Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
QUOTATION#30810.exe
|
PE32+ executable (console) x86-64 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\ProgramData\remcos\logs.dat
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\svchost.exe
|
PE32+ executable (console) x86-64 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Temp\54bmrp0l.inf
|
Windows setup INFormation
|
dropped
|
|
|
|
C:\Windows\Temp\macatsxh.inf
|
Windows setup INFormation
|
dropped
|
|
|
|
C:\Windows\Temp\xrlumlnf.inf
|
Windows setup INFormation
|
dropped
|
|
|
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_svchost.exe_6413c1d758d05ac66ec1e932ad11c4ede3c5baec_e985c620_ab02bc0d-5004-4913-b03b-cd02929db587\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_svchost.exe_6413c1d758d05ac66ec1e932ad11c4ede3c5baec_e985c620_e3b4bcab-41f1-4d9c-8e7a-1e4df3abbd61\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_svchost.exe_a87cad5a9d7cd3eaa526cd4c3d9022aa107d4af_e985c620_8737a0d3-176e-49ae-9fbf-3c034a98ab5f\Report.wer
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1988.tmp.dmp
|
Mini DuMP crash report, 16 streams, Fri May 3 11:13:42 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1CC5.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1CF5.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1D41.tmp.csv
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1D90.tmp.txt
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1DAE.tmp.dmp
|
Mini DuMP crash report, 16 streams, Fri May 3 11:13:43 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER231E.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER237D.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER31E4.tmp.csv
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER3243.tmp.txt
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5A3A.tmp.dmp
|
Mini DuMP crash report, 16 streams, Fri May 3 11:13:58 2024, 0x1205a4 type
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5BC2.tmp.WERInternalMetadata.xml
|
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5BF2.tmp.xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5C04.tmp.csv
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Windows\WER\Temp\WER5CB0.tmp.txt
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\QUOTATION#30810.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\svchost.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\D81IGXZV\json[1].json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bhv32CD.tmp
|
Extensible storage engine DataBase, version 0x620, checksum 0x9cdd386c, page size 32768, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\lmxgukvurszvufgxilvllznhpy
|
Unicode text, UTF-16, little-endian text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\tmpDAAA.tmp.bat
|
DOS batch file, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\appcompat\Programs\Amcache.hve
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
\Device\Null
|
ASCII text, with CRLF line terminators, with overstriking
|
dropped
|
There are 22 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\QUOTATION#30810.exe
|
"C:\Users\user\Desktop\QUOTATION#30810.exe"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /c schtasks /create /f /sc onlogon /rl highest /tn "svchost" /tr '"C:\Users\user\AppData\Roaming\svchost.exe"'
& exit
|
|
|
|
C:\Windows\System32\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\tmpDAAA.tmp.bat""
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks /create /f /sc onlogon /rl highest /tn "svchost" /tr '"C:\Users\user\AppData\Roaming\svchost.exe"'
|
|
|
|
C:\Users\user\AppData\Roaming\svchost.exe
|
C:\Users\user\AppData\Roaming\svchost.exe
|
|
|
|
C:\Users\user\AppData\Roaming\svchost.exe
|
"C:\Users\user\AppData\Roaming\svchost.exe"
|
|
|
|
C:\Windows\System32\svchost.exe
|
"C:\Windows\System32\svchost.exe"
|
|
|
|
C:\Users\user\AppData\Roaming\svchost.exe
|
"C:\Users\user\AppData\Roaming\svchost.exe"
|
|
|
|
C:\Program Files (x86)\Windows Mail\wab.exe
|
"C:\Program Files (x86)\Windows Mail\wab.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe"
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k WerSvcGroup
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe"
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe /stext "C:\Users\user\AppData\Local\Temp\lmxgukvurszvufgxilvllznhpy"
|
|
|
|
C:\Windows\System32\cmstp.exe
|
"c:\windows\system32\cmstp.exe" /au C:\windows\temp\macatsxh.inf
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe /stext "C:\Users\user\AppData\Local\Temp\nglqvdfonaraelcbsvimoeayympwa"
|
|
|
|
C:\Windows\System32\svchost.exe
|
C:\Windows\system32\svchost.exe -k netsvcs -p -s Appinfo
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe /stext "C:\Users\user\AppData\Local\Temp\nglqvdfonaraelcbsvimoeayympwa"
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe /stext "C:\Users\user\AppData\Local\Temp\yiqjvvqpbijnhrqfbgcgyquhzthfbppay"
|
|
|
|
C:\Users\user\AppData\Roaming\svchost.exe
|
C:\Users\user\AppData\Roaming\svchost.exe
|
|
|
|
C:\Users\user\AppData\Roaming\svchost.exe
|
"C:\Users\user\AppData\Roaming\svchost.exe"
|
|
|
|
C:\Windows\System32\cmstp.exe
|
"c:\windows\system32\cmstp.exe" /au C:\windows\temp\54bmrp0l.inf
|
|
|
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe"
|
|
|
|
C:\Windows\System32\cmstp.exe
|
"c:\windows\system32\cmstp.exe" /au C:\windows\temp\xrlumlnf.inf
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\timeout.exe
|
timeout 3
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_wp.exe
|
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_wp.exe"
|
||
|
C:\Program Files (x86)\Internet Explorer\iexplore.exe
|
"C:\Program Files (x86)\Internet Explorer\iexplore.exe"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -pss -s 444 -p 5864 -ip 5864
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 5864 -s 1120
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -pss -s 460 -p 2772 -ip 2772
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 2772 -s 1072
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -pss -s 536 -p 6908 -ip 6908
|
||
|
C:\Windows\System32\WerFault.exe
|
C:\Windows\system32\WerFault.exe -u -p 6908 -s 1076
|
||
|
C:\Windows\System32\taskkill.exe
|
taskkill /IM cmstp.exe /F
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 36 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://geoplugin.net/json.gp/C
|
unknown
|
|
|
|
http://geoplugin.net/json.gp
|
178.237.33.50
|
|
|
|
172.245.208.13
|
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdoft.c
|
unknown
|
||
|
http://schemas.mi
|
unknown
|
||
|
http://www.imvu.comr
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/09/policy=80601
|
unknown
|
||
|
https://login.microsoftonline.com/ppsecure/DeviceDisassociate.srf:CLSID
|
unknown
|
||
|
https://login.microsoftonline.com/ppsecure/deviceremovecredential.srf
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdody
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdQ
|
unknown
|
||
|
https://account.live.com/inlinesignup.aspx?iww=1&id=80601=
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsdA
|
unknown
|
||
|
https://login.microsoftonline.com/ppsecure/DeviceQuery.srf
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd.
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust
|
unknown
|
||
|
http://www.nirsoft.net
|
unknown
|
||
|
https://login.microsoftonline.com/ppsecure/ResolveUser.srf
|
unknown
|
||
|
http://Passport.NET/tbA
|
unknown
|
||
|
https://login.microsoftonline.com/MSARST2.srf
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsdns:sam
|
unknown
|
||
|
http://Passport.NET/STS
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/XX/oasis-2004XX-wss-saml-token-profile-1.0#SAMLAssertionID
|
unknown
|
||
|
http://www.imvu.comhttp://www.ebuddy.comhttps://www.google.com
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdA
|
unknown
|
||
|
https://www.google.com
|
unknown
|
||
|
https://account.live.com/InlineSignup.aspx?iww=1&id=80502y0
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsdcred
|
unknown
|
||
|
https://account.live.com/InlineSignup.aspx?iww=1&id=8
|
unknown
|
||
|
https://account.live.com/i
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsdpSe
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsds
|
unknown
|
||
|
https://login.microsoftonline.com/ppsecure/devicechangecredential.srf
|
unknown
|
||
|
https://login.yahoo.com/config/login
|
unknown
|
||
|
https://login.microsoftonline.com/ppsecure/EnumerateDevices.srf
|
unknown
|
||
|
http://Passport.NET/tb
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
|
unknown
|
||
|
https://account.live.com/InlineSignup.aspx?iww=1&id=80502
|
unknown
|
||
|
http://www.nirsoft.net/
|
unknown
|
||
|
http://Passport.NET/STS09/xmldsig#ripledes-cbcices/SOAPFaultcurity-utility-1.0.xsd
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
https://login.microsoftonline.com/ppsecure/devicechangecredential.srfMM
|
unknown
|
||
|
https://signup.live.com/signup.aspx
|
unknown
|
||
|
http://Passport.NET/tb_
|
unknown
|
||
|
https://login.microsoftonline.com/MSARST2.srf=
|
unknown
|
||
|
https://account.live.com/inlinesignup.aspx?iww=1&id=80601
|
unknown
|
||
|
https://account.live.com/inlinesignup.aspx?iww=1&id=80600
|
unknown
|
||
|
https://account.live.com/inlinesignup.aspx?iww=1&id=80603
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd84
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/09/policy
|
unknown
|
||
|
http://geoplugin.net/json.gpl
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd0n
|
unknown
|
||
|
https://account.live.com/inlinesignup.aspx?iww=1&id=80605
|
unknown
|
||
|
https://account.live.com/inlinesignup.aspx?iww=1&id=80604
|
unknown
|
||
|
https://account.live.com/msangcwam
|
unknown
|
||
|
http://geoplugin.net/json.gpCt
|
unknown
|
||
|
http://www.imvu.com
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trusten
|
unknown
|
||
|
https://login.microsoftonline.com/ppsecure/deviceaddmsacredential.srf
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
http://passport.net/tb
|
unknown
|
||
|
http://upx.sf.net
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-
|
unknown
|
||
|
https://login.microsoftonline.com/ppsecure/deviceremovecredential.srf/
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/Issue
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsddre
|
unknown
|
||
|
https://login.microsoftonline.com/ppsecure/DeviceAssociate.srf
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd(
|
unknown
|
||
|
https://account.live.com/Wizard/Password/Change?id=80601
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/sc
|
unknown
|
||
|
https://account.live.com/inlinesignup.aspx?iww=1&id=80601
|
unknown
|
||
|
https://account.live.com/inlinesignup.aspx?iww=1&id=80600
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd.
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
|
unknown
|
||
|
https://login.microsoftonline.com/ppsecure/DeviceUpdate.srf
|
unknown
|
||
|
https://www.google.com/accounts/servicelogin
|
unknown
|
||
|
https://login.microsoftonline.com/ppsecure/DeviceDisassociate.srfi
|
unknown
|
||
|
https://account.live.com/inlinesignup.aspx?iww=1&id=80605
|
unknown
|
||
|
https://login.microsoftonline.com/ppsecure/deviceremovecredential.srfRE
|
unknown
|
||
|
https://account.live.com/inlinesignup.aspx?iww=1&id=80603
|
unknown
|
||
|
https://account.live.com/inlinesignup.aspx?iww=1&id=80604
|
unknown
|
||
|
https://login.microsofh
|
unknown
|
||
|
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
|
unknown
|
||
|
http://www.ebuddy.com
|
unknown
|
There are 76 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
geoplugin.net
|
178.237.33.50
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
172.245.208.13
|
unknown
|
United States
|
|
|
|
178.237.33.50
|
geoplugin.net
|
Netherlands
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
svchost
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-R7QS5C
|
exepath
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-R7QS5C
|
licence
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Rmc-R7QS5C
|
time
|
||
|
\REGISTRY\A\{aa4079f0-3a45-2f82-1150-6f2a815632b2}\Root\InventoryApplicationFile\svchost.exe|e1c9ed22f76df3a0
|
ProgramId
|
||
|
\REGISTRY\A\{aa4079f0-3a45-2f82-1150-6f2a815632b2}\Root\InventoryApplicationFile\svchost.exe|e1c9ed22f76df3a0
|
FileId
|
||
|
\REGISTRY\A\{aa4079f0-3a45-2f82-1150-6f2a815632b2}\Root\InventoryApplicationFile\svchost.exe|e1c9ed22f76df3a0
|
LowerCaseLongPath
|
||
|
\REGISTRY\A\{aa4079f0-3a45-2f82-1150-6f2a815632b2}\Root\InventoryApplicationFile\svchost.exe|e1c9ed22f76df3a0
|
LongPathHash
|
||
|
\REGISTRY\A\{aa4079f0-3a45-2f82-1150-6f2a815632b2}\Root\InventoryApplicationFile\svchost.exe|e1c9ed22f76df3a0
|
Name
|
||
|
\REGISTRY\A\{aa4079f0-3a45-2f82-1150-6f2a815632b2}\Root\InventoryApplicationFile\svchost.exe|e1c9ed22f76df3a0
|
OriginalFileName
|
||
|
\REGISTRY\A\{aa4079f0-3a45-2f82-1150-6f2a815632b2}\Root\InventoryApplicationFile\svchost.exe|e1c9ed22f76df3a0
|
Publisher
|
||
|
\REGISTRY\A\{aa4079f0-3a45-2f82-1150-6f2a815632b2}\Root\InventoryApplicationFile\svchost.exe|e1c9ed22f76df3a0
|
Version
|
||
|
\REGISTRY\A\{aa4079f0-3a45-2f82-1150-6f2a815632b2}\Root\InventoryApplicationFile\svchost.exe|e1c9ed22f76df3a0
|
BinFileVersion
|
||
|
\REGISTRY\A\{aa4079f0-3a45-2f82-1150-6f2a815632b2}\Root\InventoryApplicationFile\svchost.exe|e1c9ed22f76df3a0
|
BinaryType
|
||
|
\REGISTRY\A\{aa4079f0-3a45-2f82-1150-6f2a815632b2}\Root\InventoryApplicationFile\svchost.exe|e1c9ed22f76df3a0
|
ProductName
|
||
|
\REGISTRY\A\{aa4079f0-3a45-2f82-1150-6f2a815632b2}\Root\InventoryApplicationFile\svchost.exe|e1c9ed22f76df3a0
|
ProductVersion
|
||
|
\REGISTRY\A\{aa4079f0-3a45-2f82-1150-6f2a815632b2}\Root\InventoryApplicationFile\svchost.exe|e1c9ed22f76df3a0
|
LinkDate
|
||
|
\REGISTRY\A\{aa4079f0-3a45-2f82-1150-6f2a815632b2}\Root\InventoryApplicationFile\svchost.exe|e1c9ed22f76df3a0
|
BinProductVersion
|
||
|
\REGISTRY\A\{aa4079f0-3a45-2f82-1150-6f2a815632b2}\Root\InventoryApplicationFile\svchost.exe|e1c9ed22f76df3a0
|
AppxPackageFullName
|
||
|
\REGISTRY\A\{aa4079f0-3a45-2f82-1150-6f2a815632b2}\Root\InventoryApplicationFile\svchost.exe|e1c9ed22f76df3a0
|
AppxPackageRelativeId
|
||
|
\REGISTRY\A\{aa4079f0-3a45-2f82-1150-6f2a815632b2}\Root\InventoryApplicationFile\svchost.exe|e1c9ed22f76df3a0
|
Size
|
||
|
\REGISTRY\A\{aa4079f0-3a45-2f82-1150-6f2a815632b2}\Root\InventoryApplicationFile\svchost.exe|e1c9ed22f76df3a0
|
Language
|
||
|
\REGISTRY\A\{aa4079f0-3a45-2f82-1150-6f2a815632b2}\Root\InventoryApplicationFile\svchost.exe|e1c9ed22f76df3a0
|
Usn
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceTicket
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
DeviceId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
|
ApplicationFlags
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
|
0018C00B8F8B0D2B
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\Windows Live ID Token Issuer\Certificates\2C85006A1A028BCC349DF23C474724C055FDE8B6
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\Windows Live ID Token Issuer\Certificates\B68D8F953E551914324E557E6164D68B9926650C
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00B8F8B0D2B_S-1-5-21-2246122658-3693405117-2476756634-1003
|
NegativeCacheState
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00B8F8B0D2B_S-1-5-21-2246122658-3693405117-2476756634-1003
|
LastSuccessfulRequestTimestamp
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00B8F8B0D2B_S-1-5-21-2246122658-3693405117-2476756634-1003
|
LastAccountPersistentFailureTimestamp
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00B8F8B0D2B_S-1-5-21-2246122658-3693405117-2476756634-1003\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
|
RequestCount
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00B8F8B0D2B_S-1-5-21-2246122658-3693405117-2476756634-1003\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
|
StartedTime
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00B8F8B0D2B_S-1-5-21-2246122658-3693405117-2476756634-1003\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
|
ErrorCode
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00B8F8B0D2B_S-1-5-21-2246122658-3693405117-2476756634-1003\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
|
FailureType
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00B8F8B0D2B_S-1-5-21-2246122658-3693405117-2476756634-1003\{67082621-8D18-4333-9C64-10DE93676363}\https://watson.telemetry.microsoft.com_MBI_SSL
|
RequestCount
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00B8F8B0D2B_S-1-5-21-2246122658-3693405117-2476756634-1003\{67082621-8D18-4333-9C64-10DE93676363}\https://watson.telemetry.microsoft.com_MBI_SSL
|
StartedTime
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00B8F8B0D2B_S-1-5-21-2246122658-3693405117-2476756634-1003\{67082621-8D18-4333-9C64-10DE93676363}\https://watson.telemetry.microsoft.com_MBI_SSL
|
ErrorCode
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00B8F8B0D2B_S-1-5-21-2246122658-3693405117-2476756634-1003\{67082621-8D18-4333-9C64-10DE93676363}\https://watson.telemetry.microsoft.com_MBI_SSL
|
FailureType
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00B8F7E219A_S-1-5-21-2246122658-3693405117-2476756634-1003
|
NegativeCacheState
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00B8F7E219A_S-1-5-21-2246122658-3693405117-2476756634-1003
|
LastSuccessfulRequestTimestamp
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00B8F7E219A_S-1-5-21-2246122658-3693405117-2476756634-1003
|
LastAccountPersistentFailureTimestamp
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00B8F7E219A_S-1-5-21-2246122658-3693405117-2476756634-1003\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
|
RequestCount
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00B8F7E219A_S-1-5-21-2246122658-3693405117-2476756634-1003\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
|
StartedTime
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00B8F7E219A_S-1-5-21-2246122658-3693405117-2476756634-1003\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
|
ErrorCode
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\0018C00B8F7E219A_S-1-5-21-2246122658-3693405117-2476756634-1003\{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}\http://Passport.NET/tb_
|
FailureType
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\1
|
NegativeCacheState
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\1
|
LastSuccessfulRequestTimestamp
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\1
|
LastAccountPersistentFailureTimestamp
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\1\S-1-5-21-2246122658-3693405117-2476756634-1003\1
|
RequestCount
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\1\S-1-5-21-2246122658-3693405117-2476756634-1003\1
|
StartedTime
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\1\S-1-5-21-2246122658-3693405117-2476756634-1003\1
|
ErrorCode
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\NegativeCache\1\S-1-5-21-2246122658-3693405117-2476756634-1003\1
|
FailureType
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ThrottleCache\S-1-5-21-2246122658-3693405117-2476756634-1003_{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}
|
ThrottleCount
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ThrottleCache\S-1-5-21-2246122658-3693405117-2476756634-1003_{fc177c6f-a3d6-4bb0-b1fa-23d0cd9b005d}
|
ThrottleStartedTime
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ThrottleCache\S-1-5-21-2246122658-3693405117-2476756634-1003_{67082621-8D18-4333-9C64-10DE93676363}
|
ThrottleCount
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ThrottleCache\S-1-5-21-2246122658-3693405117-2476756634-1003_{67082621-8D18-4333-9C64-10DE93676363}
|
ThrottleStartedTime
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
|
ClockTimeSeconds
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
|
TickCount
|
||
|
HKEY_USERS.DEFAULT\Software\Microsoft\AuthCookies\Live\Default\DIDC
|
Data
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
|
ClockTimeSeconds
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
|
TickCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\AuthCookies\Live\Default\DIDC
|
Data
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
|
ClockTimeSeconds
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
|
TickCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\AuthCookies\Live\Default\DIDC
|
Data
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\ClockData
|
TickCount
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\AuthCookies\Live\Default\DIDC
|
Data
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\CMSTP
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\CMSTP
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\CMSTP
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\CMSTP
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\CMSTP
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\CMSTP
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\CMSTP
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\Network Connections
|
DesktopShortcut
|
There are 67 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
53F000
|
heap
|
page read and write
|
|
|
|
561A000
|
heap
|
page read and write
|
|
|
|
2453D6A0000
|
trusted library allocation
|
page read and write
|
|
|
|
2453D6A0000
|
trusted library allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
2453D6A0000
|
trusted library allocation
|
page read and write
|
|
|
|
227078A2000
|
trusted library allocation
|
page read and write
|
|
|
|
1D080302000
|
trusted library allocation
|
page read and write
|
|
|
|
E9F000
|
stack
|
page read and write
|
|
|
|
17F2EDDB000
|
trusted library allocation
|
page read and write
|
|
|
|
172222A2000
|
trusted library allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
4E87000
|
heap
|
page read and write
|
|
|
|
2453D6A0000
|
trusted library allocation
|
page read and write
|
|
|
|
2453D690000
|
trusted library allocation
|
page read and write
|
|
|
|
1FC8003B000
|
trusted library allocation
|
page read and write
|
|
|
|
2453D690000
|
trusted library allocation
|
page read and write
|
|
|
|
507000
|
heap
|
page read and write
|
|
|
|
2453D6A0000
|
trusted library allocation
|
page read and write
|
|
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
17F2EE1D000
|
trusted library allocation
|
page read and write
|
|
|
|
17222011000
|
trusted library allocation
|
page read and write
|
|
|
|
1E1EDBA7000
|
trusted library allocation
|
page read and write
|
|
|
|
1E1DDBDB000
|
trusted library allocation
|
page read and write
|
|
|
|
2453D690000
|
trusted library allocation
|
page read and write
|
|
|
|
22705A9D000
|
heap
|
page read and write
|
||
|
1E1F7500000
|
heap
|
page read and write
|
||
|
5D31BFF000
|
stack
|
page read and write
|
||
|
20CCDF08000
|
heap
|
page read and write
|
||
|
2453D577000
|
heap
|
page read and write
|
||
|
7FFB4AE60000
|
trusted library allocation
|
page read and write
|
||
|
22705C02000
|
heap
|
page read and write
|
||
|
13DBB132000
|
heap
|
page read and write
|
||
|
19985C00000
|
unkown
|
page readonly
|
||
|
1FC80146000
|
trusted library allocation
|
page read and write
|
||
|
1E1DBE78000
|
heap
|
page read and write
|
||
|
7FFB4AE9B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF5DD20F000
|
unkown
|
page readonly
|
||
|
13DBB723000
|
heap
|
page read and write
|
||
|
1FC800E1000
|
trusted library allocation
|
page read and write
|
||
|
13DBB66F000
|
heap
|
page read and write
|
||
|
55636FD000
|
stack
|
page read and write
|
||
|
BCC000
|
stack
|
page read and write
|
||
|
13DBB6DF000
|
heap
|
page read and write
|
||
|
13DBB185000
|
heap
|
page read and write
|
||
|
17220550000
|
heap
|
page execute and read and write
|
||
|
13DBB12B000
|
heap
|
page read and write
|
||
|
C601EFF000
|
stack
|
page read and write
|
||
|
7FFB4B010000
|
trusted library allocation
|
page read and write
|
||
|
172202AF000
|
heap
|
page read and write
|
||
|
17220299000
|
heap
|
page read and write
|
||
|
13703FB000
|
stack
|
page read and write
|
||
|
7FF5DD185000
|
unkown
|
page readonly
|
||
|
7FFB4B03F000
|
trusted library allocation
|
page read and write
|
||
|
5A36000
|
heap
|
page read and write
|
||
|
73A0000
|
heap
|
page read and write
|
||
|
13DBAFB0000
|
remote allocation
|
page read and write
|
||
|
1722023D000
|
heap
|
page read and write
|
||
|
227059F0000
|
heap
|
page execute and read and write
|
||
|
7FFB4AE9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
F642FB000
|
stack
|
page read and write
|
||
|
7FFB4AE78000
|
trusted library allocation
|
page read and write
|
||
|
13DBB152000
|
heap
|
page read and write
|
||
|
13DBB628000
|
heap
|
page read and write
|
||
|
77FD000
|
heap
|
page read and write
|
||
|
22717713000
|
trusted library allocation
|
page read and write
|
||
|
1AC000
|
stack
|
page read and write
|
||
|
7FFB4AE70000
|
trusted library allocation
|
page read and write
|
||
|
13DBB174000
|
heap
|
page read and write
|
||
|
651BAFF000
|
stack
|
page read and write
|
||
|
5607000
|
heap
|
page read and write
|
||
|
13DBA909000
|
heap
|
page read and write
|
||
|
1FCFA376000
|
heap
|
page read and write
|
||
|
13DBB165000
|
heap
|
page read and write
|
||
|
1FC802B9000
|
trusted library allocation
|
page read and write
|
||
|
1FC802E0000
|
trusted library allocation
|
page read and write
|
||
|
5A00000
|
heap
|
page read and write
|
||
|
C602AFE000
|
stack
|
page read and write
|
||
|
5D31AFF000
|
stack
|
page read and write
|
||
|
256D6088000
|
heap
|
page read and write
|
||
|
172202D7000
|
heap
|
page read and write
|
||
|
7FF5DCECB000
|
unkown
|
page readonly
|
||
|
22705930000
|
heap
|
page read and write
|
||
|
7FFB4B05E000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B052000
|
trusted library allocation
|
page read and write
|
||
|
1FC80210000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE70000
|
trusted library allocation
|
page read and write
|
||
|
651BDFF000
|
stack
|
page read and write
|
||
|
22717761000
|
trusted library allocation
|
page read and write
|
||
|
10DF17E000
|
unkown
|
page read and write
|
||
|
13DBB661000
|
heap
|
page read and write
|
||
|
22705AAE000
|
heap
|
page read and write
|
||
|
600000
|
heap
|
page read and write
|
||
|
1E1DE176000
|
trusted library allocation
|
page read and write
|
||
|
1D0E86AE000
|
heap
|
page read and write
|
||
|
7500000
|
heap
|
page read and write
|
||
|
22705990000
|
trusted library allocation
|
page read and write
|
||
|
1FCF850F000
|
heap
|
page read and write
|
||
|
22705AE6000
|
heap
|
page read and write
|
||
|
7FFB4B056000
|
trusted library allocation
|
page read and write
|
||
|
13DBB638000
|
heap
|
page read and write
|
||
|
7FFB4AE9B000
|
trusted library allocation
|
page execute and read and write
|
||
|
622F8FE000
|
stack
|
page read and write
|
||
|
7FFB4AE73000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4AF99000
|
trusted library allocation
|
page execute and read and write
|
||
|
F292B7E000
|
stack
|
page read and write
|
||
|
7FF5DD26C000
|
unkown
|
page readonly
|
||
|
1FC8014B000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B06A000
|
trusted library allocation
|
page read and write
|
||
|
1D0E85C0000
|
heap
|
page execute and read and write
|
||
|
13DBB134000
|
heap
|
page read and write
|
||
|
474000
|
remote allocation
|
page execute and read and write
|
||
|
136FFFE000
|
unkown
|
page readonly
|
||
|
1E1DBE24000
|
heap
|
page read and write
|
||
|
19985E02000
|
unkown
|
page read and write
|
||
|
13DBB10D000
|
heap
|
page read and write
|
||
|
7FFB4AE8B000
|
trusted library allocation
|
page execute and read and write
|
||
|
13DBB140000
|
heap
|
page read and write
|
||
|
7FFB4B057000
|
trusted library allocation
|
page read and write
|
||
|
19985C60000
|
heap
|
page read and write
|
||
|
F1D000
|
stack
|
page read and write
|
||
|
13DBA902000
|
heap
|
page read and write
|
||
|
1FC90001000
|
trusted library allocation
|
page read and write
|
||
|
1DF92600000
|
unkown
|
page read and write
|
||
|
17F3F100000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE72000
|
trusted library allocation
|
page read and write
|
||
|
17F2EDA1000
|
trusted library allocation
|
page read and write
|
||
|
13DBA93B000
|
heap
|
page read and write
|
||
|
70BC000
|
heap
|
page read and write
|
||
|
13DBA845000
|
heap
|
page read and write
|
||
|
17F2D09A000
|
heap
|
page read and write
|
||
|
F645FE000
|
unkown
|
page readonly
|
||
|
7FFB4B030000
|
trusted library allocation
|
page read and write
|
||
|
22707B89000
|
trusted library allocation
|
page read and write
|
||
|
19985E02000
|
unkown
|
page read and write
|
||
|
7FF5DD26C000
|
unkown
|
page readonly
|
||
|
1D0E86FA000
|
heap
|
page read and write
|
||
|
19985D71000
|
unkown
|
page readonly
|
||
|
22705920000
|
heap
|
page read and write
|
||
|
1723A802000
|
heap
|
page execute and read and write
|
||
|
EDF000
|
stack
|
page read and write
|
||
|
2453D7CD000
|
heap
|
page read and write
|
||
|
1FC800F9000
|
trusted library allocation
|
page read and write
|
||
|
1E1DBEB1000
|
heap
|
page read and write
|
||
|
7FFB4AE70000
|
trusted library allocation
|
page read and write
|
||
|
13DBB115000
|
heap
|
page read and write
|
||
|
13DBB152000
|
heap
|
page read and write
|
||
|
2453D558000
|
heap
|
page read and write
|
||
|
1FC80153000
|
trusted library allocation
|
page read and write
|
||
|
456000
|
system
|
page execute and read and write
|
||
|
1FC802B1000
|
trusted library allocation
|
page read and write
|
||
|
19985C00000
|
unkown
|
page readonly
|
||
|
4B0000
|
heap
|
page readonly
|
||
|
7FFB4AE90000
|
trusted library allocation
|
page read and write
|
||
|
17F2CF90000
|
heap
|
page read and write
|
||
|
7FFB4AF80000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D0E8450000
|
heap
|
page read and write
|
||
|
13DBA813000
|
heap
|
page read and write
|
||
|
1FCFADA0000
|
heap
|
page read and write
|
||
|
1DF92700000
|
trusted library allocation
|
page read and write
|
||
|
13DBB157000
|
heap
|
page read and write
|
||
|
7FFB4AE8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
70B0000
|
heap
|
page read and write
|
||
|
13DBA670000
|
heap
|
page read and write
|
||
|
4E03FF000
|
unkown
|
page read and write
|
||
|
1DF92673000
|
heap
|
page read and write
|
||
|
1E1DE189000
|
trusted library allocation
|
page read and write
|
||
|
2453F483000
|
heap
|
page read and write
|
||
|
52457F000
|
stack
|
page read and write
|
||
|
1FC8018C000
|
trusted library allocation
|
page read and write
|
||
|
2453D650000
|
heap
|
page read and write
|
||
|
20CCDF29000
|
heap
|
page read and write
|
||
|
7FFB4AEBC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1D0E8540000
|
heap
|
page read and write
|
||
|
7FFB4AE84000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B070000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FC802AB000
|
trusted library allocation
|
page read and write
|
||
|
1FC801B9000
|
trusted library allocation
|
page read and write
|
||
|
51A0000
|
heap
|
page read and write
|
||
|
13DBB15D000
|
heap
|
page read and write
|
||
|
7FFB4AF9E000
|
trusted library allocation
|
page execute and read and write
|
||
|
13DBB170000
|
heap
|
page read and write
|
||
|
7800000
|
heap
|
page read and write
|
||
|
1D0805E9000
|
trusted library allocation
|
page read and write
|
||
|
13DBB157000
|
heap
|
page read and write
|
||
|
1D0EAB3A000
|
heap
|
page read and write
|
||
|
7FFB4B027000
|
trusted library allocation
|
page read and write
|
||
|
13DBB124000
|
heap
|
page read and write
|
||
|
7FFB4AE89000
|
trusted library allocation
|
page read and write
|
||
|
1D0E8621000
|
heap
|
page read and write
|
||
|
7FF5DD2A8000
|
unkown
|
page readonly
|
||
|
7FFB4AE80000
|
trusted library allocation
|
page read and write
|
||
|
496C000
|
stack
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
13DBB183000
|
heap
|
page read and write
|
||
|
622EF33000
|
stack
|
page read and write
|
||
|
7FFB4AE7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4B00E000
|
trusted library allocation
|
page read and write
|
||
|
75B0000
|
heap
|
page read and write
|
||
|
7FFB4AE80000
|
trusted library allocation
|
page read and write
|
||
|
19986000000
|
unkown
|
page readonly
|
||
|
7FF49ED60000
|
trusted library allocation
|
page execute and read and write
|
||
|
22707615000
|
trusted library allocation
|
page read and write
|
||
|
17221FC1000
|
trusted library allocation
|
page read and write
|
||
|
51B0000
|
heap
|
page readonly
|
||
|
13DBB15C000
|
heap
|
page read and write
|
||
|
1FC80020000
|
trusted library allocation
|
page read and write
|
||
|
13DBB167000
|
heap
|
page read and write
|
||
|
17220242000
|
heap
|
page read and write
|
||
|
13705F8000
|
stack
|
page read and write
|
||
|
1E1DBE13000
|
heap
|
page read and write
|
||
|
1FCF8480000
|
heap
|
page read and write
|
||
|
13DBA88A000
|
heap
|
page read and write
|
||
|
1FC801F8000
|
trusted library allocation
|
page read and write
|
||
|
13DBA8C8000
|
heap
|
page read and write
|
||
|
13DBB130000
|
heap
|
page read and write
|
||
|
17F3EE0E000
|
trusted library allocation
|
page read and write
|
||
|
1E1DBE52000
|
heap
|
page read and write
|
||
|
13DBB12A000
|
heap
|
page read and write
|
||
|
7FFB4B010000
|
trusted library allocation
|
page read and write
|
||
|
F1D000
|
stack
|
page read and write
|
||
|
EDC000
|
stack
|
page read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
13DBB17F000
|
heap
|
page read and write
|
||
|
13707FE000
|
stack
|
page read and write
|
||
|
13DBB163000
|
heap
|
page read and write
|
||
|
7FFB4AF2C000
|
trusted library allocation
|
page execute and read and write
|
||
|
13DBB160000
|
heap
|
page read and write
|
||
|
7FFB4B03F000
|
trusted library allocation
|
page read and write
|
||
|
1FC8022B000
|
trusted library allocation
|
page read and write
|
||
|
13DBA891000
|
heap
|
page read and write
|
||
|
13DBB12A000
|
heap
|
page read and write
|
||
|
7FF5DD1EF000
|
unkown
|
page readonly
|
||
|
5558000
|
heap
|
page read and write
|
||
|
7FFB4B01E000
|
trusted library allocation
|
page read and write
|
||
|
1D0E8702000
|
heap
|
page read and write
|
||
|
1DF92B02000
|
heap
|
page read and write
|
||
|
1FCF8720000
|
heap
|
page read and write
|
||
|
1FCFA7C0000
|
trusted library section
|
page read and write
|
||
|
7829000
|
heap
|
page read and write
|
||
|
136FB6B000
|
stack
|
page read and write
|
||
|
E5C000
|
stack
|
page read and write
|
||
|
13DBB145000
|
heap
|
page read and write
|
||
|
10B62CD0000
|
heap
|
page read and write
|
||
|
1FC8021D000
|
trusted library allocation
|
page read and write
|
||
|
51E0000
|
heap
|
page read and write
|
||
|
7FF5DD185000
|
unkown
|
page readonly
|
||
|
22705A4B000
|
heap
|
page read and write
|
||
|
7FFB4AE72000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B040000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF86000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FCF85C0000
|
heap
|
page read and write
|
||
|
1FC80167000
|
trusted library allocation
|
page read and write
|
||
|
C601913000
|
stack
|
page read and write
|
||
|
13DBB155000
|
heap
|
page read and write
|
||
|
13DBB167000
|
heap
|
page read and write
|
||
|
1D0900FA000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
56B0000
|
heap
|
page read and write
|
||
|
3990AFA000
|
stack
|
page read and write
|
||
|
13DBB6AB000
|
heap
|
page read and write
|
||
|
76F0000
|
heap
|
page read and write
|
||
|
13DBB15B000
|
heap
|
page read and write
|
||
|
10B62DD0000
|
heap
|
page read and write
|
||
|
1FC80274000
|
trusted library allocation
|
page read and write
|
||
|
1FC80305000
|
trusted library allocation
|
page read and write
|
||
|
1FC80233000
|
trusted library allocation
|
page read and write
|
||
|
10B62EF1000
|
heap
|
page read and write
|
||
|
1D090007000
|
trusted library allocation
|
page read and write
|
||
|
C601CFE000
|
stack
|
page read and write
|
||
|
13DBA8C1000
|
heap
|
page read and write
|
||
|
1E1DC0E3000
|
trusted library allocation
|
page read and write
|
||
|
17F2D011000
|
heap
|
page read and write
|
||
|
17F2CFF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF46000
|
trusted library allocation
|
page execute and read and write
|
||
|
779B000
|
heap
|
page read and write
|
||
|
17F2D03B000
|
heap
|
page read and write
|
||
|
19985E3A000
|
unkown
|
page read and write
|
||
|
13DBB70D000
|
heap
|
page read and write
|
||
|
5A3E000
|
heap
|
page read and write
|
||
|
7FFB4B040000
|
trusted library allocation
|
page read and write
|
||
|
17F2CF70000
|
heap
|
page read and write
|
||
|
55639FF000
|
stack
|
page read and write
|
||
|
22705A88000
|
heap
|
page read and write
|
||
|
256D60A9000
|
heap
|
page read and write
|
||
|
7FFB4AE60000
|
trusted library allocation
|
page read and write
|
||
|
5D316FF000
|
stack
|
page read and write
|
||
|
C6024FF000
|
stack
|
page read and write
|
||
|
19985E3A000
|
unkown
|
page read and write
|
||
|
7FFB4AE68000
|
trusted library allocation
|
page read and write
|
||
|
547F000
|
heap
|
page read and write
|
||
|
7FF5DD22E000
|
unkown
|
page readonly
|
||
|
5440000
|
heap
|
page read and write
|
||
|
13DBB110000
|
heap
|
page read and write
|
||
|
13DBB127000
|
heap
|
page read and write
|
||
|
1E1DBE9A000
|
heap
|
page read and write
|
||
|
17220251000
|
heap
|
page read and write
|
||
|
1723200F000
|
trusted library allocation
|
page read and write
|
||
|
13DBB611000
|
heap
|
page read and write
|
||
|
17220277000
|
heap
|
page read and write
|
||
|
7FFB4AF8A000
|
trusted library allocation
|
page execute and read and write
|
||
|
900927A000
|
stack
|
page read and write
|
||
|
13DBB123000
|
heap
|
page read and write
|
||
|
17F2D03D000
|
heap
|
page read and write
|
||
|
20CCDF29000
|
heap
|
page read and write
|
||
|
1D0E86D0000
|
heap
|
page read and write
|
||
|
7FFB4AF86000
|
trusted library allocation
|
page execute and read and write
|
||
|
13DBB137000
|
heap
|
page read and write
|
||
|
17220213000
|
heap
|
page read and write
|
||
|
13DBB140000
|
heap
|
page read and write
|
||
|
1D0E85D3000
|
trusted library allocation
|
page read and write
|
||
|
13DBB156000
|
heap
|
page read and write
|
||
|
1D0E8650000
|
heap
|
page read and write
|
||
|
90092FF000
|
stack
|
page read and write
|
||
|
1FCFA020000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FC9006C000
|
trusted library allocation
|
page read and write
|
||
|
172202F7000
|
heap
|
page read and write
|
||
|
55633FE000
|
stack
|
page read and write
|
||
|
C601DFE000
|
stack
|
page read and write
|
||
|
EE4000
|
stack
|
page read and write
|
||
|
5563BFA000
|
stack
|
page read and write
|
||
|
13DBA828000
|
heap
|
page read and write
|
||
|
17F3EE91000
|
trusted library allocation
|
page read and write
|
||
|
754E000
|
stack
|
page read and write
|
||
|
F648FB000
|
stack
|
page read and write
|
||
|
1D0E86E3000
|
heap
|
page read and write
|
||
|
750E000
|
stack
|
page read and write
|
||
|
1FCF8700000
|
heap
|
page read and write
|
||
|
13DBB11A000
|
heap
|
page read and write
|
||
|
20CCE1E0000
|
heap
|
page read and write
|
||
|
19985C80000
|
heap
|
page read and write
|
||
|
1FCF9FB0000
|
heap
|
page execute and read and write
|
||
|
13DBB126000
|
heap
|
page read and write
|
||
|
7FF5DD294000
|
unkown
|
page readonly
|
||
|
1FC8017D000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B050000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B060000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FC801B6000
|
trusted library allocation
|
page read and write
|
||
|
19985C70000
|
unkown
|
page readonly
|
||
|
7FFB4AE94000
|
trusted library allocation
|
page read and write
|
||
|
10B62EBA000
|
heap
|
page read and write
|
||
|
13DBB12B000
|
heap
|
page read and write
|
||
|
13DBB015000
|
heap
|
page read and write
|
||
|
7FF5DD217000
|
unkown
|
page readonly
|
||
|
13DBB709000
|
heap
|
page read and write
|
||
|
7FFB4B005000
|
trusted library allocation
|
page read and write
|
||
|
1D0E8580000
|
trusted library allocation
|
page read and write
|
||
|
17F2D0FC000
|
heap
|
page read and write
|
||
|
1FCFA7D6000
|
trusted library section
|
page read and write
|
||
|
19985F02000
|
unkown
|
page read and write
|
||
|
20CCFD80000
|
heap
|
page read and write
|
||
|
19985C60000
|
heap
|
page read and write
|
||
|
588D000
|
stack
|
page read and write
|
||
|
13DBB12F000
|
heap
|
page read and write
|
||
|
13DBB175000
|
heap
|
page read and write
|
||
|
1DF92715000
|
trusted library allocation
|
page read and write
|
||
|
13DBAFB0000
|
remote allocation
|
page read and write
|
||
|
22705D02000
|
heap
|
page read and write
|
||
|
13DBB612000
|
heap
|
page read and write
|
||
|
39905FF000
|
stack
|
page read and write
|
||
|
3990BFD000
|
stack
|
page read and write
|
||
|
39909FE000
|
stack
|
page read and write
|
||
|
7FFB4AE8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
17F2F3B6000
|
trusted library allocation
|
page read and write
|
||
|
256D60AA000
|
heap
|
page read and write
|
||
|
7FFB4B01A000
|
trusted library allocation
|
page read and write
|
||
|
13DBB172000
|
heap
|
page read and write
|
||
|
1FC80117000
|
trusted library allocation
|
page read and write
|
||
|
13704FE000
|
unkown
|
page readonly
|
||
|
17F2D024000
|
heap
|
page read and write
|
||
|
1DF92613000
|
unkown
|
page read and write
|
||
|
22705970000
|
trusted library allocation
|
page read and write
|
||
|
17232300000
|
trusted library allocation
|
page read and write
|
||
|
DEC000
|
stack
|
page read and write
|
||
|
13DBB68A000
|
heap
|
page read and write
|
||
|
13DBB132000
|
heap
|
page read and write
|
||
|
5563CFD000
|
stack
|
page read and write
|
||
|
7FFB4AF16000
|
trusted library allocation
|
page read and write
|
||
|
13DBB69A000
|
heap
|
page read and write
|
||
|
52A0000
|
heap
|
page read and write
|
||
|
7FFB4AF1C000
|
trusted library allocation
|
page execute and read and write
|
||
|
F292A75000
|
stack
|
page read and write
|
||
|
13DBA870000
|
heap
|
page read and write
|
||
|
13DBB182000
|
heap
|
page read and write
|
||
|
C6023FF000
|
stack
|
page read and write
|
||
|
7FFB4AE78000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF20000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FC8015F000
|
trusted library allocation
|
page read and write
|
||
|
13DBB667000
|
heap
|
page read and write
|
||
|
474000
|
remote allocation
|
page execute and read and write
|
||
|
13DBB700000
|
heap
|
page read and write
|
||
|
13DBB182000
|
heap
|
page read and write
|
||
|
13DBB72A000
|
heap
|
page read and write
|
||
|
7FFB4AF30000
|
trusted library allocation
|
page execute and read and write
|
||
|
17F2D02D000
|
heap
|
page read and write
|
||
|
1FC80296000
|
trusted library allocation
|
page read and write
|
||
|
13DBB182000
|
heap
|
page read and write
|
||
|
75F9000
|
heap
|
page read and write
|
||
|
5D319FE000
|
stack
|
page read and write
|
||
|
7FFB4AE80000
|
trusted library allocation
|
page read and write
|
||
|
2453D7C5000
|
heap
|
page read and write
|
||
|
172202EA000
|
heap
|
page read and write
|
||
|
7FFB4B010000
|
trusted library allocation
|
page read and write
|
||
|
1FC802BC000
|
trusted library allocation
|
page read and write
|
||
|
1D080001000
|
trusted library allocation
|
page read and write
|
||
|
13DBB11E000
|
heap
|
page read and write
|
||
|
20CCDF31000
|
heap
|
page read and write
|
||
|
13DBB72F000
|
heap
|
page read and write
|
||
|
1DF92702000
|
trusted library allocation
|
page read and write
|
||
|
17F3EDA7000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B067000
|
trusted library allocation
|
page read and write
|
||
|
553E000
|
stack
|
page read and write
|
||
|
635000
|
heap
|
page read and write
|
||
|
13DBB560000
|
remote allocation
|
page read and write
|
||
|
7FF5DD217000
|
unkown
|
page readonly
|
||
|
17F2D2D0000
|
heap
|
page read and write
|
||
|
5D31DFA000
|
stack
|
page read and write
|
||
|
7FFB4AE72000
|
trusted library allocation
|
page read and write
|
||
|
17220200000
|
heap
|
page read and write
|
||
|
45C000
|
system
|
page execute and read and write
|
||
|
13DBB152000
|
heap
|
page read and write
|
||
|
52447C000
|
stack
|
page read and write
|
||
|
EC6000
|
stack
|
page read and write
|
||
|
22705A51000
|
heap
|
page read and write
|
||
|
622F2FF000
|
stack
|
page read and write
|
||
|
20CD1353000
|
heap
|
page read and write
|
||
|
7FFB4B017000
|
trusted library allocation
|
page read and write
|
||
|
1FC80101000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B031000
|
trusted library allocation
|
page read and write
|
||
|
13DBB155000
|
heap
|
page read and write
|
||
|
256D60A0000
|
heap
|
page read and write
|
||
|
7FFB4AE7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
13DBB13A000
|
heap
|
page read and write
|
||
|
22717622000
|
trusted library allocation
|
page read and write
|
||
|
622FAFA000
|
stack
|
page read and write
|
||
|
17231FB1000
|
trusted library allocation
|
page read and write
|
||
|
1DF92602000
|
unkown
|
page read and write
|
||
|
13DBB129000
|
heap
|
page read and write
|
||
|
7FF5DD203000
|
unkown
|
page readonly
|
||
|
13DBB002000
|
heap
|
page read and write
|
||
|
1E1DDBAB000
|
trusted library allocation
|
page read and write
|
||
|
1E1EDF00000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE70000
|
trusted library allocation
|
page read and write
|
||
|
1E1F7402000
|
heap
|
page execute and read and write
|
||
|
651B8F3000
|
stack
|
page read and write
|
||
|
22705A00000
|
heap
|
page read and write
|
||
|
13DBB1A0000
|
heap
|
page read and write
|
||
|
13DBA87D000
|
heap
|
page read and write
|
||
|
1B077690000
|
heap
|
page read and write
|
||
|
1FC802D0000
|
trusted library allocation
|
page read and write
|
||
|
22717900000
|
trusted library allocation
|
page read and write
|
||
|
22705A46000
|
heap
|
page read and write
|
||
|
1E1EDE30000
|
trusted library allocation
|
page read and write
|
||
|
1E1DC110000
|
heap
|
page execute and read and write
|
||
|
7FFB4AF16000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B014000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B01A000
|
trusted library allocation
|
page read and write
|
||
|
1FCF8630000
|
trusted library allocation
|
page read and write
|
||
|
C6025FA000
|
stack
|
page read and write
|
||
|
13DBB17D000
|
heap
|
page read and write
|
||
|
39903FF000
|
stack
|
page read and write
|
||
|
7FFB4B035000
|
trusted library allocation
|
page read and write
|
||
|
13DBA800000
|
heap
|
page read and write
|
||
|
1E1DBEE6000
|
heap
|
page read and write
|
||
|
7FFB4AECC000
|
trusted library allocation
|
page execute and read and write
|
||
|
13DBAFA0000
|
remote allocation
|
page read and write
|
||
|
7FFB4AE70000
|
trusted library allocation
|
page read and write
|
||
|
13DBB129000
|
heap
|
page read and write
|
||
|
13DBB135000
|
heap
|
page read and write
|
||
|
7FFB4B035000
|
trusted library allocation
|
page read and write
|
||
|
651BEFE000
|
stack
|
page read and write
|
||
|
7FFB4AF30000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E1F753A000
|
heap
|
page read and write
|
||
|
20CCE1E5000
|
heap
|
page read and write
|
||
|
7FF5DD21F000
|
unkown
|
page readonly
|
||
|
13DBB10F000
|
heap
|
page read and write
|
||
|
1FC80244000
|
trusted library allocation
|
page read and write
|
||
|
1FC80241000
|
trusted library allocation
|
page read and write
|
||
|
13DBB652000
|
heap
|
page read and write
|
||
|
478000
|
remote allocation
|
page execute and read and write
|
||
|
7FFB4AE84000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF16000
|
trusted library allocation
|
page read and write
|
||
|
1E1DBE42000
|
heap
|
page read and write
|
||
|
2453D5A2000
|
heap
|
page read and write
|
||
|
1B078F70000
|
heap
|
page read and write
|
||
|
13DBB109000
|
heap
|
page read and write
|
||
|
F63F7C000
|
stack
|
page read and write
|
||
|
622F5FB000
|
stack
|
page read and write
|
||
|
68DF000
|
stack
|
page read and write
|
||
|
17F2D0EA000
|
heap
|
page read and write
|
||
|
13DBB116000
|
heap
|
page read and write
|
||
|
7FFB4B067000
|
trusted library allocation
|
page read and write
|
||
|
1722022D000
|
heap
|
page read and write
|
||
|
5580000
|
heap
|
page read and write
|
||
|
622F3FF000
|
stack
|
page read and write
|
||
|
13DBB157000
|
heap
|
page read and write
|
||
|
13DBA85F000
|
heap
|
page read and write
|
||
|
7FF5DD16D000
|
unkown
|
page readonly
|
||
|
20CCDF20000
|
heap
|
page read and write
|
||
|
1FC8027B000
|
trusted library allocation
|
page read and write
|
||
|
1FC801F2000
|
trusted library allocation
|
page read and write
|
||
|
1E1EDBA1000
|
trusted library allocation
|
page read and write
|
||
|
7FF5DD22B000
|
unkown
|
page readonly
|
||
|
13DBB118000
|
heap
|
page read and write
|
||
|
7FFB4B059000
|
trusted library allocation
|
page read and write
|
||
|
13DBB6A2000
|
heap
|
page read and write
|
||
|
172201A0000
|
heap
|
page read and write
|
||
|
172202FA000
|
heap
|
page read and write
|
||
|
24540F40000
|
trusted library allocation
|
page read and write
|
||
|
13DBB6F0000
|
heap
|
page read and write
|
||
|
1D0E8530000
|
heap
|
page read and write
|
||
|
5700000
|
heap
|
page read and write
|
||
|
1DF92570000
|
heap
|
page read and write
|
||
|
1FC800ED000
|
trusted library allocation
|
page read and write
|
||
|
39908FE000
|
stack
|
page read and write
|
||
|
1B0775B0000
|
heap
|
page read and write
|
||
|
78C1000
|
heap
|
page read and write
|
||
|
256D60AE000
|
heap
|
page read and write
|
||
|
7FFB4AF80000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4B015000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B002000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B00B000
|
trusted library allocation
|
page read and write
|
||
|
622F9FD000
|
stack
|
page read and write
|
||
|
F292AFE000
|
stack
|
page read and write
|
||
|
17220180000
|
heap
|
page read and write
|
||
|
7FF5DD21B000
|
unkown
|
page readonly
|
||
|
172202E3000
|
heap
|
page read and write
|
||
|
13DBB19A000
|
heap
|
page read and write
|
||
|
7FFB4AE74000
|
trusted library allocation
|
page read and write
|
||
|
1FC801D2000
|
trusted library allocation
|
page read and write
|
||
|
C6021FE000
|
stack
|
page read and write
|
||
|
20CCDF15000
|
heap
|
page read and write
|
||
|
13DBB146000
|
heap
|
page read and write
|
||
|
13DBA94C000
|
heap
|
page read and write
|
||
|
78AF000
|
stack
|
page read and write
|
||
|
77ED000
|
heap
|
page read and write
|
||
|
13DBB12E000
|
heap
|
page read and write
|
||
|
13DBB68F000
|
heap
|
page read and write
|
||
|
13DBA650000
|
heap
|
page read and write
|
||
|
1FC80247000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
70D5000
|
heap
|
page read and write
|
||
|
7FFB4AF46000
|
trusted library allocation
|
page execute and read and write
|
||
|
20CCDF31000
|
heap
|
page read and write
|
||
|
1FC80289000
|
trusted library allocation
|
page read and write
|
||
|
1DF9262B000
|
heap
|
page read and write
|
||
|
7FFB4AE73000
|
trusted library allocation
|
page execute and read and write
|
||
|
75F0000
|
heap
|
page read and write
|
||
|
1E1DBEAE000
|
heap
|
page read and write
|
||
|
7FF5DD28D000
|
unkown
|
page readonly
|
||
|
2271FF00000
|
heap
|
page read and write
|
||
|
1FCF84CB000
|
heap
|
page read and write
|
||
|
13DBB117000
|
heap
|
page read and write
|
||
|
1D0E8624000
|
heap
|
page read and write
|
||
|
7FFB4AE73000
|
trusted library allocation
|
page execute and read and write
|
||
|
77AF000
|
stack
|
page read and write
|
||
|
227075A9000
|
trusted library allocation
|
page read and write
|
||
|
F643FE000
|
unkown
|
page readonly
|
||
|
1FC802BF000
|
trusted library allocation
|
page read and write
|
||
|
2453F480000
|
heap
|
page read and write
|
||
|
EC0000
|
heap
|
page read and write
|
||
|
17F2EDAB000
|
trusted library allocation
|
page read and write
|
||
|
1FC80255000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE63000
|
trusted library allocation
|
page execute and read and write
|
||
|
13DBB66A000
|
heap
|
page read and write
|
||
|
79AF000
|
stack
|
page read and write
|
||
|
17F2D2E0000
|
heap
|
page execute and read and write
|
||
|
7FFB4B010000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF80000
|
trusted library allocation
|
page execute and read and write
|
||
|
13DBB15D000
|
heap
|
page read and write
|
||
|
20CCDF2D000
|
heap
|
page read and write
|
||
|
7FFB4B040000
|
trusted library allocation
|
page read and write
|
||
|
1FC801E4000
|
trusted library allocation
|
page read and write
|
||
|
20CCDF20000
|
heap
|
page read and write
|
||
|
17F2D0F7000
|
heap
|
page read and write
|
||
|
1FC80225000
|
trusted library allocation
|
page read and write
|
||
|
1FCF84A0000
|
heap
|
page read and write
|
||
|
1DF92638000
|
heap
|
page read and write
|
||
|
13DBB132000
|
heap
|
page read and write
|
||
|
13DBB132000
|
heap
|
page read and write
|
||
|
39907FE000
|
stack
|
page read and write
|
||
|
13DBA91A000
|
heap
|
page read and write
|
||
|
1FC80109000
|
trusted library allocation
|
page read and write
|
||
|
13DBA750000
|
heap
|
page read and write
|
||
|
13DBB121000
|
heap
|
page read and write
|
||
|
1D0E8698000
|
heap
|
page read and write
|
||
|
5D318FD000
|
stack
|
page read and write
|
||
|
17F3EDA1000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE74000
|
trusted library allocation
|
page read and write
|
||
|
17239FD0000
|
trusted library allocation
|
page read and write
|
||
|
2453D450000
|
heap
|
page read and write
|
||
|
13DBB180000
|
heap
|
page read and write
|
||
|
13DBA8A9000
|
heap
|
page read and write
|
||
|
7FFB4AE94000
|
trusted library allocation
|
page read and write
|
||
|
13DBB155000
|
heap
|
page read and write
|
||
|
22705AC2000
|
heap
|
page read and write
|
||
|
575D000
|
stack
|
page read and write
|
||
|
1E1DBF02000
|
heap
|
page read and write
|
||
|
7FFB4B015000
|
trusted library allocation
|
page read and write
|
||
|
622F7FE000
|
stack
|
page read and write
|
||
|
2453D7C0000
|
heap
|
page read and write
|
||
|
5A30000
|
heap
|
page read and write
|
||
|
22707B76000
|
trusted library allocation
|
page read and write
|
||
|
17F2D052000
|
heap
|
page read and write
|
||
|
13DBB66D000
|
heap
|
page read and write
|
||
|
13702FE000
|
unkown
|
page readonly
|
||
|
1FCF84E4000
|
heap
|
page read and write
|
||
|
627207F000
|
stack
|
page read and write
|
||
|
7FFB4B010000
|
trusted library allocation
|
page read and write
|
||
|
13DBA94C000
|
heap
|
page read and write
|
||
|
2271769A000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B050000
|
trusted library allocation
|
page read and write
|
||
|
13DBA8E6000
|
heap
|
page read and write
|
||
|
13DBB163000
|
heap
|
page read and write
|
||
|
7FFB4B00E000
|
trusted library allocation
|
page read and write
|
||
|
13DBA905000
|
heap
|
page read and write
|
||
|
7FF5DD2A5000
|
unkown
|
page readonly
|
||
|
7FFB4B018000
|
trusted library allocation
|
page read and write
|
||
|
172204D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE72000
|
trusted library allocation
|
page read and write
|
||
|
1FCFA7C9000
|
trusted library section
|
page read and write
|
||
|
7FFB4B02A000
|
trusted library allocation
|
page read and write
|
||
|
13DBB15C000
|
heap
|
page read and write
|
||
|
13DBB68D000
|
heap
|
page read and write
|
||
|
7FFB4AE82000
|
trusted library allocation
|
page read and write
|
||
|
20CCDF2E000
|
heap
|
page read and write
|
||
|
1FC8011F000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE80000
|
trusted library allocation
|
page read and write
|
||
|
256D6065000
|
heap
|
page read and write
|
||
|
19985C80000
|
heap
|
page read and write
|
||
|
17221FA1000
|
trusted library allocation
|
page read and write
|
||
|
1E1EDD61000
|
trusted library allocation
|
page read and write
|
||
|
22705A13000
|
heap
|
page read and write
|
||
|
1E1DBD80000
|
heap
|
page read and write
|
||
|
1D0E8802000
|
heap
|
page read and write
|
||
|
1D0EAA02000
|
heap
|
page execute and read and write
|
||
|
7FFB4B030000
|
trusted library allocation
|
page read and write
|
||
|
19986602000
|
unkown
|
page read and write
|
||
|
22705A22000
|
heap
|
page read and write
|
||
|
1E1DBD40000
|
heap
|
page read and write
|
||
|
1E1DDBA1000
|
trusted library allocation
|
page read and write
|
||
|
17220702000
|
heap
|
page read and write
|
||
|
20CCDF00000
|
heap
|
page read and write
|
||
|
13DBB129000
|
heap
|
page read and write
|
||
|
13709FB000
|
stack
|
page read and write
|
||
|
79EE000
|
stack
|
page read and write
|
||
|
7FFB4B052000
|
trusted library allocation
|
page read and write
|
||
|
17F2CF80000
|
heap
|
page read and write
|
||
|
7080000
|
heap
|
page read and write
|
||
|
7B10000
|
heap
|
page read and write
|
||
|
13DBB14E000
|
heap
|
page read and write
|
||
|
17F2CFD0000
|
trusted library allocation
|
page read and write
|
||
|
2453D5C3000
|
heap
|
page read and write
|
||
|
1FC802C2000
|
trusted library allocation
|
page read and write
|
||
|
1DF92B00000
|
heap
|
page read and write
|
||
|
19985D90000
|
unkown
|
page read and write
|
||
|
17F3F030000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE80000
|
trusted library allocation
|
page read and write
|
||
|
1D0EA860000
|
heap
|
page execute and read and write
|
||
|
474000
|
remote allocation
|
page execute and read and write
|
||
|
19985D90000
|
unkown
|
page read and write
|
||
|
5468000
|
heap
|
page read and write
|
||
|
13DBB141000
|
heap
|
page read and write
|
||
|
13DBB12E000
|
heap
|
page read and write
|
||
|
13DBB662000
|
heap
|
page read and write
|
||
|
70C0000
|
heap
|
page read and write
|
||
|
7FFB4AE60000
|
trusted library allocation
|
page read and write
|
||
|
5550000
|
heap
|
page read and write
|
||
|
13DBB16F000
|
heap
|
page read and write
|
||
|
13DBB153000
|
heap
|
page read and write
|
||
|
1D0EB010000
|
heap
|
page read and write
|
||
|
7FFB4AE8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
49D0000
|
heap
|
page read and write
|
||
|
1FC80001000
|
trusted library allocation
|
page read and write
|
||
|
13DBB6B5000
|
heap
|
page read and write
|
||
|
7FFB4AF26000
|
trusted library allocation
|
page read and write
|
||
|
7FF5DCECB000
|
unkown
|
page readonly
|
||
|
1FC8012D000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE70000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B014000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE63000
|
trusted library allocation
|
page execute and read and write
|
||
|
17F2D502000
|
heap
|
page read and write
|
||
|
1FCFA980000
|
heap
|
page read and write
|
||
|
D1E000
|
stack
|
page read and write
|
||
|
1B0776D9000
|
heap
|
page read and write
|
||
|
13DBB132000
|
heap
|
page read and write
|
||
|
1D0E8640000
|
heap
|
page read and write
|
||
|
13DBB6AD000
|
heap
|
page read and write
|
||
|
7FFB4AF20000
|
trusted library allocation
|
page read and write
|
||
|
1FC8016D000
|
trusted library allocation
|
page read and write
|
||
|
1FC801D5000
|
trusted library allocation
|
page read and write
|
||
|
13DBB6F3000
|
heap
|
page read and write
|
||
|
10016000
|
direct allocation
|
page execute and read and write
|
||
|
1FC8024A000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B000000
|
trusted library allocation
|
page read and write
|
||
|
D5C000
|
stack
|
page read and write
|
||
|
13DBAFB0000
|
remote allocation
|
page read and write
|
||
|
5D314F3000
|
stack
|
page read and write
|
||
|
256D6080000
|
heap
|
page read and write
|
||
|
227059C0000
|
trusted library allocation
|
page read and write
|
||
|
651C1FA000
|
stack
|
page read and write
|
||
|
13DBB11C000
|
heap
|
page read and write
|
||
|
7FFB4B025000
|
trusted library allocation
|
page read and write
|
||
|
20CCDEA0000
|
heap
|
page read and write
|
||
|
7FFB4AF90000
|
trusted library allocation
|
page execute and read and write
|
||
|
13DBA82B000
|
heap
|
page read and write
|
||
|
7FFB4AE6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
17F2D0D0000
|
heap
|
page read and write
|
||
|
7FFB4AE90000
|
trusted library allocation
|
page read and write
|
||
|
1FCF83A0000
|
heap
|
page read and write
|
||
|
7FFB4B02A000
|
trusted library allocation
|
page read and write
|
||
|
13DBB143000
|
heap
|
page read and write
|
||
|
13DBB12C000
|
heap
|
page read and write
|
||
|
7FFB4B02F000
|
trusted library allocation
|
page read and write
|
||
|
227075A1000
|
trusted library allocation
|
page read and write
|
||
|
D60000
|
heap
|
page read and write
|
||
|
20CCDF2D000
|
heap
|
page read and write
|
||
|
5244FE000
|
stack
|
page read and write
|
||
|
1FCF857C000
|
heap
|
page read and write
|
||
|
7FFB4B01E000
|
trusted library allocation
|
page read and write
|
||
|
2453D5A6000
|
heap
|
page read and write
|
||
|
13DBB16C000
|
heap
|
page read and write
|
||
|
13DBA892000
|
heap
|
page read and write
|
||
|
13DBB62C000
|
heap
|
page read and write
|
||
|
24541740000
|
heap
|
page read and write
|
||
|
7600000
|
heap
|
page read and write
|
||
|
13DBB13B000
|
heap
|
page read and write
|
||
|
20CCDF26000
|
heap
|
page read and write
|
||
|
54FA000
|
stack
|
page read and write
|
||
|
1722023B000
|
heap
|
page read and write
|
||
|
256D60AD000
|
heap
|
page read and write
|
||
|
13DBB19C000
|
heap
|
page read and write
|
||
|
471000
|
remote allocation
|
page execute and read and write
|
||
|
7FFB4B024000
|
trusted library allocation
|
page read and write
|
||
|
17220225000
|
heap
|
page read and write
|
||
|
13DBB6BD000
|
heap
|
page read and write
|
||
|
13DBB617000
|
heap
|
page read and write
|
||
|
20CCDF24000
|
heap
|
page read and write
|
||
|
17F3EDB1000
|
trusted library allocation
|
page read and write
|
||
|
13DBB66C000
|
heap
|
page read and write
|
||
|
1FC8021F000
|
trusted library allocation
|
page read and write
|
||
|
1D090001000
|
trusted library allocation
|
page read and write
|
||
|
1E1DBEFC000
|
heap
|
page read and write
|
||
|
13DBB178000
|
heap
|
page read and write
|
||
|
13DBB159000
|
heap
|
page read and write
|
||
|
7FFB4AF56000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4B024000
|
trusted library allocation
|
page read and write
|
||
|
543E000
|
stack
|
page read and write
|
||
|
13DBB727000
|
heap
|
page read and write
|
||
|
7FFB4AE8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
17220500000
|
heap
|
page read and write
|
||
|
4CFC000
|
stack
|
page read and write
|
||
|
7FFB4AF26000
|
trusted library allocation
|
page read and write
|
||
|
1D0E8613000
|
heap
|
page read and write
|
||
|
51F0000
|
heap
|
page readonly
|
||
|
5D315FE000
|
stack
|
page read and write
|
||
|
1FC80239000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B01B000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B070000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4AFA9000
|
trusted library allocation
|
page execute and read and write
|
||
|
17F2D045000
|
heap
|
page read and write
|
||
|
691E000
|
stack
|
page read and write
|
||
|
13DBB17F000
|
heap
|
page read and write
|
||
|
7FFB4B008000
|
trusted library allocation
|
page read and write
|
||
|
13DBB13C000
|
heap
|
page read and write
|
||
|
13DBB172000
|
heap
|
page read and write
|
||
|
13DBB148000
|
heap
|
page read and write
|
||
|
2271FE02000
|
heap
|
page execute and read and write
|
||
|
6271DCA000
|
stack
|
page read and write
|
||
|
1D090173000
|
trusted library allocation
|
page read and write
|
||
|
1FC80199000
|
trusted library allocation
|
page read and write
|
||
|
1D090082000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE6D000
|
trusted library allocation
|
page execute and read and write
|
||
|
13DBB110000
|
heap
|
page read and write
|
||
|
1B079000000
|
heap
|
page read and write
|
||
|
20CCDF1D000
|
heap
|
page read and write
|
||
|
4D90000
|
heap
|
page read and write
|
||
|
39904FB000
|
stack
|
page read and write
|
||
|
17222576000
|
trusted library allocation
|
page read and write
|
||
|
C6026FE000
|
stack
|
page read and write
|
||
|
66DF000
|
stack
|
page read and write
|
||
|
13DBB61C000
|
heap
|
page read and write
|
||
|
1E1DC302000
|
heap
|
page read and write
|
||
|
1DF92B00000
|
heap
|
page read and write
|
||
|
256D6070000
|
heap
|
page read and write
|
||
|
19985E40000
|
unkown
|
page read and write
|
||
|
622FBFD000
|
stack
|
page read and write
|
||
|
17220602000
|
heap
|
page read and write
|
||
|
7FFB4AE8D000
|
trusted library allocation
|
page execute and read and write
|
||
|
579E000
|
stack
|
page read and write
|
||
|
1E1DDCBE000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B01A000
|
trusted library allocation
|
page read and write
|
||
|
1FC80263000
|
trusted library allocation
|
page read and write
|
||
|
7FF5DD1EF000
|
unkown
|
page readonly
|
||
|
10001000
|
direct allocation
|
page execute and read and write
|
||
|
13DBB705000
|
heap
|
page read and write
|
||
|
1FCF9FE0000
|
heap
|
page execute and read and write
|
||
|
13DBA93B000
|
heap
|
page read and write
|
||
|
22705A3E000
|
heap
|
page read and write
|
||
|
1723A902000
|
heap
|
page read and write
|
||
|
5240000
|
heap
|
page read and write
|
||
|
13DBB100000
|
heap
|
page read and write
|
||
|
17231FA1000
|
trusted library allocation
|
page read and write
|
||
|
13DBA8ED000
|
heap
|
page read and write
|
||
|
1723A900000
|
heap
|
page read and write
|
||
|
F642FE000
|
stack
|
page read and write
|
||
|
22705ADF000
|
heap
|
page read and write
|
||
|
13DBB19C000
|
heap
|
page read and write
|
||
|
17232161000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B031000
|
trusted library allocation
|
page read and write
|
||
|
F292C7E000
|
stack
|
page read and write
|
||
|
13DBB107000
|
heap
|
page read and write
|
||
|
1723B010000
|
heap
|
page read and write
|
||
|
13DBB663000
|
heap
|
page read and write
|
||
|
1DF92637000
|
heap
|
page read and write
|
||
|
7AEF000
|
stack
|
page read and write
|
||
|
10B62EE1000
|
heap
|
page read and write
|
||
|
1E1DBE11000
|
heap
|
page read and write
|
||
|
13DBB130000
|
heap
|
page read and write
|
||
|
17F2D320000
|
heap
|
page execute and read and write
|
||
|
7FFB4B040000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B062000
|
trusted library allocation
|
page read and write
|
||
|
256D60A7000
|
heap
|
page read and write
|
||
|
13DBB13E000
|
heap
|
page read and write
|
||
|
13DBB658000
|
heap
|
page read and write
|
||
|
13DBB000000
|
heap
|
page read and write
|
||
|
7FFB4AF26000
|
trusted library allocation
|
page read and write
|
||
|
7FF5DD287000
|
unkown
|
page readonly
|
||
|
1FCF8302000
|
unkown
|
page readonly
|
||
|
73FE000
|
stack
|
page read and write
|
||
|
39906FE000
|
stack
|
page read and write
|
||
|
1FCFA9C0000
|
heap
|
page read and write
|
||
|
1FCF84A6000
|
heap
|
page read and write
|
||
|
13DBB155000
|
heap
|
page read and write
|
||
|
1E1F6010000
|
heap
|
page read and write
|
||
|
6A1F000
|
stack
|
page read and write
|
||
|
C601FFE000
|
stack
|
page read and write
|
||
|
F643FE000
|
unkown
|
page readonly
|
||
|
13DBB17A000
|
heap
|
page read and write
|
||
|
256D6000000
|
heap
|
page read and write
|
||
|
13DBB179000
|
heap
|
page read and write
|
||
|
19985E00000
|
unkown
|
page read and write
|
||
|
13DBB6CE000
|
heap
|
page read and write
|
||
|
20CCDF35000
|
heap
|
page read and write
|
||
|
1FC801FF000
|
trusted library allocation
|
page read and write
|
||
|
1D0E85A0000
|
trusted library allocation
|
page read and write
|
||
|
5460000
|
heap
|
page read and write
|
||
|
EF8000
|
stack
|
page read and write
|
||
|
13DBB139000
|
heap
|
page read and write
|
||
|
1E1DBDE0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B040000
|
trusted library allocation
|
page read and write
|
||
|
227059A0000
|
heap
|
page read and write
|
||
|
19985E00000
|
unkown
|
page read and write
|
||
|
5A3C000
|
heap
|
page read and write
|
||
|
19985BF0000
|
unkown
|
page readonly
|
||
|
1FC8027E000
|
trusted library allocation
|
page read and write
|
||
|
19985F02000
|
unkown
|
page read and write
|
||
|
7FFB4B020000
|
trusted library allocation
|
page read and write
|
||
|
1D0E86D8000
|
heap
|
page read and write
|
||
|
19985D71000
|
unkown
|
page readonly
|
||
|
7FFB4B02F000
|
trusted library allocation
|
page read and write
|
||
|
C602BFB000
|
stack
|
page read and write
|
||
|
13DBB600000
|
heap
|
page read and write
|
||
|
55BF000
|
stack
|
page read and write
|
||
|
7FFB4AE94000
|
trusted library allocation
|
page read and write
|
||
|
13DBB125000
|
heap
|
page read and write
|
||
|
13DBB15D000
|
heap
|
page read and write
|
||
|
136FEFE000
|
stack
|
page read and write
|
||
|
17F2EDC0000
|
trusted library allocation
|
page read and write
|
||
|
10B63170000
|
heap
|
page read and write
|
||
|
1D090290000
|
trusted library allocation
|
page read and write
|
||
|
1E1DBD70000
|
heap
|
page read and write
|
||
|
7FFB4B014000
|
trusted library allocation
|
page read and write
|
||
|
70B6000
|
heap
|
page read and write
|
||
|
1E1DC0D0000
|
heap
|
page execute and read and write
|
||
|
1D080009000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
22705A2D000
|
heap
|
page read and write
|
||
|
1FCF8610000
|
trusted library allocation
|
page read and write
|
||
|
1D0E8902000
|
heap
|
page read and write
|
||
|
13DBB172000
|
heap
|
page read and write
|
||
|
1E1DBE3C000
|
heap
|
page read and write
|
||
|
1FC801AD000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B025000
|
trusted library allocation
|
page read and write
|
||
|
5D31EFD000
|
stack
|
page read and write
|
||
|
17232230000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
20CCDDA0000
|
heap
|
page read and write
|
||
|
256D60A9000
|
heap
|
page read and write
|
||
|
13DBA8A3000
|
heap
|
page read and write
|
||
|
F649FE000
|
unkown
|
page readonly
|
||
|
7FFB4AE82000
|
trusted library allocation
|
page read and write
|
||
|
52F8000
|
heap
|
page read and write
|
||
|
4E80000
|
heap
|
page read and write
|
||
|
1FC90062000
|
trusted library allocation
|
page read and write
|
||
|
1FC80111000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AECC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF5DD294000
|
unkown
|
page readonly
|
||
|
13DBB14C000
|
heap
|
page read and write
|
||
|
7FFB4B01B000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF90000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FCF84E1000
|
heap
|
page read and write
|
||
|
1E1DDC19000
|
trusted library allocation
|
page read and write
|
||
|
1D0E86DB000
|
heap
|
page read and write
|
||
|
1FC801CA000
|
trusted library allocation
|
page read and write
|
||
|
172202AC000
|
heap
|
page read and write
|
||
|
1FC8029E000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B005000
|
trusted library allocation
|
page read and write
|
||
|
1D080075000
|
trusted library allocation
|
page read and write
|
||
|
1E1DC202000
|
heap
|
page read and write
|
||
|
17F3EF61000
|
trusted library allocation
|
page read and write
|
||
|
7050000
|
heap
|
page read and write
|
||
|
19985E2B000
|
unkown
|
page read and write
|
||
|
1B079005000
|
heap
|
page read and write
|
||
|
7FFB4B062000
|
trusted library allocation
|
page read and write
|
||
|
22705840000
|
heap
|
page read and write
|
||
|
528E000
|
stack
|
page read and write
|
||
|
13DBB12F000
|
heap
|
page read and write
|
||
|
256D60A6000
|
heap
|
page read and write
|
||
|
1DF92A13000
|
heap
|
page read and write
|
||
|
70C6000
|
heap
|
page read and write
|
||
|
17F46DD0000
|
trusted library allocation
|
page read and write
|
||
|
1D0E862C000
|
heap
|
page read and write
|
||
|
19985E13000
|
unkown
|
page read and write
|
||
|
13DBB188000
|
heap
|
page read and write
|
||
|
7FF5DD2A0000
|
unkown
|
page readonly
|
||
|
7FF5DD16D000
|
unkown
|
page readonly
|
||
|
7FFB4AEBC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4AF20000
|
trusted library allocation
|
page read and write
|
||
|
1FC801B3000
|
trusted library allocation
|
page read and write
|
||
|
2453D550000
|
heap
|
page read and write
|
||
|
1FCF85A0000
|
heap
|
page read and write
|
||
|
67DF000
|
stack
|
page read and write
|
||
|
1FC801E1000
|
trusted library allocation
|
page read and write
|
||
|
1FC80130000
|
trusted library allocation
|
page read and write
|
||
|
2270789E000
|
trusted library allocation
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
1FCFA8B0000
|
trusted library section
|
page read and write
|
||
|
1E1DBDF0000
|
heap
|
page read and write
|
||
|
17F2EDCD000
|
trusted library allocation
|
page read and write
|
||
|
1FC802CD000
|
trusted library allocation
|
page read and write
|
||
|
17220246000
|
heap
|
page read and write
|
||
|
13DBB149000
|
heap
|
page read and write
|
||
|
7FFB4AF10000
|
trusted library allocation
|
page read and write
|
||
|
1E1DBDC0000
|
trusted library allocation
|
page read and write
|
||
|
10B62EF1000
|
heap
|
page read and write
|
||
|
598F000
|
stack
|
page read and write
|
||
|
22705A40000
|
heap
|
page read and write
|
||
|
13DBB62A000
|
heap
|
page read and write
|
||
|
13DBB138000
|
heap
|
page read and write
|
||
|
1FC8010B000
|
trusted library allocation
|
page read and write
|
||
|
1FC802DC000
|
trusted library allocation
|
page read and write
|
||
|
13DBB12C000
|
heap
|
page read and write
|
||
|
13DBB120000
|
heap
|
page read and write
|
||
|
22705A28000
|
heap
|
page read and write
|
||
|
13DBB6D2000
|
heap
|
page read and write
|
||
|
7FFB4B015000
|
trusted library allocation
|
page read and write
|
||
|
1FC80141000
|
trusted library allocation
|
page read and write
|
||
|
13DBB152000
|
heap
|
page read and write
|
||
|
7FFB4AF56000
|
trusted library allocation
|
page execute and read and write
|
||
|
256D9590000
|
heap
|
page read and write
|
||
|
758E000
|
stack
|
page read and write
|
||
|
19985D60000
|
heap
|
page read and write
|
||
|
13DBA827000
|
heap
|
page read and write
|
||
|
7FFB4AF8A000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF5DD2A5000
|
unkown
|
page readonly
|
||
|
7FFB4AF96000
|
trusted library allocation
|
page execute and read and write
|
||
|
13DBB174000
|
heap
|
page read and write
|
||
|
1FC8013E000
|
trusted library allocation
|
page read and write
|
||
|
20CCDF29000
|
heap
|
page read and write
|
||
|
7827000
|
heap
|
page read and write
|
||
|
5220000
|
heap
|
page read and write
|
||
|
1FCF830B000
|
unkown
|
page readonly
|
||
|
ECB000
|
stack
|
page read and write
|
||
|
13DBB133000
|
heap
|
page read and write
|
||
|
13DBA96D000
|
heap
|
page read and write
|
||
|
2453D530000
|
heap
|
page read and write
|
||
|
7FFB4B012000
|
trusted library allocation
|
page read and write
|
||
|
19985E34000
|
unkown
|
page read and write
|
||
|
1E1DDEA2000
|
trusted library allocation
|
page read and write
|
||
|
13DBB181000
|
heap
|
page read and write
|
||
|
651B9FF000
|
stack
|
page read and write
|
||
|
13DBB122000
|
heap
|
page read and write
|
||
|
55638FE000
|
stack
|
page read and write
|
||
|
ED0000
|
heap
|
page readonly
|
||
|
19985E2B000
|
unkown
|
page read and write
|
||
|
7FFB4AE84000
|
trusted library allocation
|
page read and write
|
||
|
13DBA89B000
|
heap
|
page read and write
|
||
|
521E000
|
stack
|
page read and write
|
||
|
13DBB14A000
|
heap
|
page read and write
|
||
|
13DBB17F000
|
heap
|
page read and write
|
||
|
70B8000
|
heap
|
page read and write
|
||
|
17F2D077000
|
heap
|
page read and write
|
||
|
7FFB4B060000
|
trusted library allocation
|
page execute and read and write
|
||
|
10B62FB0000
|
heap
|
page read and write
|
||
|
13DBB113000
|
heap
|
page read and write
|
||
|
13DBB19C000
|
heap
|
page read and write
|
||
|
13DBA913000
|
heap
|
page read and write
|
||
|
7FF5DD2A8000
|
unkown
|
page readonly
|
||
|
20CCDF31000
|
heap
|
page read and write
|
||
|
22705B02000
|
heap
|
page read and write
|
||
|
62720FE000
|
stack
|
page read and write
|
||
|
256D6095000
|
heap
|
page read and write
|
||
|
7FFB4AE68000
|
trusted library allocation
|
page read and write
|
||
|
74FF000
|
stack
|
page read and write
|
||
|
1E1DDBC0000
|
trusted library allocation
|
page read and write
|
||
|
20CCDF2A000
|
heap
|
page read and write
|
||
|
7FFB4B017000
|
trusted library allocation
|
page read and write
|
||
|
500000
|
heap
|
page read and write
|
||
|
1DF92A02000
|
heap
|
page read and write
|
||
|
7FFB4B012000
|
trusted library allocation
|
page read and write
|
||
|
13DBB67D000
|
heap
|
page read and write
|
||
|
22717830000
|
trusted library allocation
|
page read and write
|
||
|
1FC805D6000
|
trusted library allocation
|
page read and write
|
||
|
13DBB180000
|
heap
|
page read and write
|
||
|
22705820000
|
heap
|
page read and write
|
||
|
19985E13000
|
unkown
|
page read and write
|
||
|
55637FE000
|
stack
|
page read and write
|
||
|
1FCF8515000
|
heap
|
page read and write
|
||
|
13DBB102000
|
heap
|
page read and write
|
||
|
13DBB152000
|
heap
|
page read and write
|
||
|
7FFB4AE74000
|
trusted library allocation
|
page read and write
|
||
|
556E000
|
heap
|
page read and write
|
||
|
19986000000
|
unkown
|
page readonly
|
||
|
C6029FD000
|
stack
|
page read and write
|
||
|
1D0E8675000
|
heap
|
page read and write
|
||
|
13DBB13D000
|
heap
|
page read and write
|
||
|
22705AE4000
|
heap
|
page read and write
|
||
|
13DBB16B000
|
heap
|
page read and write
|
||
|
13DBB13B000
|
heap
|
page read and write
|
||
|
17F47700000
|
heap
|
page read and write
|
||
|
4E04FF000
|
stack
|
page read and write
|
||
|
13DBB135000
|
heap
|
page read and write
|
||
|
55635FE000
|
stack
|
page read and write
|
||
|
7FFB4AE64000
|
trusted library allocation
|
page read and write
|
||
|
256D60A9000
|
heap
|
page read and write
|
||
|
1FC90079000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF56000
|
trusted library allocation
|
page execute and read and write
|
||
|
13DBB187000
|
heap
|
page read and write
|
||
|
19986602000
|
unkown
|
page read and write
|
||
|
EE2000
|
stack
|
page read and write
|
||
|
13DBB12B000
|
heap
|
page read and write
|
||
|
13DBB68B000
|
heap
|
page read and write
|
||
|
13DBB179000
|
heap
|
page read and write
|
||
|
4E02FB000
|
stack
|
page read and write
|
||
|
7FFB4B020000
|
trusted library allocation
|
page read and write
|
||
|
227075C1000
|
trusted library allocation
|
page read and write
|
||
|
13DBB702000
|
heap
|
page read and write
|
||
|
55634FE000
|
stack
|
page read and write
|
||
|
7FF5DD21B000
|
unkown
|
page readonly
|
||
|
7FF5DD22E000
|
unkown
|
page readonly
|
||
|
2453D720000
|
heap
|
page read and write
|
||
|
1E1DBEDC000
|
heap
|
page read and write
|
||
|
7FFB4AECC000
|
trusted library allocation
|
page execute and read and write
|
||
|
256D6060000
|
heap
|
page read and write
|
||
|
1FC8028F000
|
trusted library allocation
|
page read and write
|
||
|
1D0E8645000
|
heap
|
page read and write
|
||
|
7FF5DD20F000
|
unkown
|
page readonly
|
||
|
17F2D0B5000
|
heap
|
page read and write
|
||
|
1D0901C1000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B00B000
|
trusted library allocation
|
page read and write
|
||
|
227059B0000
|
heap
|
page execute and read and write
|
||
|
7FFB4AE79000
|
trusted library allocation
|
page read and write
|
||
|
13DBB67F000
|
heap
|
page read and write
|
||
|
13DBB15B000
|
heap
|
page read and write
|
||
|
1D0E8430000
|
heap
|
page read and write
|
||
|
13DBB11B000
|
heap
|
page read and write
|
||
|
1FC800E6000
|
trusted library allocation
|
page read and write
|
||
|
10B62DB0000
|
heap
|
page read and write
|
||
|
7FFB4AE7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
F63FFE000
|
unkown
|
page readonly
|
||
|
13DBB15A000
|
heap
|
page read and write
|
||
|
20CCDE80000
|
heap
|
page read and write
|
||
|
17222304000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE89000
|
trusted library allocation
|
page read and write
|
||
|
651BFFE000
|
stack
|
page read and write
|
||
|
7FFB4B018000
|
trusted library allocation
|
page read and write
|
||
|
17220222000
|
heap
|
page read and write
|
||
|
13DBB66D000
|
heap
|
page read and write
|
||
|
55632F2000
|
stack
|
page read and write
|
||
|
13DBB655000
|
heap
|
page read and write
|
||
|
7FFB4B024000
|
trusted library allocation
|
page read and write
|
||
|
2271FF3A000
|
heap
|
page read and write
|
||
|
13DBB16B000
|
heap
|
page read and write
|
||
|
1DF92A00000
|
heap
|
page read and write
|
||
|
22705ADC000
|
heap
|
page read and write
|
||
|
7FFB4B070000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4AF2C000
|
trusted library allocation
|
page execute and read and write
|
||
|
651BBFE000
|
stack
|
page read and write
|
||
|
7FF5DD203000
|
unkown
|
page readonly
|
||
|
1FC80281000
|
trusted library allocation
|
page read and write
|
||
|
1FC8019C000
|
trusted library allocation
|
page read and write
|
||
|
F63FFE000
|
unkown
|
page readonly
|
||
|
7FFB4B030000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE62000
|
trusted library allocation
|
page read and write
|
||
|
F292BFD000
|
stack
|
page read and write
|
||
|
13DBB11D000
|
heap
|
page read and write
|
||
|
17F2D102000
|
heap
|
page read and write
|
||
|
1D0E863E000
|
heap
|
page read and write
|
||
|
227059C3000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B000000
|
trusted library allocation
|
page read and write
|
||
|
58E0000
|
heap
|
page read and write
|
||
|
7FFB4B008000
|
trusted library allocation
|
page read and write
|
||
|
1FC801C7000
|
trusted library allocation
|
page read and write
|
||
|
172204F0000
|
trusted library allocation
|
page read and write
|
||
|
1D0E8600000
|
heap
|
page read and write
|
||
|
13DBA8AF000
|
heap
|
page read and write
|
||
|
1D08002E000
|
trusted library allocation
|
page read and write
|
||
|
13708FE000
|
unkown
|
page readonly
|
||
|
10B62EF1000
|
heap
|
page read and write
|
||
|
1FC80236000
|
trusted library allocation
|
page read and write
|
||
|
1FCF8318000
|
unkown
|
page readonly
|
||
|
1E1DBD60000
|
heap
|
page read and write
|
||
|
2271F5D0000
|
trusted library allocation
|
page read and write
|
||
|
49E0000
|
heap
|
page readonly
|
||
|
13DBA96D000
|
heap
|
page read and write
|
||
|
70B4000
|
heap
|
page read and write
|
||
|
1FC8010E000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B020000
|
trusted library allocation
|
page read and write
|
||
|
17231FA7000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF90000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FC80191000
|
trusted library allocation
|
page read and write
|
||
|
1D090360000
|
trusted library allocation
|
page read and write
|
||
|
17220510000
|
heap
|
page execute and read and write
|
||
|
13DBB17F000
|
heap
|
page read and write
|
||
|
7FFB4B060000
|
trusted library allocation
|
page execute and read and write
|
||
|
F63F7C000
|
stack
|
page read and write
|
||
|
1D0E85D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B000000
|
trusted library allocation
|
page read and write
|
||
|
651C2FD000
|
stack
|
page read and write
|
||
|
1FC80125000
|
trusted library allocation
|
page read and write
|
||
|
1D0EAB00000
|
heap
|
page read and write
|
||
|
20CD1350000
|
heap
|
page read and write
|
||
|
1FC8020A000
|
trusted library allocation
|
page read and write
|
||
|
513C000
|
stack
|
page read and write
|
||
|
172201B0000
|
heap
|
page read and write
|
||
|
13DBA872000
|
heap
|
page read and write
|
||
|
1370AFE000
|
unkown
|
page readonly
|
||
|
20CCE1A0000
|
heap
|
page read and write
|
||
|
459000
|
system
|
page execute and read and write
|
||
|
13DBB647000
|
heap
|
page read and write
|
||
|
900937F000
|
stack
|
page read and write
|
||
|
227075CE000
|
trusted library allocation
|
page read and write
|
||
|
1FC801A1000
|
trusted library allocation
|
page read and write
|
||
|
D90000
|
heap
|
page read and write
|
||
|
7FFB4AF96000
|
trusted library allocation
|
page execute and read and write
|
||
|
10B62EB0000
|
heap
|
page read and write
|
||
|
1D080021000
|
trusted library allocation
|
page read and write
|
||
|
22720010000
|
heap
|
page read and write
|
||
|
13DBB159000
|
heap
|
page read and write
|
||
|
1E1DBEE4000
|
heap
|
page read and write
|
||
|
13DBB152000
|
heap
|
page read and write
|
||
|
10B62EF1000
|
heap
|
page read and write
|
||
|
51D0000
|
heap
|
page readonly
|
||
|
7FFB4AF9A000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF5DD21F000
|
unkown
|
page readonly
|
||
|
1FCF8905000
|
heap
|
page read and write
|
||
|
256D5FD0000
|
heap
|
page read and write
|
||
|
7FFB4AEBC000
|
trusted library allocation
|
page execute and read and write
|
||
|
172201C0000
|
heap
|
page read and write
|
||
|
7FF5DD2A0000
|
unkown
|
page readonly
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
13DBB10F000
|
heap
|
page read and write
|
||
|
13DBB16F000
|
heap
|
page read and write
|
||
|
1DF92580000
|
trusted library allocation
|
page read and write
|
||
|
10DF07D000
|
stack
|
page read and write
|
||
|
1E1DC0E0000
|
trusted library allocation
|
page read and write
|
||
|
13DBB135000
|
heap
|
page read and write
|
||
|
1FCF8725000
|
heap
|
page read and write
|
||
|
13DBB15F000
|
heap
|
page read and write
|
||
|
10B62EE1000
|
heap
|
page read and write
|
||
|
7FF5DD28D000
|
unkown
|
page readonly
|
||
|
1FC80202000
|
trusted library allocation
|
page read and write
|
||
|
7FF5DD22B000
|
unkown
|
page readonly
|
||
|
45D000
|
system
|
page execute and read and write
|
||
|
6E5F000
|
stack
|
page read and write
|
||
|
1D0E85B0000
|
heap
|
page read and write
|
||
|
17F2D040000
|
heap
|
page read and write
|
||
|
19985E40000
|
unkown
|
page read and write
|
||
|
19986391000
|
unkown
|
page readonly
|
||
|
13DBB119000
|
heap
|
page read and write
|
||
|
1DF92724000
|
heap
|
page read and write
|
||
|
17220302000
|
heap
|
page read and write
|
||
|
F644FE000
|
stack
|
page read and write
|
||
|
1D0805D6000
|
trusted library allocation
|
page read and write
|
||
|
13DBB692000
|
heap
|
page read and write
|
||
|
C6022FE000
|
stack
|
page read and write
|
||
|
13DBB198000
|
heap
|
page read and write
|
||
|
7FFB4B020000
|
trusted library allocation
|
page read and write
|
||
|
720000
|
heap
|
page read and write
|
||
|
17F2D0E3000
|
heap
|
page read and write
|
||
|
19985C70000
|
unkown
|
page readonly
|
||
|
13706FE000
|
unkown
|
page readonly
|
||
|
1FC802A3000
|
trusted library allocation
|
page read and write
|
||
|
1FC8020D000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE63000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FCF84CD000
|
heap
|
page read and write
|
||
|
1E1F5BD0000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE64000
|
trusted library allocation
|
page read and write
|
||
|
69B0000
|
heap
|
page read and write
|
||
|
13DBB68F000
|
heap
|
page read and write
|
||
|
20CCDF32000
|
heap
|
page read and write
|
||
|
77F6000
|
heap
|
page read and write
|
||
|
530D000
|
heap
|
page read and write
|
||
|
1DF92550000
|
heap
|
page read and write
|
||
|
1E1DBE47000
|
heap
|
page read and write
|
||
|
13DBB666000
|
heap
|
page read and write
|
||
|
7FFB4B005000
|
trusted library allocation
|
page read and write
|
||
|
1FC8025B000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE72000
|
trusted library allocation
|
page read and write
|
||
|
19985BF0000
|
unkown
|
page readonly
|
||
|
17F2CF50000
|
heap
|
page read and write
|
||
|
F292CFF000
|
stack
|
page read and write
|
||
|
7050000
|
heap
|
page read and write
|
||
|
49F0000
|
heap
|
page read and write
|
||
|
473000
|
system
|
page execute and read and write
|
||
|
13DBB658000
|
heap
|
page read and write
|
||
|
13DBB162000
|
heap
|
page read and write
|
||
|
7FFB4AFA9000
|
trusted library allocation
|
page execute and read and write
|
||
|
13DBB155000
|
heap
|
page read and write
|
||
|
4A0000
|
heap
|
page read and write
|
||
|
651BCFD000
|
stack
|
page read and write
|
||
|
1E1DDBCD000
|
trusted library allocation
|
page read and write
|
||
|
5D317FE000
|
stack
|
page read and write
|
||
|
400000
|
system
|
page execute and read and write
|
||
|
13DBB15D000
|
heap
|
page read and write
|
||
|
478000
|
remote allocation
|
page execute and read and write
|
||
|
1D0E8913000
|
heap
|
page read and write
|
||
|
589E000
|
stack
|
page read and write
|
||
|
1FCF8300000
|
unkown
|
page readonly
|
||
|
13DBB17F000
|
heap
|
page read and write
|
||
|
1B0776D0000
|
heap
|
page read and write
|
||
|
13DBB724000
|
heap
|
page read and write
|
||
|
1E1DBE2D000
|
heap
|
page read and write
|
||
|
52F0000
|
heap
|
page read and write
|
||
|
7FFB4B05E000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF46000
|
trusted library allocation
|
page execute and read and write
|
||
|
1E1DDEA4000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B040000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B052000
|
trusted library allocation
|
page read and write
|
||
|
13DBA880000
|
heap
|
page read and write
|
||
|
7FFB4B062000
|
trusted library allocation
|
page read and write
|
||
|
5D31CFF000
|
stack
|
page read and write
|
||
|
1FC80269000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B010000
|
trusted library allocation
|
page read and write
|
||
|
1FC80271000
|
trusted library allocation
|
page read and write
|
||
|
13DBB6CE000
|
heap
|
page read and write
|
||
|
556A000
|
heap
|
page read and write
|
||
|
256D5FE0000
|
heap
|
page read and write
|
||
|
13DBB110000
|
heap
|
page read and write
|
||
|
13DBB712000
|
heap
|
page read and write
|
||
|
13DBA89B000
|
heap
|
page read and write
|
||
|
1FC90007000
|
trusted library allocation
|
page read and write
|
||
|
17F2D402000
|
heap
|
page read and write
|
||
|
13DBB179000
|
heap
|
page read and write
|
||
|
17F2EDD7000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B008000
|
trusted library allocation
|
page read and write
|
||
|
13DBB15B000
|
heap
|
page read and write
|
||
|
7FFB4B059000
|
trusted library allocation
|
page read and write
|
||
|
13DBB152000
|
heap
|
page read and write
|
||
|
17F2D0EF000
|
heap
|
page read and write
|
||
|
22705A26000
|
heap
|
page read and write
|
||
|
1FC80133000
|
trusted library allocation
|
page read and write
|
||
|
20CCE1EB000
|
heap
|
page read and write
|
||
|
55FC000
|
stack
|
page read and write
|
||
|
7290000
|
heap
|
page read and write
|
||
|
5475000
|
heap
|
page read and write
|
||
|
13DBA902000
|
heap
|
page read and write
|
||
|
13DBA881000
|
heap
|
page read and write
|
||
|
13DBB67E000
|
heap
|
page read and write
|
||
|
622F6FE000
|
stack
|
page read and write
|
||
|
7FFB4B050000
|
trusted library allocation
|
page read and write
|
||
|
22705A44000
|
heap
|
page read and write
|
||
|
10000000
|
direct allocation
|
page read and write
|
||
|
7FFB4AE80000
|
trusted library allocation
|
page read and write
|
||
|
137027E000
|
stack
|
page read and write
|
||
|
256D6073000
|
heap
|
page read and write
|
||
|
13DBB11F000
|
heap
|
page read and write
|
||
|
1DF92B02000
|
heap
|
page read and write
|
||
|
39902FF000
|
stack
|
page read and write
|
||
|
13DBB130000
|
heap
|
page read and write
|
||
|
41B000
|
system
|
page execute and read and write
|
||
|
13DBB72F000
|
heap
|
page read and write
|
||
|
7FFB4AE7D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4AF86000
|
trusted library allocation
|
page execute and read and write
|
||
|
13DBA8EB000
|
heap
|
page read and write
|
||
|
AC000
|
stack
|
page read and write
|
||
|
1FC801D8000
|
trusted library allocation
|
page read and write
|
||
|
1E1DBE22000
|
heap
|
page read and write
|
||
|
622F4FE000
|
stack
|
page read and write
|
||
|
227175A7000
|
trusted library allocation
|
page read and write
|
||
|
1DF9261B000
|
unkown
|
page read and write
|
||
|
5600000
|
heap
|
page read and write
|
||
|
7FFB4AF20000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FC80136000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AE82000
|
trusted library allocation
|
page read and write
|
||
|
1FC801DE000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4AF99000
|
trusted library allocation
|
page execute and read and write
|
||
|
1DF92637000
|
heap
|
page read and write
|
||
|
1FCFA9DF000
|
heap
|
page read and write
|
||
|
17F47602000
|
heap
|
page execute and read and write
|
||
|
17222302000
|
trusted library allocation
|
page read and write
|
||
|
7FFB4B030000
|
trusted library allocation
|
page read and write
|
||
|
C6020FB000
|
stack
|
page read and write
|
||
|
13DBA780000
|
trusted library allocation
|
page read and write
|
||
|
256D60AD000
|
heap
|
page read and write
|
||
|
77F8000
|
heap
|
page read and write
|
||
|
17F4773A000
|
heap
|
page read and write
|
||
|
7FFB4AE79000
|
trusted library allocation
|
page read and write
|
||
|
1DF92B13000
|
heap
|
page read and write
|
||
|
172202E1000
|
heap
|
page read and write
|
||
|
17F2D0A7000
|
heap
|
page read and write
|
||
|
7FFB4B002000
|
trusted library allocation
|
page read and write
|
||
|
13DBB6F4000
|
heap
|
page read and write
|
||
|
7FFB4B027000
|
trusted library allocation
|
page read and write
|
||
|
1D0E863B000
|
heap
|
page read and write
|
||
|
13DBB154000
|
heap
|
page read and write
|
||
|
17F2D013000
|
heap
|
page read and write
|
||
|
478000
|
remote allocation
|
page execute and read and write
|
||
|
651C0FD000
|
stack
|
page read and write
|
||
|
17F2D000000
|
heap
|
page read and write
|
||
|
70D1000
|
heap
|
page read and write
|
||
|
13DBB114000
|
heap
|
page read and write
|
||
|
7090000
|
heap
|
page read and write
|
||
|
7FFB4AE9D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFB4AF20000
|
trusted library allocation
|
page execute and read and write
|
||
|
1FC802F3000
|
trusted library allocation
|
page read and write
|
||
|
20CCDF29000
|
heap
|
page read and write
|
||
|
7FFB4B02A000
|
trusted library allocation
|
page read and write
|
||
|
1FCF8900000
|
heap
|
page read and write
|
||
|
19986391000
|
unkown
|
page readonly
|
||
|
7FF5DD287000
|
unkown
|
page readonly
|
||
|
630000
|
heap
|
page read and write
|
||
|
19985D60000
|
heap
|
page read and write
|
||
|
1DF92B13000
|
heap
|
page read and write
|
||
|
20CD1360000
|
trusted library allocation
|
page read and write
|
||
|
13DBA8BB000
|
heap
|
page read and write
|
||
|
1E1DBE00000
|
heap
|
page read and write
|
||
|
10B62EF1000
|
heap
|
page read and write
|
||
|
13DBB12C000
|
heap
|
page read and write
|
||
|
17F48010000
|
heap
|
page read and write
|
||
|
227175A1000
|
trusted library allocation
|
page read and write
|
||
|
1E1DBE3E000
|
heap
|
page read and write
|
||
|
398FF62000
|
stack
|
page read and write
|
||
|
7FFB4AE64000
|
trusted library allocation
|
page read and write
|
||
|
1E1DBED9000
|
heap
|
page read and write
|
||
|
13DBB105000
|
heap
|
page read and write
|
There are 1338 hidden memdumps, click here to show them.