|
1687D000
|
unkown
|
page read and write
|
||
|
84C4000
|
unkown
|
page read and write
|
||
|
D120000
|
unkown
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
D4CD000
|
unkown
|
page read and write
|
||
|
168EE000
|
unkown
|
page read and write
|
||
|
27C0000
|
unkown
|
page read and write
|
||
|
D010000
|
unkown
|
page read and write
|
||
|
E98E000
|
unkown
|
page read and write
|
||
|
1534B000
|
stack
|
page read and write
|
||
|
D49E000
|
unkown
|
page read and write
|
||
|
16886000
|
unkown
|
page read and write
|
||
|
D2D5000
|
unkown
|
page read and write
|
||
|
164EF000
|
unkown
|
page read and write
|
||
|
16743000
|
unkown
|
page read and write
|
||
|
16513000
|
unkown
|
page read and write
|
||
|
B2EC000
|
stack
|
page read and write
|
||
|
164F1000
|
unkown
|
page read and write
|
||
|
CFB1000
|
unkown
|
page read and write
|
||
|
7DF4F7921000
|
unkown
|
page execute read
|
||
|
D384000
|
unkown
|
page read and write
|
||
|
8509000
|
unkown
|
page read and write
|
||
|
19D000
|
stack
|
page read and write
|
||
|
167CC000
|
unkown
|
page read and write
|
||
|
1670B000
|
unkown
|
page read and write
|
||
|
83B9000
|
unkown
|
page read and write
|
||
|
1672B000
|
unkown
|
page read and write
|
||
|
D346000
|
unkown
|
page read and write
|
||
|
16511000
|
unkown
|
page read and write
|
||
|
84FD000
|
unkown
|
page read and write
|
||
|
852C000
|
unkown
|
page read and write
|
||
|
168DE000
|
unkown
|
page read and write
|
||
|
16713000
|
unkown
|
page read and write
|
||
|
D4DB000
|
unkown
|
page read and write
|
||
|
16730000
|
unkown
|
page read and write
|
||
|
4E70000
|
unkown
|
page read and write
|
||
|
7FF5DBF15000
|
unkown
|
page readonly
|
||
|
D148000
|
unkown
|
page read and write
|
||
|
27C0000
|
unkown
|
page read and write
|
||
|
4BE5000
|
unkown
|
page read and write
|
||
|
7FF5DBF6F000
|
unkown
|
page readonly
|
||
|
7DF4F7910000
|
unkown
|
page readonly
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
1683C000
|
unkown
|
page read and write
|
||
|
CEB4000
|
unkown
|
page read and write
|
||
|
7FF5DBAD4000
|
unkown
|
page readonly
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
165C0000
|
unkown
|
page read and write
|
||
|
8501000
|
unkown
|
page read and write
|
||
|
D38D000
|
unkown
|
page read and write
|
||
|
5592000
|
heap
|
page read and write
|
||
|
D432000
|
unkown
|
page read and write
|
||
|
FA02000
|
unkown
|
page read and write
|
||
|
16A2A000
|
unkown
|
page read and write
|
||
|
68E000
|
stack
|
page read and write
|
||
|
7B11000
|
unkown
|
page read and write
|
||
|
CE96000
|
unkown
|
page read and write
|
||
|
166FE000
|
unkown
|
page read and write
|
||
|
7AC3000
|
unkown
|
page read and write
|
||
|
D4DB000
|
unkown
|
page read and write
|
||
|
81FE000
|
stack
|
page read and write
|
||
|
168D1000
|
unkown
|
page read and write
|
||
|
D54C000
|
unkown
|
page read and write
|
||
|
5C70000
|
unkown
|
page read and write
|
||
|
16EACA90000
|
trusted library allocation
|
page read and write
|
||
|
16700000
|
unkown
|
page read and write
|
||
|
1650B000
|
unkown
|
page read and write
|
||
|
164E5000
|
unkown
|
page read and write
|
||
|
1670F000
|
unkown
|
page read and write
|
||
|
161CD000
|
stack
|
page read and write
|
||
|
7DF4F7831000
|
unkown
|
page execute read
|
||
|
4A20000
|
unkown
|
page read and write
|
||
|
7B07000
|
unkown
|
page read and write
|
||
|
D66D000
|
stack
|
page read and write
|
||
|
22A0000
|
heap
|
page read and write
|
||
|
7FF5DBEEF000
|
unkown
|
page readonly
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
7FF5DBFD4000
|
unkown
|
page readonly
|
||
|
7B07000
|
unkown
|
page read and write
|
||
|
856B000
|
unkown
|
page read and write
|
||
|
7FF5DBFF7000
|
unkown
|
page readonly
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
2A90000
|
unkown
|
page read and write
|
||
|
FA45000
|
unkown
|
page read and write
|
||
|
164F3000
|
unkown
|
page read and write
|
||
|
8519000
|
unkown
|
page read and write
|
||
|
D3FD000
|
unkown
|
page read and write
|
||
|
D469000
|
unkown
|
page read and write
|
||
|
7FF5DC06A000
|
unkown
|
page readonly
|
||
|
4F93000
|
unkown
|
page read and write
|
||
|
7FF5DC124000
|
unkown
|
page readonly
|
||
|
7725000
|
unkown
|
page readonly
|
||
|
16720000
|
unkown
|
page read and write
|
||
|
7FF5DBF6A000
|
unkown
|
page readonly
|
||
|
D509000
|
unkown
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
4E0000
|
heap
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
165C3000
|
unkown
|
page read and write
|
||
|
7DF4F7811000
|
unkown
|
page execute read
|
||
|
16720000
|
unkown
|
page read and write
|
||
|
7FF5DBA47000
|
unkown
|
page readonly
|
||
|
D55B000
|
unkown
|
page read and write
|
||
|
ABD0000
|
unkown
|
page read and write
|
||
|
D50F000
|
unkown
|
page read and write
|
||
|
6834000
|
unkown
|
page read and write
|
||
|
167CC000
|
unkown
|
page read and write
|
||
|
1544A000
|
stack
|
page read and write
|
||
|
168CC000
|
unkown
|
page read and write
|
||
|
7FF5DBD46000
|
unkown
|
page readonly
|
||
|
54F0000
|
unkown
|
page readonly
|
||
|
7FF5DB9FB000
|
unkown
|
page readonly
|
||
|
150CA000
|
stack
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
D08A000
|
unkown
|
page read and write
|
||
|
16740000
|
unkown
|
page read and write
|
||
|
AC05000
|
unkown
|
page read and write
|
||
|
16EAC7C0000
|
trusted library allocation
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
7FF5DBFD0000
|
unkown
|
page readonly
|
||
|
167C1000
|
unkown
|
page read and write
|
||
|
46D0000
|
unkown
|
page write copy
|
||
|
167AE000
|
unkown
|
page read and write
|
||
|
16EACA85000
|
heap
|
page read and write
|
||
|
1651B000
|
unkown
|
page read and write
|
||
|
1674F000
|
unkown
|
page read and write
|
||
|
167D1000
|
unkown
|
page read and write
|
||
|
16EAC7F0000
|
heap
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
8CA000
|
heap
|
page read and write
|
||
|
D387000
|
unkown
|
page read and write
|
||
|
28DD000
|
unkown
|
page read and write
|
||
|
1688E000
|
unkown
|
page read and write
|
||
|
C763000
|
stack
|
page read and write
|
||
|
7DF4F7861000
|
unkown
|
page execute read
|
||
|
429000
|
unkown
|
page write copy
|
||
|
1672B000
|
unkown
|
page read and write
|
||
|
7DF4F78B0000
|
unkown
|
page readonly
|
||
|
8235000
|
unkown
|
page read and write
|
||
|
1688E000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
7FF5DBCA6000
|
unkown
|
page readonly
|
||
|
D0F7000
|
unkown
|
page read and write
|
||
|
29A8000
|
unkown
|
page read and write
|
||
|
66F000
|
unkown
|
page readonly
|
||
|
ABC4000
|
unkown
|
page read and write
|
||
|
682B000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
1674F000
|
unkown
|
page read and write
|
||
|
16700000
|
unkown
|
page read and write
|
||
|
D54C000
|
unkown
|
page read and write
|
||
|
7FF5DB9D2000
|
unkown
|
page readonly
|
||
|
7DF4F78C1000
|
unkown
|
page execute read
|
||
|
4C00000
|
unkown
|
page read and write
|
||
|
168D9000
|
unkown
|
page read and write
|
||
|
7FF5DBE0A000
|
unkown
|
page readonly
|
||
|
429000
|
unkown
|
page write copy
|
||
|
8231000
|
unkown
|
page read and write
|
||
|
7DF4F7911000
|
unkown
|
page execute read
|
||
|
8504000
|
unkown
|
page read and write
|
||
|
166C0000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
D4F8000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
16730000
|
unkown
|
page read and write
|
||
|
740000
|
heap
|
page read and write
|
||
|
1670B000
|
unkown
|
page read and write
|
||
|
D28C000
|
unkown
|
page read and write
|
||
|
7FF5DBE80000
|
unkown
|
page readonly
|
||
|
4C00000
|
unkown
|
page read and write
|
||
|
1689C000
|
unkown
|
page read and write
|
||
|
8507000
|
unkown
|
page read and write
|
||
|
5A2E000
|
unkown
|
page read and write
|
||
|
7FF5DBD34000
|
unkown
|
page readonly
|
||
|
4640000
|
unkown
|
page read and write
|
||
|
7DF4F7831000
|
unkown
|
page execute read
|
||
|
2810000
|
unkown
|
page readonly
|
||
|
B268000
|
stack
|
page read and write
|
||
|
4699000
|
unkown
|
page read and write
|
||
|
49B0000
|
unkown
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
8260000
|
unkown
|
page read and write
|
||
|
67FD000
|
unkown
|
page read and write
|
||
|
D216000
|
unkown
|
page read and write
|
||
|
D556000
|
unkown
|
page read and write
|
||
|
1673D000
|
unkown
|
page read and write
|
||
|
4385000
|
unkown
|
page read and write
|
||
|
7FF5DBFE1000
|
unkown
|
page readonly
|
||
|
CF5C000
|
unkown
|
page read and write
|
||
|
85BA000
|
unkown
|
page read and write
|
||
|
D4A1000
|
unkown
|
page read and write
|
||
|
84CD000
|
unkown
|
page read and write
|
||
|
7FF5DB90E000
|
unkown
|
page readonly
|
||
|
CFC8000
|
unkown
|
page read and write
|
||
|
D2CA000
|
unkown
|
page read and write
|
||
|
22D0000
|
unkown
|
page readonly
|
||
|
16740000
|
unkown
|
page read and write
|
||
|
D11A000
|
unkown
|
page read and write
|
||
|
D2B8000
|
unkown
|
page read and write
|
||
|
164E7000
|
unkown
|
page read and write
|
||
|
7FF5DBE62000
|
unkown
|
page readonly
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
1668C000
|
unkown
|
page read and write
|
||
|
D4C4000
|
unkown
|
page read and write
|
||
|
16743000
|
unkown
|
page read and write
|
||
|
D54C000
|
unkown
|
page read and write
|
||
|
4C30000
|
unkown
|
page read and write
|
||
|
1670F000
|
unkown
|
page read and write
|
||
|
7508000
|
unkown
|
page readonly
|
||
|
D4AA000
|
unkown
|
page read and write
|
||
|
16730000
|
unkown
|
page read and write
|
||
|
2A90000
|
unkown
|
page read and write
|
||
|
D2BA000
|
unkown
|
page read and write
|
||
|
6858000
|
unkown
|
page read and write
|
||
|
8229000
|
unkown
|
page read and write
|
||
|
AAEA000
|
stack
|
page read and write
|
||
|
D2C7000
|
unkown
|
page read and write
|
||
|
7DF4F7921000
|
unkown
|
page execute read
|
||
|
7FF5DC158000
|
unkown
|
page readonly
|
||
|
CF27000
|
unkown
|
page read and write
|
||
|
D4C4000
|
unkown
|
page read and write
|
||
|
7FF5DBDD6000
|
unkown
|
page readonly
|
||
|
769C000
|
unkown
|
page readonly
|
||
|
167BF000
|
unkown
|
page read and write
|
||
|
1683C000
|
unkown
|
page read and write
|
||
|
166FA000
|
unkown
|
page read and write
|
||
|
856B000
|
unkown
|
page read and write
|
||
|
D15B000
|
unkown
|
page read and write
|
||
|
D04E000
|
unkown
|
page read and write
|
||
|
5B2A000
|
unkown
|
page read and write
|
||
|
1688E000
|
unkown
|
page read and write
|
||
|
7FF5DBE76000
|
unkown
|
page readonly
|
||
|
24F0000
|
heap
|
page read and write
|
||
|
7B07000
|
unkown
|
page read and write
|
||
|
16709000
|
unkown
|
page read and write
|
||
|
EB96000
|
heap
|
page read and write
|
||
|
D4C4000
|
unkown
|
page read and write
|
||
|
2A90000
|
unkown
|
page read and write
|
||
|
7DF4F78C0000
|
unkown
|
page readonly
|
||
|
1FD0000
|
heap
|
page read and write
|
||
|
16519000
|
unkown
|
page read and write
|
||
|
165CD000
|
unkown
|
page read and write
|
||
|
4C05000
|
unkown
|
page read and write
|
||
|
ABEE000
|
unkown
|
page read and write
|
||
|
784C000
|
unkown
|
page readonly
|
||
|
D21C000
|
unkown
|
page read and write
|
||
|
167C7000
|
unkown
|
page read and write
|
||
|
7FF5DC040000
|
unkown
|
page readonly
|
||
|
85BA000
|
unkown
|
page read and write
|
||
|
166F6000
|
unkown
|
page read and write
|
||
|
5C6C000
|
stack
|
page read and write
|
||
|
D0E1000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
16EACA89000
|
heap
|
page read and write
|
||
|
85BA000
|
unkown
|
page read and write
|
||
|
16713000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
D4EE000
|
unkown
|
page read and write
|
||
|
7FF5DBBFC000
|
unkown
|
page readonly
|
||
|
4B10000
|
unkown
|
page read and write
|
||
|
8501000
|
unkown
|
page read and write
|
||
|
751E000
|
unkown
|
page readonly
|
||
|
7FF5DC08B000
|
unkown
|
page readonly
|
||
|
D006000
|
unkown
|
page read and write
|
||
|
4B10000
|
unkown
|
page read and write
|
||
|
4B20000
|
unkown
|
page read and write
|
||
|
7DF4F78E0000
|
unkown
|
page readonly
|
||
|
164EB000
|
unkown
|
page read and write
|
||
|
D4EE000
|
unkown
|
page read and write
|
||
|
16471000
|
unkown
|
page read and write
|
||
|
8504000
|
unkown
|
page read and write
|
||
|
ABE3000
|
unkown
|
page read and write
|
||
|
4C30000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
1FF2000
|
heap
|
page read and write
|
||
|
D37E000
|
unkown
|
page read and write
|
||
|
166FA000
|
unkown
|
page read and write
|
||
|
7FF5DB95E000
|
unkown
|
page readonly
|
||
|
D545000
|
unkown
|
page read and write
|
||
|
167C7000
|
unkown
|
page read and write
|
||
|
821D000
|
unkown
|
page read and write
|
||
|
7DF4F7860000
|
unkown
|
page readonly
|
||
|
85BA000
|
unkown
|
page read and write
|
||
|
165DA000
|
unkown
|
page read and write
|
||
|
2870000
|
unkown
|
page read and write
|
||
|
1688E000
|
unkown
|
page read and write
|
||
|
4F90000
|
unkown
|
page read and write
|
||
|
2000000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
167C7000
|
unkown
|
page read and write
|
||
|
16743000
|
unkown
|
page read and write
|
||
|
D120000
|
unkown
|
page read and write
|
||
|
16EAC850000
|
heap
|
page read and write
|
||
|
7073000
|
unkown
|
page readonly
|
||
|
27C0000
|
unkown
|
page read and write
|
||
|
7B1D000
|
unkown
|
page read and write
|
||
|
16522000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
7FF5DC09B000
|
unkown
|
page readonly
|
||
|
22C0000
|
heap
|
page read and write
|
||
|
22D0000
|
heap
|
page read and write
|
||
|
168FF000
|
unkown
|
page read and write
|
||
|
4FF0000
|
unkown
|
page read and write
|
||
|
D112000
|
unkown
|
page read and write
|
||
|
D148000
|
unkown
|
page read and write
|
||
|
CFD7000
|
unkown
|
page read and write
|
||
|
164FD000
|
unkown
|
page read and write
|
||
|
D05E000
|
unkown
|
page read and write
|
||
|
7FF5DBF43000
|
unkown
|
page readonly
|
||
|
D159000
|
unkown
|
page read and write
|
||
|
915000
|
heap
|
page read and write
|
||
|
1688E000
|
unkown
|
page read and write
|
||
|
8507000
|
unkown
|
page read and write
|
||
|
28A0000
|
unkown
|
page read and write
|
||
|
2A90000
|
unkown
|
page read and write
|
||
|
D4F8000
|
unkown
|
page read and write
|
||
|
D4F3000
|
unkown
|
page read and write
|
||
|
7FF5DBF05000
|
unkown
|
page readonly
|
||
|
164ED000
|
unkown
|
page read and write
|
||
|
7FF5DBE83000
|
unkown
|
page readonly
|
||
|
168F4000
|
unkown
|
page read and write
|
||
|
16884000
|
unkown
|
page read and write
|
||
|
676E000
|
stack
|
page read and write
|
||
|
4F0000
|
heap
|
page read and write
|
||
|
D50F000
|
unkown
|
page read and write
|
||
|
D11A000
|
unkown
|
page read and write
|
||
|
4C15000
|
unkown
|
page read and write
|
||
|
16720000
|
unkown
|
page read and write
|
||
|
ABC1000
|
unkown
|
page read and write
|
||
|
7DF4F78E1000
|
unkown
|
page execute read
|
||
|
1687D000
|
unkown
|
page read and write
|
||
|
16709000
|
unkown
|
page read and write
|
||
|
164F7000
|
unkown
|
page read and write
|
||
|
4D5E000
|
stack
|
page read and write
|
||
|
960000
|
unkown
|
page readonly
|
||
|
4E6A000
|
stack
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
441A000
|
stack
|
page read and write
|
||
|
7FF5DC11F000
|
unkown
|
page readonly
|
||
|
168E2000
|
unkown
|
page read and write
|
||
|
16EAC740000
|
heap
|
page read and write
|
||
|
D509000
|
unkown
|
page read and write
|
||
|
A9E7000
|
stack
|
page read and write
|
||
|
852D000
|
unkown
|
page read and write
|
||
|
168D9000
|
unkown
|
page read and write
|
||
|
4A83000
|
unkown
|
page read and write
|
||
|
27C0000
|
unkown
|
page read and write
|
||
|
7837000
|
unkown
|
page readonly
|
||
|
2AE0000
|
unkown
|
page read and write
|
||
|
4090000
|
unkown
|
page read and write
|
||
|
8177000
|
stack
|
page read and write
|
||
|
850C000
|
unkown
|
page read and write
|
||
|
7FF5DBBA9000
|
unkown
|
page readonly
|
||
|
27C0000
|
unkown
|
page read and write
|
||
|
D05E000
|
unkown
|
page read and write
|
||
|
4C40000
|
unkown
|
page read and write
|
||
|
169E5000
|
unkown
|
page read and write
|
||
|
164EF000
|
unkown
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
16872000
|
unkown
|
page read and write
|
||
|
D112000
|
unkown
|
page read and write
|
||
|
7FF5DBC09000
|
unkown
|
page readonly
|
||
|
1688A000
|
unkown
|
page read and write
|
||
|
7DF4F7830000
|
unkown
|
page readonly
|
||
|
7FFB000
|
stack
|
page read and write
|
||
|
D159000
|
unkown
|
page read and write
|
||
|
ABEA000
|
unkown
|
page read and write
|
||
|
1683C000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
7FF5DC14D000
|
unkown
|
page readonly
|
||
|
7DF4F7800000
|
unkown
|
page readonly
|
||
|
7FF5DBA1D000
|
unkown
|
page readonly
|
||
|
ABFF000
|
unkown
|
page read and write
|
||
|
164ED000
|
unkown
|
page read and write
|
||
|
AB82000
|
unkown
|
page read and write
|
||
|
1688A000
|
unkown
|
page read and write
|
||
|
7FF5DC0B4000
|
unkown
|
page readonly
|
||
|
D15B000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
7950000
|
unkown
|
page read and write
|
||
|
16EAC7B0000
|
trusted library allocation
|
page read and write
|
||
|
51E000
|
stack
|
page read and write
|
||
|
D260000
|
unkown
|
page read and write
|
||
|
D04E000
|
unkown
|
page read and write
|
||
|
6827000
|
unkown
|
page read and write
|
||
|
1687E000
|
unkown
|
page read and write
|
||
|
1687D000
|
unkown
|
page read and write
|
||
|
856B000
|
unkown
|
page read and write
|
||
|
7DF4F7881000
|
unkown
|
page execute read
|
||
|
7AB0000
|
unkown
|
page read and write
|
||
|
5640000
|
unkown
|
page read and write
|
||
|
7859000
|
unkown
|
page readonly
|
||
|
75D2000
|
unkown
|
page readonly
|
||
|
168FD000
|
unkown
|
page read and write
|
||
|
16515000
|
unkown
|
page read and write
|
||
|
D50F000
|
unkown
|
page read and write
|
||
|
16807000
|
unkown
|
page read and write
|
||
|
7FF5DBEFB000
|
unkown
|
page readonly
|
||
|
D15B000
|
unkown
|
page read and write
|
||
|
F904000
|
unkown
|
page read and write
|
||
|
D27E000
|
unkown
|
page read and write
|
||
|
2AE0000
|
unkown
|
page read and write
|
||
|
1673D000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
AC06000
|
unkown
|
page read and write
|
||
|
D2BC000
|
unkown
|
page read and write
|
||
|
7755000
|
unkown
|
page readonly
|
||
|
7A5D000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
4270000
|
unkown
|
page read and write
|
||
|
8504000
|
unkown
|
page read and write
|
||
|
8394000
|
unkown
|
page read and write
|
||
|
D112000
|
unkown
|
page read and write
|
||
|
1688E000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
D2D5000
|
unkown
|
page read and write
|
||
|
E8D6000
|
unkown
|
page read and write
|
||
|
1672B000
|
unkown
|
page read and write
|
||
|
852C000
|
unkown
|
page read and write
|
||
|
8301000
|
unkown
|
page read and write
|
||
|
5710000
|
unkown
|
page read and write
|
||
|
D0E1000
|
unkown
|
page read and write
|
||
|
781C000
|
unkown
|
page readonly
|
||
|
7FF5DBFFD000
|
unkown
|
page readonly
|
||
|
E50000
|
unkown
|
page readonly
|
||
|
7DF4F78F0000
|
unkown
|
page readonly
|
||
|
167BF000
|
unkown
|
page read and write
|
||
|
7FF5DBD7D000
|
unkown
|
page readonly
|
||
|
AFF000
|
stack
|
page read and write
|
||
|
16871000
|
unkown
|
page read and write
|
||
|
D04C000
|
unkown
|
page read and write
|
||
|
4A70000
|
unkown
|
page read and write
|
||
|
167D1000
|
unkown
|
page read and write
|
||
|
4CB0000
|
unkown
|
page read and write
|
||
|
167CC000
|
unkown
|
page read and write
|
||
|
1688A000
|
unkown
|
page read and write
|
||
|
D112000
|
unkown
|
page read and write
|
||
|
16728000
|
unkown
|
page read and write
|
||
|
4A30000
|
unkown
|
page read and write
|
||
|
7FF5DBF0F000
|
unkown
|
page readonly
|
||
|
7FF5DBF51000
|
unkown
|
page readonly
|
||
|
CFB6000
|
unkown
|
page read and write
|
||
|
7DF4F7830000
|
unkown
|
page readonly
|
||
|
4C00000
|
unkown
|
page read and write
|
||
|
64E7000
|
stack
|
page read and write
|
||
|
16709000
|
unkown
|
page read and write
|
||
|
E9B4000
|
unkown
|
page read and write
|
||
|
7C7F000
|
stack
|
page read and write
|
||
|
7FF5DB969000
|
unkown
|
page readonly
|
||
|
165C0000
|
unkown
|
page read and write
|
||
|
7DF4F78D1000
|
unkown
|
page execute read
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
B46E000
|
stack
|
page read and write
|
||
|
167C1000
|
unkown
|
page read and write
|
||
|
4BE0000
|
unkown
|
page read and write
|
||
|
ABC1000
|
unkown
|
page read and write
|
||
|
16713000
|
unkown
|
page read and write
|
||
|
7FF5DB9E6000
|
unkown
|
page readonly
|
||
|
870000
|
unkown
|
page readonly
|
||
|
852C000
|
unkown
|
page read and write
|
||
|
D4E7000
|
unkown
|
page read and write
|
||
|
166C0000
|
unkown
|
page read and write
|
||
|
8514000
|
unkown
|
page read and write
|
||
|
AA6D000
|
stack
|
page read and write
|
||
|
6849000
|
unkown
|
page read and write
|
||
|
24B0000
|
heap
|
page read and write
|
||
|
D384000
|
unkown
|
page read and write
|
||
|
7FF5DBEF1000
|
unkown
|
page readonly
|
||
|
7FF5DBF8F000
|
unkown
|
page readonly
|
||
|
BDE9000
|
stack
|
page read and write
|
||
|
A98579000
|
stack
|
page read and write
|
||
|
16875000
|
unkown
|
page read and write
|
||
|
1688E000
|
unkown
|
page read and write
|
||
|
D56D000
|
unkown
|
page read and write
|
||
|
D4E7000
|
unkown
|
page read and write
|
||
|
167BF000
|
unkown
|
page read and write
|
||
|
AC05000
|
unkown
|
page read and write
|
||
|
16871000
|
unkown
|
page read and write
|
||
|
D04A000
|
unkown
|
page read and write
|
||
|
167D1000
|
unkown
|
page read and write
|
||
|
16875000
|
unkown
|
page read and write
|
||
|
D4C4000
|
unkown
|
page read and write
|
||
|
2936000
|
unkown
|
page read and write
|
||
|
CF85000
|
unkown
|
page read and write
|
||
|
1683C000
|
unkown
|
page read and write
|
||
|
D148000
|
unkown
|
page read and write
|
||
|
4BE3000
|
unkown
|
page read and write
|
||
|
27C0000
|
unkown
|
page read and write
|
||
|
D08A000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
76C5000
|
unkown
|
page readonly
|
||
|
166FE000
|
unkown
|
page read and write
|
||
|
EA79000
|
stack
|
page read and write
|
||
|
CF86000
|
unkown
|
page read and write
|
||
|
7FF5DC051000
|
unkown
|
page readonly
|
||
|
164EF000
|
unkown
|
page read and write
|
||
|
B56B000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
D50A000
|
unkown
|
page read and write
|
||
|
16728000
|
unkown
|
page read and write
|
||
|
77F000
|
stack
|
page read and write
|
||
|
8227000
|
unkown
|
page read and write
|
||
|
4C40000
|
unkown
|
page read and write
|
||
|
852D000
|
unkown
|
page read and write
|
||
|
BC69000
|
stack
|
page read and write
|
||
|
8233000
|
unkown
|
page read and write
|
||
|
7FF5DBEAB000
|
unkown
|
page readonly
|
||
|
7DF4F78E1000
|
unkown
|
page execute read
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
850C000
|
unkown
|
page read and write
|
||
|
1688C000
|
unkown
|
page read and write
|
||
|
AB70000
|
unkown
|
page read and write
|
||
|
449A000
|
stack
|
page read and write
|
||
|
168FD000
|
unkown
|
page read and write
|
||
|
1674F000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
83E9000
|
unkown
|
page read and write
|
||
|
D469000
|
unkown
|
page read and write
|
||
|
167C1000
|
unkown
|
page read and write
|
||
|
ABB1000
|
unkown
|
page read and write
|
||
|
D4BB000
|
unkown
|
page read and write
|
||
|
7FF883957000
|
unkown
|
page readonly
|
||
|
4C00000
|
unkown
|
page read and write
|
||
|
16EAD6F0000
|
trusted library allocation
|
page read and write
|
||
|
D56D000
|
unkown
|
page read and write
|
||
|
5610000
|
unkown
|
page readonly
|
||
|
1670B000
|
unkown
|
page read and write
|
||
|
7537000
|
unkown
|
page readonly
|
||
|
1689C000
|
unkown
|
page read and write
|
||
|
165CD000
|
unkown
|
page read and write
|
||
|
4CB0000
|
unkown
|
page read and write
|
||
|
27C0000
|
unkown
|
page read and write
|
||
|
B86E000
|
stack
|
page read and write
|
||
|
D276000
|
unkown
|
page read and write
|
||
|
7ADD000
|
unkown
|
page read and write
|
||
|
D4F4000
|
unkown
|
page read and write
|
||
|
D545000
|
unkown
|
page read and write
|
||
|
16806000
|
unkown
|
page read and write
|
||
|
169B0000
|
unkown
|
page read and write
|
||
|
81E000
|
heap
|
page read and write
|
||
|
A985FE000
|
stack
|
page read and write
|
||
|
D4FA000
|
unkown
|
page read and write
|
||
|
F1FE000
|
stack
|
page read and write
|
||
|
420000
|
heap
|
page read and write
|
||
|
856B000
|
unkown
|
page read and write
|
||
|
168E6000
|
unkown
|
page read and write
|
||
|
D4DB000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
16720000
|
unkown
|
page read and write
|
||
|
D12D000
|
unkown
|
page read and write
|
||
|
7DF4F7821000
|
unkown
|
page execute read
|
||
|
166FE000
|
unkown
|
page read and write
|
||
|
6520000
|
unkown
|
page readonly
|
||
|
8509000
|
unkown
|
page read and write
|
||
|
7FF5DB842000
|
unkown
|
page readonly
|
||
|
167D1000
|
unkown
|
page read and write
|
||
|
77D2000
|
unkown
|
page readonly
|
||
|
16A23000
|
unkown
|
page read and write
|
||
|
165E4000
|
unkown
|
page read and write
|
||
|
16871000
|
unkown
|
page read and write
|
||
|
1564B000
|
stack
|
page read and write
|
||
|
4DED000
|
stack
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
D4EE000
|
unkown
|
page read and write
|
||
|
E9AF000
|
unkown
|
page read and write
|
||
|
6500000
|
unkown
|
page readonly
|
||
|
D37C000
|
unkown
|
page read and write
|
||
|
8519000
|
unkown
|
page read and write
|
||
|
7DF4F7851000
|
unkown
|
page execute read
|
||
|
7FF5DC128000
|
unkown
|
page readonly
|
||
|
167C1000
|
unkown
|
page read and write
|
||
|
1690A000
|
unkown
|
page read and write
|
||
|
7A59000
|
unkown
|
page read and write
|
||
|
16871000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
B1EE000
|
stack
|
page read and write
|
||
|
8EE000
|
heap
|
page read and write
|
||
|
CF21000
|
unkown
|
page read and write
|
||
|
7FF5DBDD4000
|
unkown
|
page readonly
|
||
|
16886000
|
unkown
|
page read and write
|
||
|
E1E9000
|
stack
|
page read and write
|
||
|
D528000
|
unkown
|
page read and write
|
||
|
7DF4F77F0000
|
unkown
|
page readonly
|
||
|
7FF5DBDB3000
|
unkown
|
page readonly
|
||
|
42A8000
|
unkown
|
page read and write
|
||
|
1688C000
|
unkown
|
page read and write
|
||
|
4FC0000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
5590000
|
heap
|
page read and write
|
||
|
D4AA000
|
unkown
|
page read and write
|
||
|
7DF4F7941000
|
unkown
|
page execute read
|
||
|
1673D000
|
unkown
|
page read and write
|
||
|
2360000
|
unkown
|
page readonly
|
||
|
D159000
|
unkown
|
page read and write
|
||
|
849A000
|
unkown
|
page read and write
|
||
|
7AA0000
|
unkown
|
page read and write
|
||
|
ABFF000
|
unkown
|
page read and write
|
||
|
ABFF000
|
unkown
|
page read and write
|
||
|
153C9000
|
stack
|
page read and write
|
||
|
4F62000
|
stack
|
page read and write
|
||
|
5620000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
16892000
|
unkown
|
page read and write
|
||
|
ABEE000
|
unkown
|
page read and write
|
||
|
16709000
|
unkown
|
page read and write
|
||
|
1670B000
|
unkown
|
page read and write
|
||
|
84CD000
|
unkown
|
page read and write
|
||
|
7FF5DBA0E000
|
unkown
|
page readonly
|
||
|
429000
|
unkown
|
page read and write
|
||
|
ABE3000
|
unkown
|
page read and write
|
||
|
8213000
|
unkown
|
page read and write
|
||
|
7DF4F77F1000
|
unkown
|
page execute read
|
||
|
D4CD000
|
unkown
|
page read and write
|
||
|
CD94000
|
unkown
|
page read and write
|
||
|
684F000
|
unkown
|
page read and write
|
||
|
1688A000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
16655000
|
unkown
|
page read and write
|
||
|
ABEA000
|
unkown
|
page read and write
|
||
|
16EAC7F7000
|
heap
|
page read and write
|
||
|
7B0F000
|
unkown
|
page read and write
|
||
|
8A0000
|
unkown
|
page readonly
|
||
|
568A000
|
unkown
|
page read and write
|
||
|
ABFF000
|
unkown
|
page read and write
|
||
|
D4FC000
|
unkown
|
page read and write
|
||
|
730000
|
direct allocation
|
page execute and read and write
|
||
|
16871000
|
unkown
|
page read and write
|
||
|
1650D000
|
unkown
|
page read and write
|
||
|
D4E7000
|
unkown
|
page read and write
|
||
|
1688C000
|
unkown
|
page read and write
|
||
|
D27C000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
852C000
|
unkown
|
page read and write
|
||
|
7FF5DBE88000
|
unkown
|
page readonly
|
||
|
16892000
|
unkown
|
page read and write
|
||
|
D4FC000
|
unkown
|
page read and write
|
||
|
7DF4F78D1000
|
unkown
|
page execute read
|
||
|
4E80000
|
unkown
|
page read and write
|
||
|
4A90000
|
unkown
|
page read and write
|
||
|
77E5000
|
unkown
|
page readonly
|
||
|
7845000
|
unkown
|
page readonly
|
||
|
7DF4F7910000
|
unkown
|
page readonly
|
||
|
168E2000
|
unkown
|
page read and write
|
||
|
168EA000
|
unkown
|
page read and write
|
||
|
834F000
|
unkown
|
page read and write
|
||
|
16880000
|
unkown
|
page read and write
|
||
|
8501000
|
unkown
|
page read and write
|
||
|
165C0000
|
unkown
|
page read and write
|
||
|
1668A000
|
unkown
|
page read and write
|
||
|
CF82000
|
unkown
|
page read and write
|
||
|
16515000
|
unkown
|
page read and write
|
||
|
D4F3000
|
unkown
|
page read and write
|
||
|
8494000
|
unkown
|
page read and write
|
||
|
1650D000
|
unkown
|
page read and write
|
||
|
2850000
|
unkown
|
page readonly
|
||
|
16EAC83B000
|
heap
|
page read and write
|
||
|
1688C000
|
unkown
|
page read and write
|
||
|
7FF883751000
|
unkown
|
page execute read
|
||
|
8C0000
|
heap
|
page read and write
|
||
|
4BD0000
|
unkown
|
page readonly
|
||
|
7FF5DBC30000
|
unkown
|
page readonly
|
||
|
7FF5DBF7D000
|
unkown
|
page readonly
|
||
|
7DF4F7871000
|
unkown
|
page execute read
|
||
|
7FF5DB9F8000
|
unkown
|
page readonly
|
||
|
D112000
|
unkown
|
page read and write
|
||
|
164F7000
|
unkown
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
D28A000
|
unkown
|
page read and write
|
||
|
7FF5DB9CE000
|
unkown
|
page readonly
|
||
|
16730000
|
unkown
|
page read and write
|
||
|
7FF5DBC82000
|
unkown
|
page readonly
|
||
|
7DF4F7911000
|
unkown
|
page execute read
|
||
|
84C4000
|
unkown
|
page read and write
|
||
|
5A1E000
|
unkown
|
page read and write
|
||
|
16517000
|
unkown
|
page read and write
|
||
|
42A0000
|
unkown
|
page read and write
|
||
|
D2CC000
|
unkown
|
page read and write
|
||
|
168F6000
|
unkown
|
page read and write
|
||
|
B4EC000
|
stack
|
page read and write
|
||
|
16656000
|
unkown
|
page read and write
|
||
|
ABEA000
|
unkown
|
page read and write
|
||
|
D04C000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
164E3000
|
unkown
|
page read and write
|
||
|
16521000
|
unkown
|
page read and write
|
||
|
16501000
|
unkown
|
page read and write
|
||
|
7525000
|
unkown
|
page readonly
|
||
|
16700000
|
unkown
|
page read and write
|
||
|
D4AA000
|
unkown
|
page read and write
|
||
|
16884000
|
unkown
|
page read and write
|
||
|
F27B000
|
stack
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
B368000
|
stack
|
page read and write
|
||
|
167C7000
|
unkown
|
page read and write
|
||
|
CD6A000
|
stack
|
page read and write
|
||
|
D11A000
|
unkown
|
page read and write
|
||
|
7AA0000
|
unkown
|
page read and write
|
||
|
CE4D000
|
unkown
|
page read and write
|
||
|
7A9C000
|
unkown
|
page read and write
|
||
|
7FF5DB913000
|
unkown
|
page readonly
|
||
|
4110000
|
unkown
|
page read and write
|
||
|
155CC000
|
stack
|
page read and write
|
||
|
56FB000
|
unkown
|
page read and write
|
||
|
2370000
|
heap
|
page read and write
|
||
|
2A90000
|
unkown
|
page read and write
|
||
|
16511000
|
unkown
|
page read and write
|
||
|
7AE9000
|
unkown
|
page read and write
|
||
|
7D7F000
|
stack
|
page read and write
|
||
|
22C0000
|
unkown
|
page read and write
|
||
|
7B0F000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
||
|
16705000
|
unkown
|
page read and write
|
||
|
7FF5DBBE3000
|
unkown
|
page readonly
|
||
|
D120000
|
unkown
|
page read and write
|
||
|
16806000
|
unkown
|
page read and write
|
||
|
D0E1000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
852C000
|
unkown
|
page read and write
|
||
|
1689C000
|
unkown
|
page read and write
|
||
|
4E70000
|
unkown
|
page read and write
|
||
|
8507000
|
unkown
|
page read and write
|
||
|
1650D000
|
unkown
|
page read and write
|
||
|
7AE9000
|
unkown
|
page read and write
|
||
|
7AB0000
|
unkown
|
page read and write
|
||
|
D148000
|
unkown
|
page read and write
|
||
|
4C30000
|
unkown
|
page read and write
|
||
|
66F000
|
unkown
|
page readonly
|
||
|
E985000
|
unkown
|
page read and write
|
||
|
AB69000
|
stack
|
page read and write
|
||
|
27C0000
|
unkown
|
page read and write
|
||
|
DD2C000
|
stack
|
page read and write
|
||
|
167C7000
|
unkown
|
page read and write
|
||
|
4A60000
|
unkown
|
page read and write
|
There are 1961 hidden memdumps, click here to show them.