IOC Report
NhWAWEhCi7.exe

loading gif

Files

File Path
Type
Category
Malicious
NhWAWEhCi7.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\huge[1].dat
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
dropped
 malicious
C:\Users\user\AppData\Local\Temp\9FC5.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\D57C.exe
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
modified
 malicious
C:\Users\user\AppData\Local\Temp\nsk862A.tmp\liteFirewall.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\nslCBA9.tmp\blowfish.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\setup.exe
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
dropped
 malicious
C:\Users\user\AppData\Roaming\GamePall\Del.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\GamePall\Newtonsoft.Json.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\GamePall\Uninstall.exe
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
dropped
 malicious
C:\Users\user\AppData\Roaming\GamePall\Xilium.CefGlue.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\GamePall\chrome_elf.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\GamePall\d3dcompiler_47.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\GamePall\libEGL.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\GamePall\libGLESv2.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\GamePall\libcef.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\GamePall\log4net.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\GamePall\swiftshader\libEGL.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\GamePall\swiftshader\libGLESv2.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\GamePall\vk_swiftshader.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\GamePall\vulkan-1.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\bbehcjh
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Roaming\bbehcjh:Zone.Identifier
ASCII text, with CRLF line terminators
dropped
 malicious
C:\Users\user\AppData\Local\Temp\nslCBA9.tmp\INetC.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\nslCBA9.tmp\nsProcess.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\nsw1781.tmp
data
dropped
C:\Users\user\AppData\Roaming\GamePall\DawnCache\data_0
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
dropped
C:\Users\user\AppData\Roaming\GamePall\DawnCache\data_1
data
dropped
C:\Users\user\AppData\Roaming\GamePall\DawnCache\data_2
data
dropped
C:\Users\user\AppData\Roaming\GamePall\DawnCache\data_3
data
modified
C:\Users\user\AppData\Roaming\GamePall\DawnCache\index
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
dropped
C:\Users\user\AppData\Roaming\GamePall\GPUCache\data_0
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
dropped
C:\Users\user\AppData\Roaming\GamePall\GPUCache\data_1
data
dropped
C:\Users\user\AppData\Roaming\GamePall\GPUCache\data_2
data
dropped
C:\Users\user\AppData\Roaming\GamePall\GPUCache\data_3
data
dropped
C:\Users\user\AppData\Roaming\GamePall\GPUCache\index
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
dropped
C:\Users\user\AppData\Roaming\GamePall\Ionic.Zip.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
C:\Users\user\AppData\Roaming\GamePall\Newtonsoft.Json.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Roaming\GamePall\cef.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\cef_100_percent.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\cef_200_percent.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\cef_extensions.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\cef_sandbox.lib
current ar archive
dropped
C:\Users\user\AppData\Roaming\GamePall\chrome_100_percent.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\chrome_200_percent.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\d3dcompiler_43.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Roaming\GamePall\devtools_resources.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\icudtl.dat
data
dropped
C:\Users\user\AppData\Roaming\GamePall\libcef.lib
current ar archive
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\af.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\am.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\ar.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\bg.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\bn.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\ca.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\cs.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\da.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\de.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\el.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\en-GB.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\en-US.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\es-419.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\es.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\et.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\fa.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\fi.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\fil.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\fr.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\gu.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\he.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\hi.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\hr.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\hu.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\id.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\it.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\ja.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\kn.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\ko.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\lt.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\lv.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\ml.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\mr.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\ms.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\nb.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\nl.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\pl.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\pt-BR.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\pt-PT.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\ro.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\ru.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\sk.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\sl.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\sr.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\sv.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\sw.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\ta.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\te.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\th.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\tr.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\uk.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\ur.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\vi.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\zh-CN.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\locales\zh-TW.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\log4net.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Roaming\GamePall\natives_blob.bin
data
dropped
C:\Users\user\AppData\Roaming\GamePall\resources.pak
data
dropped
C:\Users\user\AppData\Roaming\GamePall\snapshot_blob.bin
data
dropped
C:\Users\user\AppData\Roaming\GamePall\start.bat
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Roaming\GamePall\swiftshader\Xilium.CefGlue.pdb
MSVC program database ver 7.00, 512*4023 bytes
dropped
C:\Users\user\AppData\Roaming\GamePall\v8_context_snapshot.bin
data
dropped
C:\Users\user\AppData\Roaming\GamePall\vk_swiftshader_icd.json
JSON data
dropped
C:\Users\user\AppData\Roaming\GamePall\widevinecdmadapter.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
There are 104 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\NhWAWEhCi7.exe
"C:\Users\user\Desktop\NhWAWEhCi7.exe"
 malicious
C:\Windows\explorer.exe
C:\Windows\Explorer.EXE
 malicious
C:\Users\user\AppData\Roaming\bbehcjh
C:\Users\user\AppData\Roaming\bbehcjh
 malicious
C:\Users\user\AppData\Local\Temp\9FC5.exe
C:\Users\user\AppData\Local\Temp\9FC5.exe
 malicious
C:\Users\user\AppData\Local\Temp\D57C.exe
C:\Users\user\AppData\Local\Temp\D57C.exe
 malicious
C:\Users\user\AppData\Local\Temp\setup.exe
"C:\Users\user\AppData\Local\Temp\setup.exe"
 malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
 malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe" --type=gpu-process --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; CPU OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5.1 Mobile/15E148 Safari/604.1" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --log-file="C:\Users\user\AppData\Roaming\GamePall\debug.log" --mojo-platform-channel-handle=3176 --field-trial-handle=3180,i,14998134109693806898,1323138317393721428,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:2
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; CPU OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5.1 Mobile/15E148 Safari/604.1" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Users\user\AppData\Roaming\GamePall\debug.log" --mojo-platform-channel-handle=3420 --field-trial-handle=3180,i,14998134109693806898,1323138317393721428,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:8
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; CPU OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5.1 Mobile/15E148 Safari/604.1" --lang=en-US --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --log-file="C:\Users\user\AppData\Roaming\GamePall\debug.log" --mojo-platform-channel-handle=3784 --field-trial-handle=3180,i,14998134109693806898,1323138317393721428,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:8
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; CPU OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5.1 Mobile/15E148 Safari/604.1" --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\user\AppData\Roaming\GamePall\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --time-ticks-at-unix-epoch=-1719821616869761 --launch-time-ticks=6013536112 --mojo-platform-channel-handle=4012 --field-trial-handle=3180,i,14998134109693806898,1323138317393721428,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:1
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe" --type=renderer --log-severity=disable --user-agent="Mozilla/5.0 (Macintosh; CPU OS 17_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5.1 Mobile/15E148 Safari/604.1" --user-data-dir="C:\Users\user\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\user\AppData\Roaming\GamePall\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --time-ticks-at-unix-epoch=-1719821616869761 --launch-time-ticks=6013552940 --mojo-platform-channel-handle=4092 --field-trial-handle=3180,i,14998134109693806898,1323138317393721428,262144 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,DocumentPictureInPictureAPI /prefetch:1
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe"
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe"
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe"
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe"
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe"
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe"
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe"
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe"
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe"
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe"
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe"
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe"
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe"
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe"
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe"
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe"
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe"
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe"
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe"
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe"
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe"
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe"
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe"
malicious
C:\Users\user\AppData\Roaming\GamePall\GamePall.exe
"C:\Users\user\AppData\Roaming\GamePall\GamePall.exe"
malicious
There are 26 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://cx5519.com/tmp/index.php
malicious
http://evilos.cc/tmp/index.php
malicious
ellaboratepwsz.xyz
malicious
swellfrrgwwos.xyz
malicious
foodypannyjsud.shop
malicious
https://anglebug.com/4674
unknown
https://chrome.google.com/webstore?hl=vi&category=theme81https://myactivity.google.com/myactivity/?u
unknown
https://www.google.com/chrome/privacy/eula_text.htmlA&judaGestionat
unknown
https://aka.ms/odirmr
unknown
https://duckduckgo.com/chrome_newtab
unknown
https://duckduckgo.com/ac/?q=
unknown
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13f2DV
unknown
http://anglebug.com/8280enableTranslatedShaderSubstitutionCheck
unknown
http://api.install-stat.debug.world/clients/activity.0
unknown
https://support.google.com/chrome/answer/6098869
unknown
https://www.google.com/chrome/privacy/eula_text.htmlP&al
unknown
https://api.msn.com:443/v1/news/Feed/Windows?
unknown
http://anglebug.com/4633
unknown
https://anglebug.com/7382
unknown
https://bridge.lga1.admarketplace.net/ctp?version=16.0.0&key=1696332238301000001.2&ci=1696332238417.
unknown
https://issuetracker.google.com/284462263
unknown
http://logging.apache.org/log4net/release/faq.html#trouble-EventLog
unknown
http://crbug.com/550292
unknown
https://chrome.google.com/webstore?hl=urCtrl$2
unknown
https://simpleflying.com/how-do-you-become-an-air-traffic-controller/
unknown
http://crbug.com/883276
unknown
https://foodypannyjsud.shop/api)
unknown
https://foodypannyjsud.shop/w5
unknown
https://crbug.com/1356053
unknown
https://photos.google.com/settings?referrer=CHROME_NTP
unknown
https://anglebug.com/7714
unknown
https://anglebug.com/5536
unknown
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gTUY
unknown
https://foodypannyjsud.shop/pii
unknown
https://chromeenterprise.google/policies/#BrowserSwitcherExternalGreylistUrl
unknown
https://crbug.com/705865
unknown
http://crbug.com/110263
unknown
http://anglebug.com/6248
unknown
https://foodypannyjsud.shop:443/apiuY
unknown
http://anglebug.com/6929
unknown
http://anglebug.com/5281
unknown
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
http://bageyou.xyz
unknown
http://logging.apache.org/log4ne
unknown
https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_7548d4575af019e4c148ccf1a78112802e66a0816a72fc94
unknown
https://issuetracker.google.com/255411748
unknown
https://foodypannyjsud.shop/apim
unknown
https://wns.windows.com/L
unknown
https://anglebug.com/7246
unknown
https://anglebug.com/7369
unknown
https://anglebug.com/7489
unknown
https://chrome.google.com/webstore?hl=arCtrl$1
unknown
https://crbug.com/593024
unknown
https://assets.msn.com/weathermapdata/1/static/finance/1stparty/FinanceTaskbarIcons/Finance_Earnings
unknown
https://crbug.com/1137851
unknown
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gHZu
unknown
https://www.msn.com/en-us/weather/topstories/us-weather-super-el-nino-to-bring-more-flooding-and-win
unknown
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
unknown
https://bridge.lga1.ap01.net/ctp?version=16.0.0&key=1696332238301000001.1&ci=1696332238417.12791&cta
unknown
https://foodypannyjsud.shop/apib
unknown
http://ocsp.rootca1.amazontrust.com0:
unknown
https://issuetracker.google.com/161903006
unknown
https://www.google.com/chrome/privacy/eula_text.html&
unknown
http://anglebug.com/2152skipVSConstantRegisterZeroIn
unknown
https://crbug.com/1300575
unknown
https://www.google.com/chrome/privacy/eula_text.htmlT&r
unknown
https://www.ecosia.org/newtab/
unknown
https://www.msn.com/en-us/news/politics/clarence-thomas-in-spotlight-as-supreme-court-delivers-blow-
unknown
http://xiexie.wf/22_551/huge.dat
unknown
https://crbug.com/710443
unknown
https://crbug.com/1042393
unknown
https://rouonixon.com/4/4284489/?ymid=831224434781065217&var=4284488&price=
unknown
https://crbug.com/1060012
unknown
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMeu
unknown
http://anglebug.com/3078
unknown
http://anglebug.com/7553
unknown
https://chromeenterprise.google/policies/#BrowserSwitcherExternalSitelistUrl
unknown
http://anglebug.com/5375
unknown
http://anglebug.com/3246allowClearForRobustResourceInitSome
unknown
http://nsis.sf.net/NSIS_Error
unknown
https://chrome.google.com/webstore?hl=tr&category=theme81https://myactivity.google.com/myactivity/?u
unknown
http://anglebug.com/5371
unknown
https://chrome.google.com/webstore?hl=ukCtrl$1
unknown
https://www.rd.com/list/polite-habits-campers-dislike/
unknown
http://anglebug.com/3997
unknown
http://anglebug.com/4722
unknown
http://crbug.com/642605
unknown
http://anglebug.com/1452
unknown
http://anglebug.com/7556
unknown
https://support.google.com/chrome/a/answer/9122284
unknown
https://foodypannyjsud.shop/F9
unknown
https://outlook.com_
unknown
https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examples
unknown
https://chrome.google.com/webstore?hl=caCtrl$1
unknown
https://foodypannyjsud.shop/apiD
unknown
https://www.msn.com/en-us/news/world/agostini-krausz-and-l-huillier-win-physics-nobel-for-looking-at
unknown
https://crbug.com/650547callClearTwiceUsing
unknown
https://chrome.google.com/webstore?hl=teCtrl$1
unknown
https://svn.apache.org/repos/asf/logging/log4net/tags/2.0.8RC1
unknown
http://crbug.com/1420130
unknown
There are 90 hidden URLs, click here to show them.

IPs

IP
Domain
Country
Malicious
188.114.97.3
unknown
European Union
malicious
141.8.192.6
unknown
Russian Federation
malicious
189.61.54.32
unknown
Brazil
malicious
127.0.0.127
unknown
unknown
malicious
139.45.197.238
unknown
Netherlands
1.1.1.1
unknown
Australia
172.67.221.174
unknown
United States

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
{33154C99-BF49-443D-A73C-303A23ABBE97} {886D8EEB-8CF2-4446-8D02-CDBA1DBDCF99} 0xFFFF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
{A38B883C-1682-497E-97B0-0A3A9E801682} {886D8EEB-8CF2-4446-8D02-CDBA1DBDCF99} 0xFFFF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\24\417C44EB
@explorerframe.dll,-13137
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\24\417C44EB
@explorerframe.dll,-13138
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zip\OpenWithProgids
Unpacker
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:000000000003029E
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.Furyy.EhaQvnybt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\wbarf\NccQngn\Ebnzvat\TnzrCnyy\TnzrCnyy.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
a
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
MRUList
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000050548
VirtualDesktop
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Shell\Bags\1\Desktop
IconLayouts
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102
CheckSetting
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced
TaskbarStateLastRun
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\Component Categories64\{00021492-0000-0000-C000-000000000046}\Enum
Implementing
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\OpenWithProgids
WMP11.AssocFile.3G2
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\OpenWithProgids
WMP11.AssocFile.3GP
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\OpenWithProgids
WMP11.AssocFile.3G2
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\OpenWithProgids
WMP11.AssocFile.3GP
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aac\OpenWithProgids
WMP11.AssocFile.ADTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\OpenWithProgids
WMP11.AssocFile.AIFF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\OpenWithProgids
WMP11.AssocFile.ASF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\OpenWithProgids
WMP11.AssocFile.ASX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\OpenWithProgids
WMP11.AssocFile.AU
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au3\OpenWithProgids
AutoIt3Script
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\OpenWithProgids
WMP11.AssocFile.AVI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\OpenWithProgids
Paint.Picture
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cab\OpenWithProgids
CABFolder
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cdxml\OpenWithProgids
Microsoft.PowerShellCmdletDefinitionXML.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.css\OpenWithProgids
CSSfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.csv\OpenWithProgids
Excel.CSV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dds\OpenWithProgids
ddsfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\OpenWithProgids
Paint.Picture
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dll\OpenWithProgids
dllfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\OpenWithProgids
Word.Document.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docm\OpenWithProgids
Word.DocumentMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\OpenWithProgids
Word.Document.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dot\OpenWithProgids
Word.Template.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotm\OpenWithProgids
Word.TemplateMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotx\OpenWithProgids
Word.Template.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\OpenWithProgids
emffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids
exefile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\OpenWithProgids
WMP11.AssocFile.FLAC
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fon\OpenWithProgids
fonfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\OpenWithProgids
giffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithProgids
htmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\OpenWithProgids
icofile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inf\OpenWithProgids
inffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ini\OpenWithProgids
inifile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\OpenWithProgids
pjpegfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\OpenWithProgids
jpegfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jxr\OpenWithProgids
wdpfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\OpenWithProgids
lnkfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2t\OpenWithProgids
WMP11.AssocFile.M2TS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2v\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\OpenWithProgids
WMP11.AssocFile.m3u
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\OpenWithProgids
WMP11.AssocFile.M4A
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\OpenWithProgids
WMP11.AssocFile.MP4
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\OpenWithProgids
mhtmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\OpenWithProgids
WMP11.AssocFile.MIDI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mk3d\OpenWithProgids
WMP11.AssocFile.MK3D
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mka\OpenWithProgids
WMP11.AssocFile.MKA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\OpenWithProgids
WMP11.AssocFile.MKV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mod\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\OpenWithProgids
WMP11.AssocFile.MOV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MP2\OpenWithProgids
WMP11.AssocFile.MP3
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\OpenWithProgids
WMP11.AssocFile.MP4
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.msg\OpenWithProgids
Outlook.File.msg.15
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mts\OpenWithProgids
WMP11.AssocFile.M2TS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ocx\OpenWithProgids
ocxfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odp\OpenWithProgids
PowerPoint.OpenDocumentPresentation.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ods\OpenWithProgids
Excel.OpenDocumentSpreadsheet.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odt\OpenWithProgids
Word.OpenDocumentText.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.otf\OpenWithProgids
otffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithProgids
pngfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pot\OpenWithProgids
PowerPoint.Template.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potm\OpenWithProgids
PowerPoint.TemplateMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potx\OpenWithProgids
PowerPoint.Template.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppam\OpenWithProgids
PowerPoint.Addin.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsm\OpenWithProgids
PowerPoint.SlideShowMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsx\OpenWithProgids
PowerPoint.SlideShow.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppt\OpenWithProgids
PowerPoint.Show.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptm\OpenWithProgids
PowerPoint.ShowMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptx\OpenWithProgids
PowerPoint.Show.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1\OpenWithProgids
Microsoft.PowerShellScript.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1xml\OpenWithProgids
Microsoft.PowerShellXMLData.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd1\OpenWithProgids
Microsoft.PowerShellData.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psm1\OpenWithProgids
Microsoft.PowerShellModule.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pssc\OpenWithProgids
Microsoft.PowerShellSessionConfiguration.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\OpenWithProgids
rlefile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rtf\OpenWithProgids
Word.RTF.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scf\OpenWithProgids
SHCmdFile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.search-ms\OpenWithProgids
SearchFolder
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\OpenWithProgids
shtmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldm\OpenWithProgids
PowerPoint.SlideMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldx\OpenWithProgids
PowerPoint.Slide.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sys\OpenWithProgids
sysfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\OpenWithProgids
TIFImage.Document
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\OpenWithProgids
WMP11.AssocFile.TTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\OpenWithProgids
ttcfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\OpenWithProgids
ttffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithProgids
txtfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vsto\OpenWithProgids
bootstrap.vsto.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\OpenWithProgids
WMP11.AssocFile.WAV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\OpenWithProgids
WMP11.AssocFile.WAX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\OpenWithProgids
WMP11.AssocFile.WMA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\OpenWithProgids
wmffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\OpenWithProgids
WMP11.AssocFile.WMV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WPL\OpenWithProgids
WMP11.AssocFile.WPL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\OpenWithProgids
WMP11.AssocFile.WVX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlam\OpenWithProgids
Excel.AddInMacroEnabled
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xls\OpenWithProgids
Excel.Sheet.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsb\OpenWithProgids
Excel.SheetBinaryMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsm\OpenWithProgids
Excel.SheetMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsx\OpenWithProgids
Excel.Sheet.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlt\OpenWithProgids
Excel.Template.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltm\OpenWithProgids
Excel.TemplateMacroEnabled
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltx\OpenWithProgids
Excel.Template
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\OpenWithProgids
xmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xsl\OpenWithProgids
xslfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive\Accounts
LastUpdate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Zvpebfbsg.Jvaqbjf.Furyy.EhaQvnybt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
P:\Hfref\wbarf\NccQngn\Ebnzvat\TnzrCnyy\TnzrCnyy.rkr
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
HRZR_PGYFRFFVBA
HKEY_CURRENT_USER\SOFTWARE\GamePall
Sid
HKEY_CURRENT_USER\SOFTWARE\GamePall
Pid
HKEY_CURRENT_USER\SOFTWARE\GamePall
Version
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
GamePall
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GamePall
DisplayName
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GamePall
DisplayVersion
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GamePall
Publisher
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GamePall
EstimatedSize
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GamePall
UninstallString
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GamePall
NoModify
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GamePall
NoRepair
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Windows Error Reporting
DontShowUI
HKEY_CURRENT_USER\SOFTWARE\GamePall
tmp_uid
HKEY_CURRENT_USER\SOFTWARE\GamePall
reg
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GamePall_RASAPI32
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GamePall_RASAPI32
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GamePall_RASAPI32
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GamePall_RASAPI32
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GamePall_RASAPI32
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GamePall_RASAPI32
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GamePall_RASAPI32
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GamePall_RASMANCS
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GamePall_RASMANCS
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GamePall_RASMANCS
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GamePall_RASMANCS
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GamePall_RASMANCS
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GamePall_RASMANCS
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\GamePall_RASMANCS
FileDirectory
HKEY_CURRENT_USER\SOFTWARE\GamePall
uid
HKEY_CURRENT_USER\Control Panel\Cursors
AppStarting
There are 209 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
2E80000
direct allocation
page read and write
 malicious
2EA1000
unclassified section
page read and write
 malicious
4851000
unclassified section
page read and write
 malicious
4820000
direct allocation
page read and write
 malicious
C89A000
unkown
page read and write
2F44000
trusted library allocation
page read and write
968B000
unkown
page read and write
C964000
unkown
page read and write
5CC0000
trusted library allocation
page read and write
4D5E000
stack
page read and write
34E9000
stack
page read and write
7FF5ED1FA000
unkown
page readonly
8740000
unkown
page read and write
A37B000
unkown
page read and write
2EED000
heap
page execute and read and write
8D10000
unkown
page read and write
FFC000
heap
page read and write
8740000
unkown
page read and write
3160000
unkown
page read and write
15CD000
trusted library allocation
page execute and read and write
33C0000
unkown
page read and write
4C34000
unkown
page read and write
E3E000
stack
page read and write
397D000
trusted library allocation
page read and write
7FF5ED97A000
unkown
page readonly
2BE4000
unkown
page readonly
125F000
heap
page read and write
C6C1000
unkown
page read and write
61D0000
heap
page read and write
8108000
stack
page read and write
7FF5ED800000
unkown
page readonly
97A9000
unkown
page read and write
8740000
unkown
page read and write
8740000
unkown
page read and write
FA2000
trusted library allocation
page read and write
1360000
heap
page read and write
37AE000
unkown
page read and write
C6C9000
unkown
page read and write
57D0000
trusted library allocation
page read and write
518E000
trusted library allocation
page read and write
378F000
stack
page read and write
1235000
heap
page read and write
7FF5ED2A9000
unkown
page readonly
11CD000
heap
page read and write
E80000
trusted library allocation
page read and write
B140000
unkown
page readonly
3935000
trusted library allocation
page read and write
CE4000
unkown
page readonly
2F03000
heap
page read and write
8740000
unkown
page read and write
2471000
trusted library allocation
page read and write
8D10000
unkown
page read and write
C6D8000
unkown
page read and write
7FF5ED64F000
unkown
page readonly
2EDA000
heap
page read and write
8D10000
unkown
page read and write
11B3000
heap
page read and write
13AE000
stack
page read and write
4EA4000
trusted library allocation
page read and write
13B0000
heap
page read and write
8740000
unkown
page read and write
3010000
trusted library allocation
page read and write
2DA4000
heap
page read and write
7FF5ED986000
unkown
page readonly
53C000
stack
page read and write
12B1000
trusted library allocation
page read and write
125D000
trusted library allocation
page execute and read and write
51D5000
trusted library allocation
page read and write
410000
unkown
page read and write
2B80000
trusted library allocation
page read and write
2D94000
trusted library allocation
page read and write
8740000
unkown
page read and write
8D10000
unkown
page read and write
422000
unkown
page read and write
302A000
trusted library allocation
page execute and read and write
13FA000
heap
page read and write
30D0000
trusted library allocation
page read and write
7A34000
unkown
page read and write
33C0000
unkown
page read and write
3900000
trusted library allocation
page read and write
C563000
unkown
page read and write
460000
heap
page read and write
8D10000
unkown
page read and write
7FF5D1CD4000
unkown
page readonly
392C000
trusted library allocation
page read and write
8D10000
unkown
page read and write
7DD0000
unkown
page read and write
8740000
unkown
page read and write
8D10000
unkown
page read and write
5FF1000
heap
page read and write
1290000
trusted library allocation
page read and write
8D10000
unkown
page read and write
1263000
heap
page read and write
3153000
unkown
page read and write
8D10000
unkown
page read and write
5780000
trusted library allocation
page read and write
48F6000
trusted library allocation
page read and write
1180000
heap
page read and write
DA0000
heap
page read and write
2BE4000
unkown
page readonly
3910000
trusted library allocation
page read and write
5765000
trusted library allocation
page read and write
DA0000
heap
page read and write
11CD000
heap
page read and write
8EF0000
unkown
page read and write
7F50000
unkown
page read and write
3914000
trusted library allocation
page read and write
5A80000
unkown
page readonly
8740000
unkown
page read and write
400000
unkown
page readonly
E52000
trusted library allocation
page read and write
7DD0000
unkown
page read and write
4A2E000
stack
page read and write
BC9B000
stack
page read and write
1470000
trusted library allocation
page read and write
FE6000
stack
page read and write
7DF4F3040000
unkown
page readonly
FA4000
trusted library allocation
page read and write
9C000
stack
page read and write
8740000
unkown
page read and write
10C0000
unkown
page readonly
408000
unkown
page readonly
7F50000
unkown
page read and write
3939000
trusted library allocation
page read and write
390E000
trusted library allocation
page read and write
7FF5ED43A000
unkown
page readonly
1249000
heap
page read and write
2F67000
trusted library allocation
page read and write
5CA1000
trusted library allocation
page read and write
2B16000
trusted library allocation
page read and write
5780000
trusted library allocation
page read and write
2C26000
trusted library allocation
page read and write
10F1F000
unkown
page read and write
BDD0000
unkown
page readonly
8EF0000
unkown
page read and write
A4A1000
unkown
page read and write
3903000
trusted library allocation
page read and write
395A000
trusted library allocation
page read and write
C557000
unkown
page read and write
5CBC000
stack
page read and write
123B000
stack
page read and write
CAEC000
unkown
page read and write
BA4C000
stack
page read and write
3110000
heap
page read and write
5160000
heap
page execute and read and write
896000
trusted library allocation
page execute and read and write
2B25000
trusted library allocation
page read and write
12A0000
trusted library allocation
page execute and read and write
AB49000
unkown
page read and write
6220000
trusted library allocation
page execute and read and write
3946000
trusted library allocation
page read and write
8740000
unkown
page read and write
2D28000
trusted library allocation
page read and write
8B0000
heap
page read and write
5CF0000
trusted library allocation
page read and write
4E3D000
stack
page read and write
3914000
trusted library allocation
page read and write
8D10000
unkown
page read and write
B18000
heap
page read and write
9879000
unkown
page read and write
FBD0000
unkown
page read and write
149E000
stack
page read and write
56C3000
unkown
page read and write
30B5000
trusted library allocation
page read and write
8740000
unkown
page read and write
7FF5ED8C1000
unkown
page readonly
154A000
heap
page read and write
11F0000
trusted library allocation
page read and write
3AC0000
trusted library allocation
page read and write
61C0000
trusted library allocation
page read and write
1480000
heap
page read and write
38F8000
trusted library allocation
page read and write
8D10000
unkown
page read and write
5774000
trusted library allocation
page read and write
4BDC000
unkown
page read and write
8D10000
unkown
page read and write
A37D000
unkown
page read and write
392C000
trusted library allocation
page read and write
52AE000
stack
page read and write
57E3000
trusted library allocation
page read and write
7FF5ED714000
unkown
page readonly
2AF6000
trusted library allocation
page read and write
A502000
unkown
page read and write
7FF5ED40D000
unkown
page readonly
390F000
trusted library allocation
page read and write
126F000
heap
page read and write
7DD0000
unkown
page read and write
3580000
unkown
page readonly
8D10000
unkown
page read and write
7FF5ED349000
unkown
page readonly
CE0000
heap
page read and write
33C0000
unkown
page read and write
1095000
stack
page read and write
8740000
unkown
page read and write
7FF5ED5F7000
unkown
page readonly
106E000
heap
page read and write
CBB6000
unkown
page read and write
89A000
trusted library allocation
page execute and read and write
122A000
heap
page read and write
F90000
trusted library allocation
page read and write
923E000
stack
page read and write
3CB0000
heap
page read and write
1247000
heap
page read and write
5776000
trusted library allocation
page read and write
2B4F000
trusted library allocation
page read and write
392C000
trusted library allocation
page read and write
547C000
stack
page read and write
7F50000
unkown
page read and write
3903000
trusted library allocation
page read and write
41C3000
trusted library allocation
page read and write
1508000
heap
page read and write
8D10000
unkown
page read and write
4E7E000
trusted library allocation
page read and write
DF0000
heap
page read and write
9792000
unkown
page read and write
7FF5ED7C4000
unkown
page readonly
7DD0000
unkown
page read and write
630000
heap
page read and write
6230000
heap
page execute and read and write
7852000
unkown
page read and write
620000
heap
page read and write
3020000
trusted library allocation
page read and write
481F000
stack
page read and write
7FF5ED46A000
unkown
page readonly
B5AE000
stack
page read and write
2B11000
trusted library allocation
page read and write
2E80000
direct allocation
page read and write
8740000
unkown
page read and write
3903000
trusted library allocation
page read and write
5FC4000
heap
page read and write
4BA0000
heap
page read and write
7E70000
unkown
page read and write
C54000
trusted library allocation
page read and write
3000000
trusted library allocation
page read and write
7DD0000
unkown
page read and write
124C000
heap
page read and write
1147000
heap
page read and write
DF7000
heap
page read and write
2C60000
heap
page read and write
7FF5EDA11000
unkown
page readonly
51B5000
trusted library allocation
page read and write
1263000
heap
page read and write
1272000
trusted library allocation
page read and write
64E000
heap
page read and write
3930000
trusted library allocation
page read and write
C70000
trusted library allocation
page read and write
2F54000
trusted library allocation
page read and write
A39B000
unkown
page read and write
572D000
unkown
page readonly
7A0000
heap
page read and write
51B0000
trusted library allocation
page read and write
831000
heap
page read and write
401000
unkown
page execute read
7FF5ED4BB000
unkown
page readonly
38EF000
trusted library allocation
page read and write
1810000
heap
page read and write
3471000
trusted library allocation
page read and write
7DD0000
unkown
page read and write
11CF000
stack
page read and write
4C5000
heap
page read and write
5740000
trusted library allocation
page read and write
1336000
stack
page read and write
8740000
unkown
page read and write
2D18000
trusted library allocation
page read and write
7EE000
stack
page read and write
7FF5ED42B000
unkown
page readonly
C962000
unkown
page read and write
8740000
unkown
page read and write
15D0000
trusted library allocation
page read and write
8D10000
unkown
page read and write
8D10000
unkown
page read and write
8740000
unkown
page read and write
401000
unkown
page execute read
E26000
heap
page read and write
5776000
trusted library allocation
page read and write
E46000
trusted library allocation
page execute and read and write
4C53000
heap
page execute and read and write
2D2E000
stack
page read and write
4900000
trusted library allocation
page read and write
38F8000
trusted library allocation
page read and write
2967000
trusted library allocation
page read and write
391E000
trusted library allocation
page read and write
29CC000
stack
page read and write
11C6000
trusted library allocation
page execute and read and write
38EA000
trusted library allocation
page read and write
8D10000
unkown
page read and write
5770000
trusted library allocation
page read and write
4A50000
heap
page read and write
33C0000
unkown
page read and write
1263000
heap
page read and write
3954000
trusted library allocation
page read and write
33C0000
unkown
page read and write
2B4D000
trusted library allocation
page read and write
3A3A000
trusted library allocation
page read and write
5CD0000
trusted library allocation
page read and write
38E1000
trusted library allocation
page read and write
9F1E000
stack
page read and write
7FFE000
stack
page read and write
12C0000
trusted library allocation
page read and write
8750000
unkown
page read and write
FA54000
unkown
page read and write
FBD8000
unkown
page read and write
8D10000
unkown
page read and write
3985000
trusted library allocation
page read and write
15C4000
trusted library allocation
page read and write
11B8000
heap
page read and write
AB5B000
unkown
page read and write
4B60000
heap
page read and write
7FF5EDA31000
unkown
page readonly
8D10000
unkown
page read and write
7FF5ED5C9000
unkown
page readonly
2F75000
trusted library allocation
page read and write
3915000
trusted library allocation
page read and write
124A000
heap
page read and write
7DD0000
unkown
page read and write
2270000
heap
page execute and read and write
38F0000
trusted library allocation
page read and write
7FF5ED847000
unkown
page readonly
A9F000
stack
page read and write
1240000
trusted library allocation
page read and write
C49E000
stack
page read and write
7FF5ED1D6000
unkown
page readonly
3903000
trusted library allocation
page read and write
5B80000
heap
page read and write
7FF5ED7FD000
unkown
page readonly
E26000
heap
page read and write
9877000
unkown
page read and write
8D10000
unkown
page read and write
FBDB000
unkown
page read and write
3010000
unkown
page read and write
122A000
heap
page read and write
FC8000
heap
page read and write
5B4E000
stack
page read and write
100F000
stack
page read and write
33C0000
unkown
page read and write
408000
unkown
page readonly
76A0000
unkown
page read and write
3915000
trusted library allocation
page read and write
123E000
heap
page read and write
7FF5ED4DF000
unkown
page readonly
3290000
unkown
page read and write
83E000
heap
page read and write
7FF5ED85F000
unkown
page readonly
7FF5ED670000
unkown
page readonly
7DD0000
unkown
page read and write
15C3000
trusted library allocation
page execute and read and write
124A000
heap
page read and write
8740000
unkown
page read and write
978E000
unkown
page read and write
8740000
unkown
page read and write
7E70000
unkown
page read and write
7DD0000
unkown
page read and write
11C0000
unkown
page readonly
38FB000
trusted library allocation
page read and write
289F000
stack
page read and write
8860000
unkown
page read and write
122B000
heap
page read and write
2F3E000
stack
page read and write
6B0000
heap
page read and write
51C0000
trusted library allocation
page read and write
40B000
unkown
page execute read
3903000
trusted library allocation
page read and write
E23000
trusted library allocation
page execute and read and write
4C18000
unkown
page read and write
8740000
unkown
page read and write
C54A000
unkown
page read and write
2970000
trusted library allocation
page read and write
7FF5ED9A6000
unkown
page readonly
7FF5ED449000
unkown
page readonly
7FF5EDA0D000
unkown
page readonly
3943000
trusted library allocation
page read and write
E90000
trusted library allocation
page read and write
8740000
unkown
page read and write
41F000
unkown
page readonly
2F50000
trusted library allocation
page read and write
1270000
trusted library allocation
page read and write
3903000
trusted library allocation
page read and write
8D10000
unkown
page read and write
33C0000
unkown
page read and write
3240000
unkown
page read and write
4C1E000
unkown
page read and write
8D10000
unkown
page read and write
8D10000
unkown
page read and write
124D000
trusted library allocation
page execute and read and write
CB0000
trusted library allocation
page read and write
590E000
stack
page read and write
3942000
trusted library allocation
page read and write
8D10000
unkown
page read and write
828000
heap
page read and write
38F4000
trusted library allocation
page read and write
28E1000
trusted library allocation
page read and write
1246000
heap
page read and write
7F50000
unkown
page read and write
8D10000
unkown
page read and write
FD40000
unkown
page read and write
9B60000
unkown
page readonly
3032000
trusted library allocation
page read and write
38E8000
trusted library allocation
page read and write
2C6A000
heap
page read and write
11B3000
heap
page read and write
2355000
trusted library allocation
page read and write
124B000
heap
page read and write
33C0000
unkown
page read and write
7FF5ED6B9000
unkown
page readonly
4E60000
trusted library allocation
page read and write
1270000
heap
page read and write
300D000
trusted library allocation
page execute and read and write
A323000
unkown
page read and write
4840000
heap
page read and write
7CD0000
unkown
page read and write
7DD0000
unkown
page read and write
33C0000
unkown
page read and write
8740000
unkown
page read and write
9550000
unkown
page readonly
281E000
stack
page read and write
7FF5ED7E0000
unkown
page readonly
11D2000
trusted library allocation
page read and write
390D000
trusted library allocation
page read and write
2FF0000
trusted library allocation
page read and write
7EB000
heap
page read and write
11207000
unkown
page read and write
8740000
unkown
page read and write
21FE000
stack
page read and write
33C0000
unkown
page read and write
11CD000
heap
page read and write
319E000
stack
page read and write
1200000
trusted library allocation
page execute and read and write
8740000
unkown
page read and write
770000
heap
page read and write
125F000
heap
page read and write
F74000
trusted library allocation
page read and write
3060000
trusted library allocation
page read and write
FD9F000
unkown
page read and write
3927000
trusted library allocation
page read and write
8750000
unkown
page read and write
A494000
unkown
page read and write
1475000
trusted library allocation
page read and write
48B6000
trusted library allocation
page read and write
7FF5ED814000
unkown
page readonly
33FF000
trusted library allocation
page read and write
B650000
unkown
page read and write
563E000
trusted library allocation
page read and write
88D000
trusted library allocation
page execute and read and write
3160000
unkown
page read and write
8D10000
unkown
page read and write
1244000
heap
page read and write
3210000
unkown
page read and write
B7A5000
stack
page read and write
7FF5ED793000
unkown
page readonly
391D000
trusted library allocation
page read and write
DFB000
stack
page read and write
2B41000
trusted library allocation
page read and write
33C0000
unkown
page read and write
977A000
unkown
page read and write
7FF5ED3A7000
unkown
page readonly
8740000
unkown
page read and write
E8D000
trusted library allocation
page execute and read and write
8740000
unkown
page read and write
2FD0000
trusted library allocation
page read and write
780000
heap
page read and write
33C0000
unkown
page read and write
7DD0000
unkown
page read and write
8A2000
trusted library allocation
page read and write
1610000
trusted library allocation
page read and write
1350000
unkown
page readonly
1259000
heap
page read and write
28C0000
heap
page read and write
40F5000
trusted library allocation
page read and write
4B8B000
unkown
page read and write
2AD0000
heap
page read and write
C8E1000
unkown
page read and write
368E000
stack
page read and write
11F6000
heap
page read and write
E08000
heap
page read and write
49E0000
heap
page read and write
B8B0000
unkown
page read and write
16B0000
heap
page read and write
95DA000
stack
page read and write
8D10000
unkown
page read and write
7FF5ED915000
unkown
page readonly
987D000
unkown
page read and write
5744000
trusted library allocation
page read and write
F6E000
stack
page read and write
393B000
trusted library allocation
page read and write
33C0000
unkown
page read and write
F20000
heap
page read and write
10D0000
heap
page read and write
8780000
unkown
page read and write
3903000
trusted library allocation
page read and write
896B000
stack
page read and write
1240000
heap
page read and write
3950000
trusted library allocation
page read and write
AAFF000
unkown
page read and write
7F50000
unkown
page read and write
2B45000
trusted library allocation
page read and write
169E000
stack
page read and write
8740000
unkown
page read and write
8D10000
unkown
page read and write
18A0000
unkown
page readonly
89A0000
unkown
page read and write
C846000
unkown
page read and write
8D10000
unkown
page read and write
A19F000
stack
page read and write
3090000
direct allocation
page read and write
DCF000
heap
page read and write
400000
unkown
page execute and read and write
3020000
unkown
page read and write
7E50000
unkown
page readonly
C857000
unkown
page read and write
E83000
trusted library allocation
page execute and read and write
C516000
unkown
page read and write
7FF5ED6A5000
unkown
page readonly
7DD0000
unkown
page read and write
1120000
trusted library allocation
page execute and read and write
8D10000
unkown
page read and write
9F9B000
stack
page read and write
788000
heap
page read and write
518B000
trusted library allocation
page read and write
38EC000
trusted library allocation
page read and write
AADB000
unkown
page read and write
7FF5ED3EA000
unkown
page readonly
33C0000
unkown
page read and write
79D3000
unkown
page read and write
33C0000
unkown
page read and write
7DD0000
unkown
page read and write
8740000
unkown
page read and write
8740000
unkown
page read and write
3659000
stack
page read and write
42E000
unkown
page readonly
8D10000
unkown
page read and write
3962000
trusted library allocation
page read and write
43D1000
trusted library allocation
page read and write
7FF5ED426000
unkown
page readonly
7FF5ED80C000
unkown
page readonly
7FF5ED697000
unkown
page readonly
3A01000
trusted library allocation
page read and write
11CD000
heap
page read and write
7FF5ED669000
unkown
page readonly
A49E000
unkown
page read and write
3590000
unkown
page read and write
4B90000
unkown
page read and write
5D10000
trusted library allocation
page execute and read and write
E9D000
trusted library allocation
page execute and read and write
2D09000
trusted library allocation
page read and write
7DD0000
unkown
page read and write
B629000
stack
page read and write
5630000
trusted library allocation
page read and write
38F4000
trusted library allocation
page read and write
125F000
heap
page read and write
8740000
unkown
page read and write
8D10000
unkown
page read and write
7FF5ED337000
unkown
page readonly
4B56000
unkown
page read and write
8FB9000
stack
page read and write
40A000
unkown
page read and write
5FC0000
heap
page read and write
774000
trusted library allocation
page read and write
8740000
unkown
page read and write
3004000
trusted library allocation
page read and write
F3E000
stack
page read and write
8D10000
unkown
page read and write
392B000
trusted library allocation
page read and write
8D10000
unkown
page read and write
9885000
unkown
page read and write
125F000
heap
page read and write
1443000
trusted library allocation
page execute and read and write
8780000
unkown
page read and write
8D10000
unkown
page read and write
7FF5ED4F3000
unkown
page readonly
310E000
stack
page read and write
33C0000
unkown
page read and write
704000
unkown
page write copy
FBD8000
unkown
page read and write
647000
heap
page read and write
8D10000
unkown
page read and write
8EC6000
unkown
page read and write
1650000
heap
page read and write
8D10000
unkown
page read and write
2FDE000
trusted library allocation
page read and write
FBD8000
unkown
page read and write
38F4000
trusted library allocation
page read and write
5FBC000
stack
page read and write
DB8000
heap
page read and write
51E0000
trusted library allocation
page read and write
38F4000
trusted library allocation
page read and write
7E70000
unkown
page read and write
705000
unkown
page execute read
3001000
trusted library allocation
page read and write
4001000
trusted library allocation
page read and write
2950000
trusted library allocation
page execute and read and write
391D000
trusted library allocation
page read and write
FBDC000
unkown
page read and write
11B3000
heap
page read and write
3A18000
trusted library allocation
page read and write
785D000
unkown
page read and write
78AD000
unkown
page read and write
8D10000
unkown
page read and write
7FF5ED507000
unkown
page readonly
27B0000
trusted library allocation
page read and write
511F000
stack
page read and write
8750000
unkown
page read and write
38F0000
trusted library allocation
page read and write
E70000
trusted library allocation
page read and write
BA0000
heap
page read and write
38F2000
trusted library allocation
page read and write
3127000
trusted library allocation
page read and write
3977000
trusted library allocation
page read and write
2BB0000
trusted library allocation
page execute and read and write
14A8000
heap
page read and write
33C0000
unkown
page read and write
E95000
heap
page read and write
1505000
heap
page read and write
2CE0000
heap
page read and write
7FF5ED743000
unkown
page readonly
F9D3000
unkown
page read and write
FBD5000
unkown
page read and write
9A5B000
unkown
page read and write
7FF5ED519000
unkown
page readonly
38F0000
trusted library allocation
page read and write
3903000
trusted library allocation
page read and write
3797000
unkown
page read and write
BDA0000
unkown
page readonly
DE0000
unkown
page readonly
306E000
stack
page read and write
F7D000
trusted library allocation
page execute and read and write
880000
trusted library allocation
page read and write
FD82000
unkown
page read and write
3A88000
trusted library allocation
page read and write
3922000
trusted library allocation
page read and write
8D10000
unkown
page read and write
6A0000
heap
page read and write
2ACF000
stack
page read and write
2EDE000
stack
page read and write
AB51000
unkown
page read and write
2BC1000
trusted library allocation
page read and write
4E86000
trusted library allocation
page read and write
70F000
heap
page read and write
71B000
stack
page read and write
33AE000
stack
page read and write
1244000
trusted library allocation
page read and write
15E6000
trusted library allocation
page execute and read and write
8D10000
unkown
page read and write
3911000
trusted library allocation
page read and write
787C000
unkown
page read and write
8D10000
unkown
page read and write
15F0000
trusted library allocation
page read and write
9871000
unkown
page read and write
7FF5ED755000
unkown
page readonly
3918000
trusted library allocation
page read and write
7FF5ED1D8000
unkown
page readonly
BD98000
stack
page read and write
2F5E000
trusted library allocation
page read and write
1175000
heap
page read and write
630000
heap
page read and write
8780000
unkown
page read and write
8EF0000
unkown
page read and write
56B0000
heap
page read and write
11CD000
heap
page read and write
7FF5ED864000
unkown
page readonly
3900000
trusted library allocation
page read and write
17AE000
stack
page read and write
1470000
trusted library allocation
page read and write
3900000
trusted library allocation
page read and write
3E69000
trusted library allocation
page read and write
7863000
unkown
page read and write
8D10000
unkown
page read and write
5765000
trusted library allocation
page read and write
EF0000
heap
page read and write
7FF5ED872000
unkown
page readonly
1130000
heap
page read and write
3903000
trusted library allocation
page read and write
7F50000
unkown
page read and write
88EE000
stack
page read and write
2980000
heap
page read and write
1140000
heap
page read and write
8740000
unkown
page read and write
C88B000
unkown
page read and write
38EE000
trusted library allocation
page read and write
5190000
trusted library allocation
page read and write
8EF0000
unkown
page read and write
8DA0000
unkown
page read and write
8AB000
trusted library allocation
page execute and read and write
14CC000
heap
page read and write
33C0000
unkown
page read and write
FA7000
trusted library allocation
page execute and read and write
93BE000
stack
page read and write
2D11000
trusted library allocation
page read and write
11B0000
heap
page read and write
3010000
unkown
page read and write
1380000
heap
page read and write
7FF5ED5C1000
unkown
page readonly
C7B000
stack
page read and write
8740000
unkown
page read and write
3903000
trusted library allocation
page read and write
7FF5ED65C000
unkown
page readonly
1231000
heap
page read and write
3981000
trusted library allocation
page read and write
E24000
trusted library allocation
page read and write
4A43000
trusted library allocation
page read and write
7FF5ED980000
unkown
page readonly
8740000
unkown
page read and write
8740000
unkown
page read and write
9660000
unkown
page read and write
1266000
heap
page read and write
790000
heap
page read and write
122A000
heap
page read and write
7DF4F3050000
unkown
page readonly
393E000
trusted library allocation
page read and write
790000
heap
page read and write
422000
unkown
page write copy
7FF5ED41C000
unkown
page readonly
FAD000
trusted library allocation
page execute and read and write
9893000
unkown
page read and write
2D1B000
trusted library allocation
page read and write
2251000
trusted library allocation
page read and write
2D90000
heap
page read and write
2C10000
trusted library allocation
page read and write
391E000
trusted library allocation
page read and write
E40000
trusted library allocation
page read and write
30C4000
trusted library allocation
page read and write
A361000
unkown
page read and write
D0E000
stack
page read and write
7FF5ED9D2000
unkown
page readonly
8740000
unkown
page read and write
4E8D000
trusted library allocation
page read and write
8D10000
unkown
page read and write
7F50000
unkown
page read and write
33D5000
trusted library allocation
page read and write
9869000
unkown
page read and write
5C8F000
stack
page read and write
123A000
heap
page read and write
E98000
heap
page read and write
53D4000
trusted library allocation
page read and write
7FF5ED445000
unkown
page readonly
8D10000
unkown
page read and write
8D10000
unkown
page read and write
15F2000
trusted library allocation
page read and write
3922000
trusted library allocation
page read and write
1385000
heap
page read and write
7FF5ED71E000
unkown
page readonly
5184000
trusted library allocation
page read and write
1490000
unkown
page read and write
48C4000
trusted library allocation
page read and write
148F000
stack
page read and write
4CD0000
unkown
page read and write
3948000
trusted library allocation
page read and write
13C8000
heap
page read and write
33C0000
unkown
page read and write
2260000
trusted library allocation
page read and write
12B7000
trusted library allocation
page read and write
11CF000
heap
page read and write
38EC000
trusted library allocation
page read and write
E20000
heap
page read and write
57C3000
trusted library allocation
page read and write
5736000
trusted library allocation
page read and write
33C0000
unkown
page read and write
16A0000
heap
page read and write
3903000
trusted library allocation
page read and write
10C8000
heap
page read and write
7FF5ED961000
unkown
page readonly
11B3000
heap
page read and write
7DD0000
unkown
page read and write
1263000
heap
page read and write
FF1000
heap
page read and write
33C0000
unkown
page read and write
294E000
stack
page read and write
7E70000
unkown
page read and write
38EC000
trusted library allocation
page read and write
5180000
trusted library allocation
page read and write
262E000
stack
page read and write
ED0000
trusted library allocation
page read and write
28F0000
heap
page read and write
43D5000
trusted library allocation
page read and write
7DD0000
unkown
page read and write
A391000
unkown
page read and write
F66000
heap
page read and write
7D6C000
unkown
page read and write
400000
unkown
page readonly
7A0000
heap
page read and write
38EC000
trusted library allocation
page read and write
126F000
heap
page read and write
392C000
trusted library allocation
page read and write
58D0000
unkown
page readonly
C82000
trusted library allocation
page read and write
3791000
unkown
page read and write
7DD0000
unkown
page read and write
306E000
stack
page read and write
11C0000
trusted library allocation
page read and write
11B3000
heap
page read and write
37A0000
unkown
page read and write
8740000
unkown
page read and write
2360000
heap
page read and write
7FF5ED3CE000
unkown
page readonly
C80000
heap
page read and write
33C0000
unkown
page read and write
4E6B000
trusted library allocation
page read and write
33C0000
unkown
page read and write
1257000
heap
page read and write
C700000
unkown
page read and write
1255000
heap
page read and write
13EC000
heap
page read and write
61BC000
stack
page read and write
7DD0000
unkown
page read and write
126A000
trusted library allocation
page execute and read and write
3010000
unkown
page read and write
3903000
trusted library allocation
page read and write
FD0000
heap
page read and write
7FF5ED644000
unkown
page readonly
7FF5ED8A4000
unkown
page readonly
8740000
unkown
page read and write
2BA0000
heap
page execute and read and write
7F50000
unkown
page read and write
7E70000
unkown
page read and write
7E70000
unkown
page read and write
7DD0000
unkown
page read and write
7FF5ED556000
unkown
page readonly
97B5000
unkown
page read and write
7FF5EDA53000
unkown
page readonly
38EA000
trusted library allocation
page read and write
DD0000
heap
page read and write
7E70000
unkown
page read and write
7FF5ED495000
unkown
page readonly
33C0000
unkown
page read and write
122F000
heap
page read and write
1247000
heap
page read and write
125F000
heap
page read and write
2DA0000
heap
page read and write
7FF5ED9ED000
unkown
page readonly
7FF5ED4FD000
unkown
page readonly
53E0000
trusted library allocation
page execute and read and write
680000
unkown
page readonly
13C0000
heap
page read and write
7DD0000
unkown
page read and write
5C92000
trusted library allocation
page read and write
48E5000
trusted library allocation
page read and write
8740000
unkown
page read and write
4E88000
trusted library allocation
page read and write
8D10000
unkown
page read and write
FD7D000
unkown
page read and write
EC6000
heap
page read and write
BD1D000
stack
page read and write
2CE4000
heap
page read and write
F70000
trusted library allocation
page read and write
8D10000
unkown
page read and write
3903000
trusted library allocation
page read and write
1631000
trusted library allocation
page read and write
78A0000
unkown
page read and write
3756000
unkown
page read and write
4E66000
trusted library allocation
page read and write
439000
unkown
page readonly
8D10000
unkown
page read and write
379E000
unkown
page read and write
8D10000
unkown
page read and write
7E60000
unkown
page read and write
3026000
trusted library allocation
page execute and read and write
695000
heap
page read and write
8D10000
unkown
page read and write
4BE3000
unkown
page read and write
4909000
trusted library allocation
page read and write
FAB000
trusted library allocation
page execute and read and write
8740000
unkown
page read and write
6220000
unkown
page readonly
9DED000
stack
page read and write
1138000
heap
page read and write
515E000
stack
page read and write
2FDF000
stack
page read and write
FBD4000
unkown
page read and write
5B90000
heap
page read and write
3903000
trusted library allocation
page read and write
79B1000
unkown
page read and write
33C0000
unkown
page read and write
96DF000
unkown
page read and write
3209000
stack
page read and write
3962000
trusted library allocation
page read and write
33C0000
unkown
page read and write
7CA0000
unkown
page read and write
8740000
unkown
page read and write
2AFE000
trusted library allocation
page read and write
C5AA000
unkown
page read and write
8740000
unkown
page read and write
11CD000
heap
page read and write
8D10000
unkown
page read and write
520E000
stack
page read and write
3915000
trusted library allocation
page read and write
118E000
heap
page read and write
4E6E000
trusted library allocation
page read and write
11BF000
stack
page read and write
38FC000
trusted library allocation
page read and write
33C0000
unkown
page read and write
FD8A000
unkown
page read and write
1234000
heap
page read and write
EAA000
trusted library allocation
page execute and read and write
E5E000
heap
page read and write
E30000
trusted library allocation
page read and write
11208000
unkown
page read and write
33C0000
unkown
page read and write
A4FC000
unkown
page read and write
100B000
heap
page read and write
7BB000
heap
page read and write
122A000
heap
page read and write
1230000
heap
page read and write
AAF9000
unkown
page read and write
30AE000
stack
page read and write
C5A3000
unkown
page read and write
8740000
unkown
page read and write
573B000
trusted library allocation
page read and write
2C24000
trusted library allocation
page read and write
3800000
unkown
page readonly
7FF5ED68F000
unkown
page readonly
2B3E000
stack
page read and write
7FF5ED3D0000
unkown
page readonly
223D000
stack
page read and write
8D10000
unkown
page read and write
7E70000
unkown
page read and write
3903000
trusted library allocation
page read and write
7F50000
unkown
page read and write
C56F000
unkown
page read and write
2D14000
trusted library allocation
page read and write
705000
unkown
page execute read
9795000
unkown
page read and write
9873000
unkown
page read and write
122F000
heap
page read and write
2C92000
heap
page read and write
F994000
unkown
page read and write
8740000
unkown
page read and write
DDF000
stack
page read and write
CA02000
unkown
page read and write
C507000
unkown
page read and write
7FF5EDA47000
unkown
page readonly
7FF5ED516000
unkown
page readonly
28DC000
stack
page read and write
58D2000
unkown
page readonly
1483000
heap
page read and write
519E000
trusted library allocation
page read and write
B8C0000
unkown
page readonly
3030000
unkown
page read and write
393D000
trusted library allocation
page read and write
15B0000
trusted library allocation
page read and write
8740000
unkown
page read and write
4EB0000
trusted library allocation
page read and write
AF6000
stack
page read and write
8740000
unkown
page read and write
3050000
trusted library allocation
page read and write
EF0000
trusted library allocation
page read and write
CC5000
heap
page read and write
11B0000
heap
page read and write
423000
unkown
page execute read
122F000
heap
page read and write
5B7E000
stack
page read and write
7F50000
unkown
page read and write
37AC000
unkown
page read and write
2789000
heap
page read and write
AB05000
unkown
page read and write
3C3F000
stack
page read and write
8D10000
unkown
page read and write
7953000
unkown
page read and write
8D10000
unkown
page read and write
8D10000
unkown
page read and write
7E11000
unkown
page read and write
5EBB000
stack
page read and write
36D5000
stack
page read and write
1255000
heap
page read and write
123B000
stack
page read and write
1E0000
heap
page read and write
11CF000
heap
page read and write
4B78000
unkown
page read and write
41F000
unkown
page readonly
2FF0000
heap
page execute and read and write
1094000
heap
page read and write
965C000
stack
page read and write
CE5000
heap
page read and write
8740000
unkown
page read and write
38F4000
trusted library allocation
page read and write
F75000
heap
page read and write
3147000
trusted library allocation
page read and write
1216000
heap
page read and write
25CF000
stack
page read and write
5800000
heap
page execute and read and write
14BC000
heap
page read and write
1637000
trusted library allocation
page read and write
51EE000
stack
page read and write
DE6000
heap
page read and write
11CD000
heap
page read and write
346D000
stack
page read and write
3900000
trusted library allocation
page read and write
C5D000
trusted library allocation
page execute and read and write
1177000
heap
page read and write
38EA000
trusted library allocation
page read and write
4CC0000
unkown
page read and write
43D7000
trusted library allocation
page read and write
31F1000
trusted library allocation
page read and write
7FF5ED92C000
unkown
page readonly
51F0000
trusted library allocation
page read and write
578D000
trusted library allocation
page read and write
32EF000
stack
page read and write
7FF5EDA38000
unkown
page readonly
7DD0000
unkown
page read and write
580000
heap
page read and write
8D10000
unkown
page read and write
8D10000
unkown
page read and write
319F000
stack
page read and write
7F50000
unkown
page read and write
C95000
heap
page read and write
7FF5ED94A000
unkown
page readonly
7FF5EDA2A000
unkown
page readonly
7FF5ED9A1000
unkown
page readonly
3D0000
unkown
page readonly
10E01000
unkown
page read and write
7FF5ED810000
unkown
page readonly
7FF5ED853000
unkown
page readonly
1337000
stack
page read and write
2ACE000
stack
page read and write
311F000
trusted library allocation
page read and write
8D10000
unkown
page read and write
29CE000
stack
page read and write
4BFC000
trusted library allocation
page read and write
16C0000
heap
page read and write
14F8000
heap
page read and write
8780000
unkown
page read and write
1259000
heap
page read and write
8D10000
unkown
page read and write
3900000
trusted library allocation
page read and write
462000
unkown
page readonly
303B000
trusted library allocation
page execute and read and write
124D000
heap
page read and write
7FF5ED3F3000
unkown
page readonly
11D7000
trusted library allocation
page execute and read and write
13B0000
heap
page read and write
134A000
heap
page read and write
7FF5ED4B4000
unkown
page readonly
2E50000
remote allocation
page read and write
3911000
trusted library allocation
page read and write
3D0000
unkown
page readonly
5725000
trusted library allocation
page read and write
7F50000
unkown
page read and write
8D10000
unkown
page read and write
2C3E000
stack
page read and write
DE8000
heap
page read and write
4007000
trusted library allocation
page read and write
454000
unkown
page readonly
5492000
unkown
page readonly
390D000
trusted library allocation
page read and write
127B000
trusted library allocation
page execute and read and write
39E1000
heap
page read and write
37DE000
stack
page read and write
7E70000
unkown
page read and write
E7B000
heap
page read and write
470000
heap
page read and write
3941000
trusted library allocation
page read and write
126F000
heap
page read and write
7FF5ED3D6000
unkown
page readonly
38E5000
trusted library allocation
page read and write
7F50000
unkown
page read and write
42A5000
trusted library allocation
page read and write
142E000
stack
page read and write
37BD000
unkown
page read and write
7FF5ED76D000
unkown
page readonly
C87000
trusted library allocation
page execute and read and write
57D0000
heap
page execute and read and write
4CB0000
unkown
page read and write
7FF5ED286000
unkown
page readonly
C53000
trusted library allocation
page execute and read and write
31EE000
stack
page read and write
FBDB000
unkown
page read and write
1257000
heap
page read and write
40A000
unkown
page write copy
2B51000
trusted library allocation
page read and write
2E38000
trusted library allocation
page read and write
15FB000
trusted library allocation
page execute and read and write
8D10000
unkown
page read and write
8750000
unkown
page read and write
FFE000
heap
page read and write
8D10000
unkown
page read and write
1266000
trusted library allocation
page execute and read and write
38E5000
trusted library allocation
page read and write
7E70000
unkown
page read and write
11201000
unkown
page read and write
7FF5ED8E7000
unkown
page readonly
9FF000
stack
page read and write
F7B000
heap
page read and write
8740000
unkown
page read and write
FA16000
unkown
page read and write
7FF5ED4E8000
unkown
page readonly
5641000
unkown
page read and write
390B000
trusted library allocation
page read and write
57CE000
stack
page read and write
401000
unkown
page execute read
3063000
trusted library allocation
page read and write
3933000
trusted library allocation
page read and write
D53000
stack
page read and write
4820000
direct allocation
page read and write
1440000
unkown
page read and write
11B3000
heap
page read and write
33C0000
unkown
page read and write
7900000
unkown
page read and write
8740000
unkown
page read and write
3906000
trusted library allocation
page read and write
8740000
unkown
page read and write
4C0000
heap
page read and write
F2C000
heap
page read and write
B10D000
stack
page read and write
FBDC000
unkown
page read and write
7DD0000
unkown
page read and write
8740000
unkown
page read and write
C811000
unkown
page read and write
4980000
heap
page read and write
33C0000
unkown
page read and write
5786000
trusted library allocation
page read and write
3477000
trusted library allocation
page read and write
272F000
stack
page read and write
4BFE000
trusted library allocation
page read and write
42A9000
trusted library allocation
page read and write
F76000
heap
page read and write
122B000
heap
page read and write
48E0000
heap
page read and write
EBC000
heap
page read and write
8D10000
unkown
page read and write
FBD5000
unkown
page read and write
7FF5ED26E000
unkown
page readonly
24CE000
stack
page read and write
1271000
heap
page read and write
48BB000
trusted library allocation
page read and write
38E6000
trusted library allocation
page read and write
1243000
trusted library allocation
page execute and read and write
38F8000
trusted library allocation
page read and write
7DD0000
unkown
page read and write
8D10000
unkown
page read and write
52DD000
stack
page read and write
3D1000
unkown
page execute read
1120E000
unkown
page read and write
139E000
stack
page read and write
CDE000
stack
page read and write
573E000
trusted library allocation
page read and write
1505000
heap
page read and write
7F50000
unkown
page read and write
55BD000
stack
page read and write
18B000
stack
page read and write
279E000
stack
page read and write
F8D000
trusted library allocation
page execute and read and write
C7A000
trusted library allocation
page execute and read and write
EA6000
trusted library allocation
page execute and read and write
7FF5ED9B8000
unkown
page readonly
11B8000
heap
page read and write
AAF2000
unkown
page read and write
E84000
trusted library allocation
page read and write
8740000
unkown
page read and write
3037000
trusted library allocation
page execute and read and write
33C0000
unkown
page read and write
33C0000
unkown
page read and write
2AF4000
trusted library allocation
page read and write
FC0000
heap
page read and write
FBD7000
unkown
page read and write
8D10000
unkown
page read and write
8B60000
unkown
page readonly
8740000
unkown
page read and write
2734000
heap
page read and write
3903000
trusted library allocation
page read and write
3943000
trusted library allocation
page read and write
CA42000
unkown
page read and write
51B5000
trusted library allocation
page read and write
9D64000
unkown
page read and write
A4B8000
unkown
page read and write
30F1000
trusted library allocation
page read and write
C7C5000
unkown
page read and write
30F5000
trusted library allocation
page read and write
38E9000
trusted library allocation
page read and write
3950000
trusted library allocation
page read and write
8D10000
unkown
page read and write
2FBE000
stack
page read and write
4B50000
unkown
page read and write
2E50000
remote allocation
page read and write
8D10000
unkown
page read and write
33C0000
unkown
page read and write
FA0000
trusted library allocation
page read and write
3929000
trusted library allocation
page read and write
135E000
stack
page read and write
40D000
unkown
page readonly
4BE1000
unkown
page read and write
1240000
heap
page read and write
38F9000
trusted library allocation
page read and write
3903000
trusted library allocation
page read and write
8D10000
unkown
page read and write
3401000
trusted library allocation
page read and write
C8B000
trusted library allocation
page execute and read and write
9B000
stack
page read and write
818E000
stack
page read and write
10AF000
stack
page read and write
38E0000
trusted library allocation
page read and write
7FF5ED28E000
unkown
page readonly
8740000
unkown
page read and write
122B000
heap
page read and write
2C20000
trusted library allocation
page read and write
A21E000
stack
page read and write
39E0000
heap
page read and write
FDAE000
unkown
page read and write
89E0000
unkown
page read and write
2B7E000
stack
page read and write
FED000
heap
page read and write
1244000
heap
page read and write
8740000
unkown
page read and write
3160000
unkown
page read and write
5C9C000
trusted library allocation
page read and write
40F1000
trusted library allocation
page read and write
6011000
heap
page read and write
4B93000
unkown
page read and write
1500000
heap
page read and write
660000
unkown
page readonly
48F4000
trusted library allocation
page read and write
3010000
unkown
page read and write
4F6000
stack
page read and write
526F000
stack
page read and write
4AE0000
heap
page read and write
8740000
unkown
page read and write
4B0E000
stack
page read and write
4BC9000
unkown
page read and write
33C0000
unkown
page read and write
38EC000
trusted library allocation
page read and write
F60000
trusted library allocation
page read and write
3918000
trusted library allocation
page read and write
7FF5ED77E000
unkown
page readonly
704000
unkown
page read and write
392E000
trusted library allocation
page read and write
C50A000
unkown
page read and write
FE1000
heap
page read and write
7FF5ED68C000
unkown
page readonly
76C0000
unkown
page read and write
14DA000
heap
page read and write
125F000
heap
page read and write
2F6D000
stack
page read and write
7D53000
unkown
page read and write
662000
unkown
page readonly
3200000
heap
page read and write
7FF5ED52F000
unkown
page readonly
48F0000
trusted library allocation
page read and write
42E000
unkown
page readonly
42A000
unkown
page read and write
8D10000
unkown
page read and write
8740000
unkown
page read and write
11DB000
trusted library allocation
page execute and read and write
2C50000
direct allocation
page execute and read and write
2E6E000
stack
page read and write
4EC0000
trusted library allocation
page read and write
42D000
unkown
page read and write
1130000
heap
page execute and read and write
7E70000
unkown
page read and write
9875000
unkown
page read and write
5B8E000
stack
page read and write
FA94000
unkown
page read and write
1256000
heap
page read and write
122A000
heap
page read and write
41F000
unkown
page readonly
38F5000
trusted library allocation
page read and write
57BF000
stack
page read and write
33C0000
unkown
page read and write
8740000
unkown
page read and write
48D1000
trusted library allocation
page read and write
F06000
heap
page read and write
15EA000
trusted library allocation
page execute and read and write
3910000
trusted library allocation
page read and write
39D1000
trusted library allocation
page read and write
2D9E000
stack
page read and write
2B43000
trusted library allocation
page read and write
35A0000
unkown
page readonly
3D47000
trusted library allocation
page read and write
CB6E000
unkown
page read and write
8D10000
unkown
page read and write
4E95000
trusted library allocation
page read and write
36F0000
unkown
page readonly
9C000
stack
page read and write
716000
heap
page read and write
7DD0000
unkown
page read and write
5789000
trusted library allocation
page read and write
7847000
unkown
page read and write
7DD0000
unkown
page read and write
1272000
heap
page read and write
D4B000
stack
page read and write
1230000
trusted library allocation
page read and write
7FF5ED803000
unkown
page readonly
563C000
trusted library allocation
page read and write
2B1D000
trusted library allocation
page read and write
33C0000
unkown
page read and write
7FF5ED6DB000
unkown
page readonly
786B000
unkown
page read and write
10F6000
stack
page read and write
30D9000
trusted library allocation
page read and write
123A000
heap
page read and write
8740000
unkown
page read and write
3A38000
trusted library allocation
page read and write
124C000
heap
page read and write
2FDC000
trusted library allocation
page read and write
1390000
unkown
page read and write
5590000
unkown
page write copy
7FF5EDA69000
unkown
page readonly
38FB000
trusted library allocation
page read and write
11A3000
heap
page read and write
7E70000
unkown
page read and write
2D06000
trusted library allocation
page read and write
7DD0000
unkown
page read and write
50FE000
stack
page read and write
A01B000
stack
page read and write
1257000
heap
page read and write
2DEE000
stack
page read and write
7DD0000
unkown
page read and write
2320000
heap
page read and write
C6E3000
unkown
page read and write
7FF5ED7E9000
unkown
page readonly
7FF5ED418000
unkown
page readonly
2E70000
direct allocation
page execute and read and write
7DD0000
unkown
page read and write
8000000
unkown
page read and write
7D20000
unkown
page readonly
8D10000
unkown
page read and write
7FF5ED451000
unkown
page readonly
1500000
heap
page read and write
EC8000
heap
page read and write
C503000
unkown
page read and write
EA2000
trusted library allocation
page read and write
7DD0000
unkown
page read and write
8D10000
unkown
page read and write
7FF5ED850000
unkown
page readonly
3943000
trusted library allocation
page read and write
5651000
trusted library allocation
page read and write
5FE0000
heap
page read and write
4BA6000
unkown
page read and write
33C0000
unkown
page read and write
FBDC000
unkown
page read and write
8D10000
unkown
page read and write
8740000
unkown
page read and write
1058000
heap
page read and write
37F6000
unkown
page read and write
B82A000
stack
page read and write
390B000
trusted library allocation
page read and write
456E000
stack
page read and write
7DD0000
unkown
page read and write
9AB0000
heap
page read and write
4ED0000
heap
page read and write
8D10000
unkown
page read and write
AF8D000
stack
page read and write
7FF5ED674000
unkown
page readonly
4BFA000
trusted library allocation
page read and write
8780000
unkown
page read and write
7A8000
heap
page read and write
11203000
unkown
page read and write
8740000
unkown
page read and write
987B000
unkown
page read and write
7FF5ED818000
unkown
page readonly
A433000
unkown
page read and write
4EA0000
trusted library allocation
page read and write
3070000
heap
page execute and read and write
391D000
trusted library allocation
page read and write
11B8000
heap
page read and write
2350000
trusted library allocation
page read and write
3AB0000
trusted library allocation
page read and write
11202000
unkown
page read and write
986F000
unkown
page read and write
A5B000
stack
page read and write
33C0000
unkown
page read and write
B190000
unkown
page read and write
7FF5EDA70000
unkown
page readonly
4C50000
heap
page execute and read and write
176F000
stack
page read and write
2EDE000
heap
page read and write
38ED000
trusted library allocation
page read and write
7FF5ED1BC000
unkown
page readonly
8EF0000
unkown
page read and write
4E55000
trusted library allocation
page read and write
1250000
heap
page read and write
8EF0000
unkown
page read and write
1F0000
heap
page read and write
FBD0000
unkown
page read and write
A375000
unkown
page read and write
FB0000
trusted library allocation
page read and write
1246000
heap
page read and write
7FF5ED928000
unkown
page readonly
E57000
trusted library allocation
page execute and read and write
7FF5ED4B0000
unkown
page readonly
19A000
stack
page read and write
2B22000
trusted library allocation
page read and write
1247000
heap
page read and write
7FF5EDA08000
unkown
page readonly
1255000
heap
page read and write
7FF5ED93B000
unkown
page readonly
A3BE000
unkown
page read and write
11A8000
heap
page read and write
8D10000
unkown
page read and write
5490000
unkown
page readonly
636000
heap
page read and write
7DF4F3031000
unkown
page execute read
1801000
trusted library allocation
page read and write
DF0000
heap
page read and write
7865000
unkown
page read and write
1120F000
unkown
page read and write
8D10000
unkown
page read and write
4A40000
trusted library allocation
page read and write
1240000
heap
page read and write
3911000
trusted library allocation
page read and write
91B9000
stack
page read and write
11202000
unkown
page read and write
EBB000
trusted library allocation
page execute and read and write
CA63000
unkown
page read and write
5720000
trusted library allocation
page read and write
39E1000
trusted library allocation
page read and write
408000
unkown
page readonly
7FF5ED9FF000
unkown
page readonly
7F50000
unkown
page read and write
7FF5ED975000
unkown
page readonly
F9A000
trusted library allocation
page execute and read and write
7FF5ED295000
unkown
page readonly
B150000
unkown
page read and write
4BAE000
stack
page read and write
C08A000
stack
page read and write
8D10000
unkown
page read and write
3003000
trusted library allocation
page execute and read and write
F26000
heap
page read and write
C561000
unkown
page read and write
38E5000
trusted library allocation
page read and write
33C0000
unkown
page read and write
391B000
trusted library allocation
page read and write
51A1000
trusted library allocation
page read and write
C41F000
stack
page read and write
7E70000
unkown
page read and write
5640000
trusted library allocation
page read and write
FBD000
trusted library allocation
page execute and read and write
19D000
stack
page read and write
7DD0000
unkown
page read and write
FA3000
trusted library allocation
page execute and read and write
7FF5ED33F000
unkown
page readonly
2AE5000
trusted library allocation
page read and write
3010000
stack
page read and write
4E5F000
stack
page read and write
5557000
stack
page read and write
59EE000
stack
page read and write
BDC0000
unkown
page readonly
56D9000
unkown
page readonly
7FF5ED735000
unkown
page readonly
8D10000
unkown
page read and write
AA90000
unkown
page read and write
DEE000
stack
page read and write
11202000
unkown
page read and write
8D10000
unkown
page read and write
7FF5ED4EF000
unkown
page readonly
8780000
unkown
page read and write
7F50000
unkown
page read and write
7FF5ED279000
unkown
page readonly
4E92000
trusted library allocation
page read and write
33C0000
unkown
page read and write
8740000
unkown
page read and write
3160000
unkown
page read and write
E40000
heap
page read and write
CA7C000
unkown
page read and write
2F4E000
trusted library allocation
page read and write
9E6C000
stack
page read and write
7FF5ED39E000
unkown
page readonly
3911000
trusted library allocation
page read and write
7FF5ED97E000
unkown
page readonly
1255000
heap
page read and write
21B0000
trusted library allocation
page read and write
7FF5ED1CB000
unkown
page readonly
7D00000
unkown
page readonly
11B8000
heap
page read and write
2E80000
heap
page read and write
87BB000
stack
page read and write
39E7000
trusted library allocation
page read and write
8740000
unkown
page read and write
3010000
unkown
page read and write
46D2000
trusted library allocation
page read and write
8D10000
unkown
page read and write
38F4000
trusted library allocation
page read and write
1120C000
unkown
page read and write
7FF5ED505000
unkown
page readonly
621E000
stack
page read and write
125F000
heap
page read and write
4E81000
trusted library allocation
page read and write
1696000
trusted library allocation
page read and write
8740000
unkown
page read and write
1232000
heap
page read and write
33C0000
unkown
page read and write
7FF5ED9CA000
unkown
page readonly
7FF5ED5CE000
unkown
page readonly
8D10000
unkown
page read and write
7FF5ED5C5000
unkown
page readonly
11D0000
trusted library allocation
page read and write
7FF5ED8FF000
unkown
page readonly
3915000
trusted library allocation
page read and write
7DD0000
unkown
page read and write
3935000
trusted library allocation
page read and write
5194000
trusted library allocation
page read and write
CA20000
unkown
page read and write
5A5E000
stack
page read and write
8D10000
unkown
page read and write
A479000
unkown
page read and write
97D4000
unkown
page read and write
C6CF000
unkown
page read and write
38E8000
trusted library allocation
page read and write
122F000
heap
page read and write
33C0000
unkown
page read and write
3936000
trusted library allocation
page read and write
5803000
heap
page execute and read and write
670000
heap
page read and write
97C3000
unkown
page read and write
125F000
heap
page read and write
7FF5ED62F000
unkown
page readonly
19D000
stack
page read and write
31DE000
stack
page read and write
1160000
heap
page read and write
8D10000
unkown
page read and write
4870000
heap
page read and write
2C7C000
heap
page execute and read and write
7FF5ED471000
unkown
page readonly
7F40000
unkown
page readonly
7FF5ED5A8000
unkown
page readonly
7FF5ED8C6000
unkown
page readonly
8D10000
unkown
page read and write
15C0000
trusted library allocation
page read and write
7FF5ED9C8000
unkown
page readonly
A50B000
unkown
page read and write
8740000
unkown
page read and write
7FF5ED692000
unkown
page readonly
158F000
stack
page read and write
30AE000
stack
page read and write
7E70000
unkown
page read and write
FD8C000
unkown
page read and write
4C10000
heap
page execute and read and write
8780000
unkown
page read and write
DB0000
heap
page read and write
14FE000
stack
page read and write
30E0000
heap
page execute and read and write
8D10000
unkown
page read and write
7CC0000
unkown
page readonly
7DF4F3051000
unkown
page execute read
7FF5ED1CF000
unkown
page readonly
494E000
stack
page read and write
7FF5ED9D9000
unkown
page readonly
7FF5ED59E000
unkown
page readonly
72E000
stack
page read and write
8740000
unkown
page read and write
1640000
trusted library allocation
page read and write
FBD3000
unkown
page read and write
33C0000
unkown
page read and write
FD86000
unkown
page read and write
BAF9000
stack
page read and write
8BF0000
unkown
page readonly
7FF5ED933000
unkown
page readonly
33C0000
unkown
page read and write
987F000
unkown
page read and write
5A1E000
stack
page read and write
1247000
heap
page read and write
51C1000
trusted library allocation
page read and write
7FF5ED9C6000
unkown
page readonly
3928000
trusted library allocation
page read and write
4E4E000
stack
page read and write
33C0000
unkown
page read and write
F96000
trusted library allocation
page execute and read and write
392B000
trusted library allocation
page read and write
9A10000
unkown
page read and write
AF6000
stack
page read and write
7FF5ED86B000
unkown
page readonly
773000
trusted library allocation
page execute and read and write
1150000
heap
page read and write
38EA000
trusted library allocation
page read and write
7FF5ED781000
unkown
page readonly
3D41000
trusted library allocation
page read and write
7FF5ED942000
unkown
page readonly
329F000
stack
page read and write
1F0000
heap
page read and write
1170000
heap
page read and write
7FF5ED342000
unkown
page readonly
3010000
unkown
page read and write
8740000
unkown
page read and write
33C0000
unkown
page read and write
3935000
trusted library allocation
page read and write
3CB7000
trusted library allocation
page read and write
38FB000
trusted library allocation
page read and write
7DD0000
unkown
page read and write
33C0000
unkown
page read and write
8740000
unkown
page read and write
37A8000
unkown
page read and write
37D2000
unkown
page read and write
739000
stack
page read and write
8FE000
stack
page read and write
2D2B000
trusted library allocation
page read and write
1255000
heap
page read and write
11B3000
heap
page read and write
AAFC000
unkown
page read and write
3160000
unkown
page read and write
8D10000
unkown
page read and write
7CE0000
unkown
page read and write
8740000
unkown
page read and write
E90000
heap
page read and write
500E000
stack
page read and write
2B04000
trusted library allocation
page read and write
16A0000
trusted library allocation
page read and write
8740000
unkown
page read and write
400000
unkown
page execute and read and write
B6A0000
heap
page read and write
6B9000
heap
page read and write
7FF5ED8E2000
unkown
page readonly
38E5000
trusted library allocation
page read and write
9138000
stack
page read and write
1250000
trusted library allocation
page read and write
392C000
trusted library allocation
page read and write
7DF4F3071000
unkown
page execute read
CA7000
heap
page read and write
8740000
unkown
page read and write
5770000
trusted library allocation
page read and write
A29E000
stack
page read and write
15DF000
stack
page read and write
1260000
heap
page read and write
8D10000
unkown
page read and write
6261000
unkown
page readonly
2ED0000
heap
page read and write
2AF0000
heap
page execute and read and write
33C0000
unkown
page read and write
29D5000
trusted library allocation
page read and write
3903000
trusted library allocation
page read and write
8D10000
unkown
page read and write
7F50000
unkown
page read and write
C84D000
unkown
page read and write
4BF0000
trusted library allocation
page read and write
7F50000
unkown
page read and write
7FF5ED87D000
unkown
page readonly
42A1000
trusted library allocation
page read and write
8D10000
unkown
page read and write
7DD0000
unkown
page read and write
37B0000
unkown
page read and write
8740000
unkown
page read and write
B1E000
heap
page read and write
1444000
trusted library allocation
page read and write
8740000
unkown
page read and write
DEF000
stack
page read and write
2B08000
trusted library allocation
page read and write
7FF5ED602000
unkown
page readonly
11CA000
trusted library allocation
page execute and read and write
8740000
unkown
page read and write
3923000
trusted library allocation
page read and write
784A000
unkown
page read and write
7FF5ED476000
unkown
page readonly
760000
heap
page read and write
1430000
heap
page read and write
3900000
trusted library allocation
page read and write
124C000
heap
page read and write
1490000
trusted library allocation
page read and write
7FF5ED4C2000
unkown
page readonly
3B50000
trusted library allocation
page read and write
A33E000
unkown
page read and write
C4D0000
unkown
page read and write
564E000
trusted library allocation
page read and write
1780000
heap
page read and write
9881000
unkown
page read and write
11B0000
heap
page read and write
3961000
trusted library allocation
page read and write
7FF5ED50A000
unkown
page readonly
8710000
unkown
page readonly
1620000
trusted library allocation
page execute and read and write
1498000
heap
page read and write
DD0000
unkown
page readonly
7FF5ED74A000
unkown
page readonly
7FF5ED821000
unkown
page readonly
B60000
heap
page read and write
574E000
trusted library allocation
page read and write
37F2000
unkown
page read and write
125F000
heap
page read and write
14A0000
heap
page read and write
8740000
unkown
page read and write
8D10000
unkown
page read and write
8730000
unkown
page read and write
8A7000
trusted library allocation
page execute and read and write
8D10000
unkown
page read and write
7F50000
unkown
page read and write
1F0000
heap
page read and write
7F30000
unkown
page read and write
125B000
heap
page read and write
400000
unkown
page readonly
38E8000
trusted library allocation
page read and write
42D000
unkown
page read and write
C6F8000
unkown
page read and write
1440000
heap
page read and write
B48000
heap
page read and write
8D10000
unkown
page read and write
553F000
stack
page read and write
57C0000
trusted library allocation
page read and write
2961000
trusted library allocation
page read and write
1240000
heap
page read and write
CC0000
heap
page read and write
11B8000
heap
page read and write
F70000
heap
page read and write
11B0000
heap
page read and write
1220000
heap
page read and write
56AE000
stack
page read and write
7FF5ED409000
unkown
page readonly
3903000
trusted library allocation
page read and write
E20000
trusted library allocation
page read and write
395A000
trusted library allocation
page read and write
2FC0000
trusted library allocation
page read and write
647000
heap
page read and write
8D10000
unkown
page read and write
51E6000
trusted library allocation
page read and write
8D10000
unkown
page read and write
7FF5ED779000
unkown
page readonly
8740000
unkown
page read and write
3903000
trusted library allocation
page read and write
2B30000
heap
page execute and read and write
C0E000
stack
page read and write
780000
heap
page read and write
38E1000
trusted library allocation
page read and write
8740000
unkown
page read and write
7FF5ED433000
unkown
page readonly
7FF5ED5EB000
unkown
page readonly
7FF5ED81B000
unkown
page readonly
C89C000
unkown
page read and write
8740000
unkown
page read and write
73F000
stack
page read and write
1220000
unkown
page readonly
3407000
trusted library allocation
page read and write
7FF5EDA76000
unkown
page readonly
8EF0000
unkown
page read and write
1340000
heap
page read and write
2E2F000
stack
page read and write
3903000
trusted library allocation
page read and write
4F23000
trusted library allocation
page read and write
9815000
unkown
page read and write
33C0000
unkown
page read and write
3795000
unkown
page read and write
7FF5ED695000
unkown
page readonly
391D000
trusted library allocation
page read and write
5870000
heap
page read and write
1450000
heap
page read and write
8740000
unkown
page read and write
7FF5ED9CC000
unkown
page readonly
1244000
heap
page read and write
2E60000
heap
page read and write
33C0000
unkown
page read and write
8D10000
unkown
page read and write
3917000
trusted library allocation
page read and write
33C0000
unkown
page read and write
9977000
unkown
page read and write
7FF5ED867000
unkown
page readonly
8D10000
unkown
page read and write
A4AE000
unkown
page read and write
AAD1000
unkown
page read and write
7FF5ED7D6000
unkown
page readonly
FAF000
stack
page read and write
608E000
heap
page read and write
8740000
unkown
page read and write
11B8000
heap
page read and write
797D000
unkown
page read and write
7DD0000
unkown
page read and write
4871000
heap
page read and write
2F46000
trusted library allocation
page read and write
38EA000
trusted library allocation
page read and write
785B000
unkown
page read and write
7869000
unkown
page read and write
53D0000
trusted library allocation
page read and write
3903000
trusted library allocation
page read and write
1210000
unkown
page readonly
40A000
unkown
page write copy
13EE000
stack
page read and write
38F9000
trusted library allocation
page read and write
F80000
trusted library allocation
page read and write
391B000
trusted library allocation
page read and write
7857000
unkown
page read and write
3700000
unkown
page read and write
11A8000
heap
page read and write
1360000
heap
page read and write
7FF5ED9AE000
unkown
page readonly
40F7000
trusted library allocation
page read and write
8740000
unkown
page read and write
8720000
unkown
page readonly
C90000
heap
page read and write
38FA000
trusted library allocation
page read and write
3010000
unkown
page read and write
690000
heap
page read and write
5BD0000
unkown
page readonly
EF6000
trusted library allocation
page read and write
7FF5ED39B000
unkown
page readonly
750000
trusted library allocation
page read and write
1257000
heap
page read and write
2BF0000
trusted library allocation
page read and write
1510000
unkown
page readonly
F00000
heap
page read and write
3748000
unkown
page read and write
45B000
unkown
page readonly
A379000
unkown
page read and write
11B8000
heap
page read and write
1260000
trusted library allocation
page read and write
392A000
trusted library allocation
page read and write
11B8000
heap
page read and write
53BC000
trusted library allocation
page read and write
8780000
unkown
page read and write
3961000
trusted library allocation
page read and write
5634000
trusted library allocation
page read and write
7DD0000
unkown
page read and write
3427000
trusted library allocation
page read and write
8D10000
unkown
page read and write
1259000
heap
page read and write
38FC000
trusted library allocation
page read and write
8D10000
unkown
page read and write
391B000
trusted library allocation
page read and write
2E50000
remote allocation
page read and write
8D10000
unkown
page read and write
7884000
unkown
page read and write
14C4000
heap
page read and write
E66000
heap
page read and write
125B000
heap
page read and write
8D10000
unkown
page read and write
38EA000
trusted library allocation
page read and write
C893000
unkown
page read and write
C52C000
unkown
page read and write
906E000
stack
page read and write
33C0000
heap
page execute and read and write
2AE0000
trusted library allocation
page read and write
8740000
unkown
page read and write
41F000
unkown
page readonly
8D10000
unkown
page read and write
393F000
trusted library allocation
page read and write
31F7000
trusted library allocation
page read and write
7F50000
unkown
page read and write
51A7000
trusted library allocation
page read and write
2B68000
trusted library allocation
page read and write
FA1B000
unkown
page read and write
1271000
heap
page read and write
98A8000
unkown
page read and write
394B000
trusted library allocation
page read and write
D72000
stack
page read and write
C10000
heap
page read and write
33C0000
unkown
page read and write
982D000
unkown
page read and write
EE0000
trusted library allocation
page execute and read and write
7FF5ED412000
unkown
page readonly
33C0000
unkown
page read and write
C6F2000
unkown
page read and write
60E000
stack
page read and write
883E000
stack
page read and write
33C0000
unkown
page read and write
7FF5ED46E000
unkown
page readonly
8750000
unkown
page read and write
14C8000
heap
page read and write
7DD0000
unkown
page read and write
EEE000
stack
page read and write
B10000
heap
page read and write
EB2000
trusted library allocation
page read and write
5751000
trusted library allocation
page read and write
5210000
trusted library allocation
page read and write
51E4000
trusted library allocation
page read and write
8D10000
unkown
page read and write
C57F000
unkown
page read and write
C51E000
unkown
page read and write
29D1000
trusted library allocation
page read and write
1120B000
unkown
page read and write
7FF5ED8AC000
unkown
page readonly
153A000
heap
page read and write
4ED4000
heap
page read and write
3965000
trusted library allocation
page read and write
56D9000
unkown
page read and write
6E0000
heap
page read and write
FDA4000
unkown
page read and write
8D10000
unkown
page read and write
1230000
unkown
page read and write
8780000
unkown
page read and write
7E70000
unkown
page read and write
8750000
unkown
page read and write
125B000
heap
page read and write
7D40000
unkown
page read and write
8D10000
unkown
page read and write
7FF5ED7F1000
unkown
page readonly
7DD0000
unkown
page read and write
A11F000
stack
page read and write
1370000
heap
page read and write
3903000
trusted library allocation
page read and write
97AD000
unkown
page read and write
8EF0000
unkown
page read and write
4A45000
trusted library allocation
page read and write
10FA000
stack
page read and write
3900000
trusted library allocation
page read and write
7E70000
unkown
page read and write
7DD0000
unkown
page read and write
2257000
trusted library allocation
page read and write
7DE000
stack
page read and write
33C0000
unkown
page read and write
390C000
trusted library allocation
page read and write
2BE4000
unkown
page readonly
770000
trusted library allocation
page read and write
BA8000
heap
page read and write
120E000
stack
page read and write
3B3E000
stack
page read and write
13E0000
heap
page read and write
2C6E000
heap
page read and write
5190000
trusted library allocation
page read and write
11CD000
heap
page read and write
5A0E000
stack
page read and write
15F7000
trusted library allocation
page execute and read and write
36D3000
stack
page read and write
2CAE000
stack
page read and write
7FF5ED404000
unkown
page readonly
2FDA000
trusted library allocation
page read and write
7DD0000
unkown
page read and write
124C000
heap
page read and write
3A00000
trusted library allocation
page read and write
33C0000
unkown
page read and write
4A30000
trusted library allocation
page read and write
C92D000
unkown
page read and write
11E6000
heap
page read and write
8740000
unkown
page read and write
1230000
heap
page read and write
EB7000
trusted library allocation
page execute and read and write
3738000
unkown
page read and write
7DD0000
unkown
page read and write
4E64000
trusted library allocation
page read and write
8740000
unkown
page read and write
33B0000
trusted library allocation
page read and write
79FB000
unkown
page read and write
1694000
trusted library allocation
page read and write
7DD0000
unkown
page read and write
2CB1000
trusted library allocation
page read and write
8D10000
unkown
page read and write
C76000
trusted library allocation
page execute and read and write
11207000
unkown
page read and write
C50000
trusted library allocation
page read and write
5734000
trusted library allocation
page read and write
8D10000
unkown
page read and write
7DF4F3061000
unkown
page execute read
7E70000
unkown
page read and write
A364000
unkown
page read and write
7DD0000
unkown
page read and write
DDC000
heap
page read and write
7978000
unkown
page read and write
1380000
heap
page read and write
7FF5ED8F9000
unkown
page readonly
8D10000
unkown
page read and write
8208000
stack
page read and write
11CD000
heap
page read and write
1450000
trusted library allocation
page read and write
7DD0000
unkown
page read and write
57F0000
heap
page read and write
7FF5ED844000
unkown
page readonly
C5B000
stack
page read and write
8D10000
unkown
page read and write
1454000
trusted library allocation
page read and write
4BEE000
stack
page read and write
8D10000
unkown
page read and write
3903000
trusted library allocation
page read and write
2CC0000
heap
page read and write
1451000
unkown
page readonly
33C0000
unkown
page read and write
30C0000
trusted library allocation
page read and write
979C000
unkown
page read and write
DEE000
stack
page read and write
392A000
trusted library allocation
page read and write
566E000
stack
page read and write
1083000
heap
page read and write
4C60000
unkown
page read and write
7FF5D1CCD000
unkown
page readonly
E80000
trusted library allocation
page read and write
7DD0000
unkown
page read and write
125C000
heap
page read and write
8D10000
unkown
page read and write
2E2D000
stack
page read and write
2C30000
heap
page read and write
11CD000
heap
page read and write
33C0000
unkown
page read and write
395A000
trusted library allocation
page read and write
7FF5ED2A4000
unkown
page readonly
A327000
unkown
page read and write
33B9000
stack
page read and write
7FF5ED8B4000
unkown
page readonly
32A1000
trusted library allocation
page read and write
943E000
stack
page read and write
4F20000
trusted library allocation
page read and write
30CF000
stack
page read and write
38DE000
stack
page read and write
53DE000
stack
page read and write
2BF0000
heap
page read and write
A491000
unkown
page read and write
27D0000
heap
page execute and read and write
147B000
trusted library allocation
page execute and read and write
2BD0000
heap
page read and write
C60000
trusted library allocation
page read and write
7FF5ED48A000
unkown
page readonly
5163000
heap
page execute and read and write
11200000
unkown
page read and write
1435000
heap
page read and write
1480000
heap
page read and write
8740000
unkown
page read and write
1410000
heap
page read and write
8740000
unkown
page read and write
5186000
trusted library allocation
page read and write
390B000
trusted library allocation
page read and write
15E0000
trusted library allocation
page read and write
3D5D000
trusted library allocation
page read and write
7FF5ED4C6000
unkown
page readonly
785F000
unkown
page read and write
E17000
heap
page read and write
2D3E000
stack
page read and write
1120D000
unkown
page read and write
B08D000
stack
page read and write
4F25000
trusted library allocation
page read and write
1342000
heap
page read and write
5916000
unkown
page readonly
1246000
heap
page read and write
3978000
trusted library allocation
page read and write
10C01000
unkown
page read and write
EB5000
trusted library allocation
page execute and read and write
99F000
stack
page read and write
3962000
trusted library allocation
page read and write
57E0000
trusted library allocation
page read and write
77D000
trusted library allocation
page execute and read and write
7FF5ED77C000
unkown
page readonly
2901000
trusted library allocation
page read and write
3121000
trusted library allocation
page read and write
E00000
heap
page read and write
8780000
unkown
page read and write
3090000
heap
page read and write
246F000
stack
page read and write
8D10000
unkown
page read and write
7F2E000
stack
page read and write
33C0000
unkown
page read and write
7FF5ED534000
unkown
page readonly
C512000
unkown
page read and write
7FF5ED937000
unkown
page readonly
7DD0000
unkown
page read and write
E4A000
trusted library allocation
page execute and read and write
168E000
stack
page read and write
8740000
unkown
page read and write
31AF000
stack
page read and write
7FF5ED1F4000
unkown
page readonly
308A000
stack
page read and write
CA0000
heap
page read and write
125C000
heap
page read and write
38E5000
trusted library allocation
page read and write
118A000
heap
page read and write
1490000
heap
page read and write
4BA1000
heap
page read and write
7C90000
unkown
page read and write
2F4B000
trusted library allocation
page read and write
3903000
trusted library allocation
page read and write
1420000
trusted library allocation
page read and write
392C000
trusted library allocation
page read and write
AF0B000
stack
page read and write
14DE000
stack
page read and write
7E70000
unkown
page read and write
CE4000
unkown
page readonly
8D10000
unkown
page read and write
30B0000
trusted library allocation
page read and write
390C000
trusted library allocation
page read and write
394B000
trusted library allocation
page read and write
392F000
trusted library allocation
page read and write
8D10000
unkown
page read and write
7FF5ED849000
unkown
page readonly
E10000
trusted library allocation
page read and write
7FF5ED9F2000
unkown
page readonly
143B000
stack
page read and write
AAF6000
unkown
page read and write
3903000
trusted library allocation
page read and write
8D10000
unkown
page read and write
11B2000
heap
page read and write
390B000
trusted library allocation
page read and write
40B000
unkown
page execute read
126F000
heap
page read and write
3903000
trusted library allocation
page read and write
57E5000
trusted library allocation
page read and write
C544000
unkown
page read and write
17B0000
trusted library allocation
page execute and read and write
4F1E000
stack
page read and write
E01000
heap
page read and write
8D10000
unkown
page read and write
8740000
unkown
page read and write
4E78000
trusted library allocation
page read and write
9883000
unkown
page read and write
28E7000
trusted library allocation
page read and write
89C0000
unkown
page read and write
7FF5ED9E1000
unkown
page readonly
8D10000
unkown
page read and write
7AD000
heap
page read and write
7FF5ED956000
unkown
page readonly
5A70000
heap
page execute and read and write
390C000
trusted library allocation
page read and write
4CE0000
unkown
page read and write
7DD0000
unkown
page read and write
43C000
stack
page read and write
7FF5ED939000
unkown
page readonly
8740000
unkown
page read and write
4E74000
trusted library allocation
page read and write
401000
unkown
page execute read
FBD0000
unkown
page read and write
8D10000
unkown
page read and write
E2D000
trusted library allocation
page execute and read and write
7E70000
unkown
page read and write
57C5000
trusted library allocation
page read and write
7FF5ED586000
unkown
page readonly
2BE4000
unkown
page readonly
F73000
trusted library allocation
page execute and read and write
8EF0000
unkown
page read and write
7695000
stack
page read and write
7FF5ED71B000
unkown
page readonly
3955000
trusted library allocation
page read and write
3903000
trusted library allocation
page read and write
33C0000
unkown
page read and write
3758000
unkown
page read and write
390F000
trusted library allocation
page read and write
8D10000
unkown
page read and write
3010000
unkown
page read and write
8D10000
unkown
page read and write
135F000
stack
page read and write
1255000
heap
page read and write
7DD0000
unkown
page read and write
1248000
heap
page read and write
FD71000
unkown
page read and write
3932000
trusted library allocation
page read and write
1360000
heap
page read and write
C4A0000
unkown
page read and write
422000
unkown
page read and write
3928000
trusted library allocation
page read and write
1211000
trusted library allocation
page read and write
2BA0000
heap
page read and write
8740000
unkown
page read and write
9798000
unkown
page read and write
7950000
unkown
page read and write
8740000
unkown
page read and write
400000
unkown
page readonly
401000
unkown
page execute read
7FF5ED91A000
unkown
page readonly
7DD0000
unkown
page read and write
8740000
unkown
page read and write
8D0E000
stack
page read and write
3928000
trusted library allocation
page read and write
7E70000
unkown
page read and write
1807000
trusted library allocation
page read and write
35D0000
unkown
page read and write
3943000
trusted library allocation
page read and write
53D7000
trusted library allocation
page read and write
5CE0000
trusted library allocation
page execute and read and write
30C6000
trusted library allocation
page read and write
3AB8000
trusted library allocation
page read and write
33C0000
unkown
page read and write
7DD0000
unkown
page read and write
7F50000
unkown
page read and write
7FF5ED660000
unkown
page readonly
38FB000
trusted library allocation
page read and write
7E70000
unkown
page read and write
8D10000
unkown
page read and write
7FF5ED3DA000
unkown
page readonly
395A000
trusted library allocation
page read and write
2B0E000
trusted library allocation
page read and write
7FF5ED9BE000
unkown
page readonly
7FF5ED73D000
unkown
page readonly
7FF5ED750000
unkown
page readonly
5A00000
heap
page execute and read and write
11B8000
heap
page read and write
1277000
trusted library allocation
page execute and read and write
E5B000
trusted library allocation
page execute and read and write
1232000
heap
page read and write
1230000
heap
page read and write
53F0000
trusted library allocation
page read and write
2789000
heap
page read and write
8D10000
unkown
page read and write
11B8000
heap
page read and write
38FB000
trusted library allocation
page read and write
E70000
heap
page read and write
1244000
heap
page read and write
7E70000
unkown
page read and write
7867000
unkown
page read and write
4A0D000
stack
page read and write
8D10000
unkown
page read and write
7FF5ED996000
unkown
page readonly
B640000
unkown
page read and write
EA0000
trusted library allocation
page read and write
7F50000
unkown
page read and write
7FF5EDA0B000
unkown
page readonly
7861000
unkown
page read and write
8740000
unkown
page read and write
394B000
trusted library allocation
page read and write
422000
unkown
page read and write
8D10000
unkown
page read and write
2240000
trusted library allocation
page execute and read and write
986B000
unkown
page read and write
33C0000
unkown
page read and write
EEB000
stack
page read and write
A310000
unkown
page read and write
4E50000
trusted library allocation
page read and write
8210000
unkown
page read and write
1690000
trusted library allocation
page read and write
1217000
trusted library allocation
page read and write
8D10000
unkown
page read and write
B22B000
stack
page read and write
422000
unkown
page write copy
C10A000
stack
page read and write
7F50000
unkown
page read and write
2F61000
trusted library allocation
page read and write
116A000
heap
page read and write
7FF5ED625000
unkown
page readonly
33C0000
unkown
page read and write
7FF5ED7CF000
unkown
page readonly
7B80000
unkown
page read and write
1231000
heap
page read and write
122B000
heap
page read and write
2F7F000
stack
page read and write
2D41000
trusted library allocation
page read and write
FD8000
heap
page read and write
7DC1000
unkown
page read and write
7FF5ED4A1000
unkown
page readonly
12D6000
heap
page read and write
B8AB000
stack
page read and write
A4AB000
unkown
page read and write
4C4B000
unkown
page read and write
33D0000
unkown
page readonly
7FF5ED7DB000
unkown
page readonly
8740000
unkown
page read and write
2AF0000
trusted library allocation
page read and write
53B0000
trusted library allocation
page read and write
38F4000
trusted library allocation
page read and write
4C50000
unkown
page read and write
7FF5ED55F000
unkown
page readonly
33C0000
unkown
page read and write
7FF5ED9D6000
unkown
page readonly
7FF5ED806000
unkown
page readonly
5195000
trusted library allocation
page read and write
7C80000
unkown
page read and write
2AFB000
trusted library allocation
page read and write
7DF4F3030000
unkown
page readonly
115D000
heap
page read and write
7FF5ED93E000
unkown
page readonly
5789000
trusted library allocation
page read and write
C6BF000
unkown
page read and write
3CC2000
trusted library allocation
page read and write
3935000
trusted library allocation
page read and write
3903000
trusted library allocation
page read and write
B728000
stack
page read and write
7FF5ED503000
unkown
page readonly
8D10000
unkown
page read and write
2C15000
trusted library allocation
page read and write
3918000
trusted library allocation
page read and write
393D000
trusted library allocation
page read and write
17FE000
stack
page read and write
120C000
heap
page read and write
69E000
stack
page read and write
A32A000
unkown
page read and write
8740000
unkown
page read and write
B56000
stack
page read and write
12D0000
heap
page read and write
8D10000
unkown
page read and write
7FF5ED265000
unkown
page readonly
37F9000
unkown
page read and write
8D10000
unkown
page read and write
3220000
unkown
page readonly
53AE000
stack
page read and write
3962000
trusted library allocation
page read and write
33D1000
trusted library allocation
page read and write
8BEE000
stack
page read and write
C40000
trusted library allocation
page read and write
6B0000
heap
page read and write
302E000
stack
page read and write
8D10000
unkown
page read and write
8D10000
unkown
page read and write
B170000
unkown
page readonly
7FF5EDA14000
unkown
page readonly
5A4E000
stack
page read and write
8D10000
unkown
page read and write
8A6E000
stack
page read and write
716000
heap
page read and write
2F40000
trusted library allocation
page read and write
436000
unkown
page readonly
11206000
unkown
page read and write
8740000
unkown
page read and write
C6F4000
unkown
page read and write
58BE000
stack
page read and write
1259000
heap
page read and write
4830000
unclassified section
page read and write
DF0000
heap
page read and write
8740000
unkown
page read and write
124D000
stack
page read and write
31E0000
trusted library allocation
page execute and read and write
48C0000
trusted library allocation
page read and write
8D10000
unkown
page read and write
33C0000
unkown
page read and write
C5A0000
unkown
page read and write
11EC000
heap
page read and write
446000
unkown
page readonly
7FF5ED990000
unkown
page readonly
B54000
heap
page read and write
3160000
unkown
page read and write
3CB1000
trusted library allocation
page read and write
33C0000
unkown
page read and write
33C0000
unkown
page read and write
125B000
heap
page read and write
8D10000
unkown
page read and write
53BE000
trusted library allocation
page read and write
7DD0000
unkown
page read and write
38FC000
trusted library allocation
page read and write
14B0000
unkown
page readonly
309E000
stack
page read and write
8740000
unkown
page read and write
38FC000
trusted library allocation
page read and write
3319000
stack
page read and write
7859000
unkown
page read and write
33C0000
unkown
page read and write
562F000
stack
page read and write
8D10000
unkown
page read and write
D18000
trusted library allocation
page read and write
2E90000
unclassified section
page read and write
7DF4F3041000
unkown
page execute read
8740000
unkown
page read and write
16DF000
stack
page read and write
38EA000
trusted library allocation
page read and write
400000
unkown
page readonly
2BC7000
trusted library allocation
page read and write
There are 2295 hidden memdumps, click here to show them.