IOC Report
1719859269.0326595_setup.exe

loading gif

Files

File Path
Type
Category
Malicious
1719859269.0326595_setup.exe
PE32+ executable (GUI) x86-64, for MS Windows
initial sample
 malicious
C:\ProgramData\AIRP Next Stage 7.1.66\AIRP Next Stage 7.1.66.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\FCBFBGDBKJ.exe
PE32 executable (console) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\WinTrackerSP\WinTrackerSP.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\freebl3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\lmguvcpihozg\eqtpkqwqodik.exe
PE32+ executable (GUI) x86-64, for MS Windows
dropped
 malicious
C:\ProgramData\mozglue.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\nss3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\softokn3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\ExtreamFanV5\ExtreamFanV5.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\MP3Doctor Free 2020\Qt5OpenGL.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\MP3Doctor Free 2020\Qt5WinExtras.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\MP3Doctor Free 2020\Qt5Xml.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\MP3Doctor Free 2020\QtAVWidgets1.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\MP3Doctor Free 2020\avdevice-58.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\MP3Doctor Free 2020\is-0K04O.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\MP3Doctor Free 2020\is-9A6KK.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\MP3Doctor Free 2020\is-B37O4.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\MP3Doctor Free 2020\is-IK2RF.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\MP3Doctor Free 2020\is-JR9V0.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\MP3Doctor Free 2020\is-LRHSQ.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\MP3Doctor Free 2020\is-O6M3F.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\MP3Doctor Free 2020\is-P12J5.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\MP3Doctor Free 2020\is-QM7CF.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\MP3Doctor Free 2020\is-TJFT6.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\MP3Doctor Free 2020\is-VCOE9.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\MP3Doctor Free 2020\libcurl.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\MP3Doctor Free 2020\libeay32.dll (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\MP3Doctor Free 2020\libmp3lame.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\MP3Doctor Free 2020\mousehelper.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\MP3Doctor Free 2020\mp3doctorfree32_64.exe
PE32 executable (GUI) Intel 80386, for MS Windows
modified
 malicious
C:\Users\user\AppData\Local\MP3Doctor Free 2020\openh264.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\MP3Doctor Free 2020\unins000.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\amadka[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\freebl3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\mozglue[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\nss3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\softokn3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\sqlt[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\123p[1].exe
PE32+ executable (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\crt[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\newsoftgnu[1].exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\super[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\setup[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\setup[2].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\streamer[1].exe
PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\lumma2806[1].exe
PE32 executable (console) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\7zS188D.tmp\Install.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\7zS1BC9.tmp\Install.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\7zSA35.tmp\Install.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\7zSAB2.tmp\Install.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\AAAAKJKJEB.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\PowerExpertNT\PowerExpertNT.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\is-5JVP5.tmp\H1pBxuA3W1wJGbhYT2DZXaLH.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\is-T7UO2.tmp\_isetup\_RegDLL.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\is-T7UO2.tmp\_isetup\_iscrypt.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\is-T7UO2.tmp\_isetup\_setup64.tmp
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\4MZEKMRe7m6bc8qivCccLsq8.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\4Q6k8SlqG7M24bYO3UgMWICf.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\H1pBxuA3W1wJGbhYT2DZXaLH.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\IVTULQzdBmF3Bc0NeoxSnYvg.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\Lbg6Jgx2PuK0JimgGIFCI5UU.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\ZRPXsHAkSUQ1QmQI0EHaBnFQ.exe
PE32+ executable (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\alXewrRe7Pi_SQbFkI0y1vcR.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\kUJOpvLlbhqCDkTlllfRFIPb.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\yHP2Z5SFUIZjI8pAKB_H3QUP.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\Documents\SimpleAdobe\yTXn1eeuAPe6JeFa5Kfn6hMY.exe
PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
dropped
 malicious
C:\Windows\System32\GroupPolicy\gpt.ini
ASCII text, with CRLF line terminators
dropped
 malicious
C:\ProgramData\AEBAFBGIDHCBFHIECFCB
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\BAEHIEBGHDAFIEBGIEHJECGCGC
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
dropped
C:\ProgramData\DAEBFHJKJEBFCBFHDAEGHCBFBG
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\EGIJKEHCAKFCAKFHDAAAAECFCG
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x3, schema 4, UTF-8, version-valid-for 6
dropped
C:\ProgramData\FIJECAEHJJJK\AFHDAE
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\FIJECAEHJJJK\AKKECA
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 7
dropped
C:\ProgramData\FIJECAEHJJJK\CFHIIJ
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
dropped
C:\ProgramData\FIJECAEHJJJK\CFHIIJ-shm
data
dropped
C:\ProgramData\FIJECAEHJJJK\DBFHDB
ASCII text, with very long lines (1717), with CRLF line terminators
dropped
C:\ProgramData\FIJECAEHJJJK\DBGHDG
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\FIJECAEHJJJK\ECBGIE
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x37, schema 4, UTF-8, version-valid-for 8
dropped
C:\ProgramData\FIJECAEHJJJK\HDGIEB
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\FIJECAEHJJJK\HJEBGH
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\FIJECAEHJJJK\IIEHJK
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 2, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 2
dropped
C:\ProgramData\FIJECAEHJJJK\IIIEBA
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\FIJECAEHJJJK\IIIEBA-shm
data
dropped
C:\ProgramData\FIJECAEHJJJK\KJDAEC
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x3, schema 4, UTF-8, version-valid-for 6
dropped
C:\ProgramData\HCGDGIDGIJKKEBGDAECA
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 2, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 2
dropped
C:\ProgramData\IJJJKEGH
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\JKJEHJKJEBGHJJKEBGIECAAFIJ
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 7
dropped
C:\ProgramData\KECBFBAE
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x37, schema 4, UTF-8, version-valid-for 8
dropped
C:\ProgramData\KFBAECBAEGDGDHIEHIJJ
ASCII text, with very long lines (1717), with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Network\Downloader\edb.log
data
dropped
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
Extensible storage user DataBase, version 0x620, checksum 0xeb35527b, page size 16384, DirtyShutdown, Windows version 10.0
dropped
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
data
dropped
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_4Q6k8SlqG7M24bYO_7f196f7cb54116f579d65b34725960efc7dd48_9fa084fb_8acbbaf3-da9d-4f7c-b82e-25701466c481\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER15CE.tmp.dmp
Mini DuMP crash report, 14 streams, Mon Jul 1 22:05:20 2024, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER167A.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER16CA.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER16E7.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER1755.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER2FC3.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER31F7.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER3236.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER3535.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER3C99.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER43AE.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER43EE.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER4508.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6DD.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER71C.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA2BE.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA34B.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA89C.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERA8FA.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB61B.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB7F1.tmp.txt
data
dropped
C:\ProgramData\msvcp140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\ProgramData\vcruntime140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\MP3Doctor Free 2020\Qt5Svg.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\MP3Doctor Free 2020\is-07TP8.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\MP3Doctor Free 2020\is-18MLT.tmp
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\MP3Doctor Free 2020\is-4H4R9.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\MP3Doctor Free 2020\is-64K5G.tmp
data
dropped
C:\Users\user\AppData\Local\MP3Doctor Free 2020\is-NPF14.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\MP3Doctor Free 2020\is-PS7GC.tmp
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\MP3Doctor Free 2020\is-QTE9G.tmp
ASCII text
dropped
C:\Users\user\AppData\Local\MP3Doctor Free 2020\is-RPUL3.tmp
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\MP3Doctor Free 2020\msvcp120.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\MP3Doctor Free 2020\msvcp140.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\MP3Doctor Free 2020\msvcp140_1.dll (copy)
PE32+ executable (DLL) (console) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\MP3Doctor Free 2020\msvcr120.dll (copy)
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
C:\Users\user\AppData\Local\MP3Doctor Free 2020\openh264_license.txt (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\MP3Doctor Free 2020\proportions.txt (copy)
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\MP3Doctor Free 2020\unins000.dat
InnoSetup Log MP3Doctor Free 2020, version 0x30, 5360 bytes, 651689\user, "C:\Users\user\AppData\Local\MP3Doctor Free 2020"
dropped
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\4MZEKMRe7m6bc8qivCccLsq8.exe.log
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\MSBuild.exe.log
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RegAsm.exe.log
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\yHP2Z5SFUIZjI8pAKB_H3QUP.exe.log
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\File[1].bmp
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\msvcp140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\vcruntime140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\BotClient[1].bmp
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\crypted[1].bmp
data
dropped
C:\Users\user\AppData\Local\Temp\7zSA35.tmp\__data__\config.txt
data
dropped
C:\Users\user\AppData\Local\Temp\7zSAB2.tmp\__data__\config.txt
data
dropped
C:\Users\user\AppData\Local\Temp\is-T7UO2.tmp\_isetup\_shfoldr.dll
PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\tmpSTLpopstart\stlmapfrog
data
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerExpertNT.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Hidden, Archive, ctime=Mon Jul 1 21:05:26 2024, mtime=Mon Jul 1 21:05:26 2024, atime=Mon Jul 1 21:05:15 2024, length=3828752, window=hide
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite-shm
data
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite-shm
data
dropped
C:\Users\user\Documents\SimpleAdobe\01dIFB7Hn9Ga_GV72pHGpcce.exe
HTML document, ASCII text, with very long lines (6927)
dropped
C:\Users\user\Documents\SimpleAdobe\pYPeUajku47jJmxh1FdbLdJs.exe
HTML document, ASCII text, with very long lines (6927)
dropped
C:\Windows\Logs\StorGroupPolicy.log
data
modified
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
JSON data
dropped
C:\Windows\System32\GroupPolicy\Machine\Registry.pol
RAGE Package Format (RPF),
dropped
C:\Windows\appcompat\Programs\Amcache.hve
MS Windows registry file, NT/2000 or above
dropped
There are 145 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\1719859269.0326595_setup.exe
"C:\Users\user\Desktop\1719859269.0326595_setup.exe"
 malicious
C:\Users\user\Documents\SimpleAdobe\IVTULQzdBmF3Bc0NeoxSnYvg.exe
C:\Users\user\Documents\SimpleAdobe\IVTULQzdBmF3Bc0NeoxSnYvg.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\H1pBxuA3W1wJGbhYT2DZXaLH.exe
C:\Users\user\Documents\SimpleAdobe\H1pBxuA3W1wJGbhYT2DZXaLH.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\Lbg6Jgx2PuK0JimgGIFCI5UU.exe
C:\Users\user\Documents\SimpleAdobe\Lbg6Jgx2PuK0JimgGIFCI5UU.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\alXewrRe7Pi_SQbFkI0y1vcR.exe
C:\Users\user\Documents\SimpleAdobe\alXewrRe7Pi_SQbFkI0y1vcR.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\4MZEKMRe7m6bc8qivCccLsq8.exe
C:\Users\user\Documents\SimpleAdobe\4MZEKMRe7m6bc8qivCccLsq8.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\yHP2Z5SFUIZjI8pAKB_H3QUP.exe
C:\Users\user\Documents\SimpleAdobe\yHP2Z5SFUIZjI8pAKB_H3QUP.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\ZRPXsHAkSUQ1QmQI0EHaBnFQ.exe
C:\Users\user\Documents\SimpleAdobe\ZRPXsHAkSUQ1QmQI0EHaBnFQ.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\yTXn1eeuAPe6JeFa5Kfn6hMY.exe
C:\Users\user\Documents\SimpleAdobe\yTXn1eeuAPe6JeFa5Kfn6hMY.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\kUJOpvLlbhqCDkTlllfRFIPb.exe
C:\Users\user\Documents\SimpleAdobe\kUJOpvLlbhqCDkTlllfRFIPb.exe
 malicious
C:\Users\user\Documents\SimpleAdobe\4Q6k8SlqG7M24bYO3UgMWICf.exe
C:\Users\user\Documents\SimpleAdobe\4Q6k8SlqG7M24bYO3UgMWICf.exe
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
 malicious
C:\Users\user\AppData\Local\Temp\7zS188D.tmp\Install.exe
.\Install.exe /bfYudidAVdU "385137" /S
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
 malicious
C:\Users\user\AppData\Local\Temp\7zS1BC9.tmp\Install.exe
.\Install.exe /iwYBYdidlHmT "525403" /S
 malicious
C:\Users\user\AppData\Local\MP3Doctor Free 2020\mp3doctorfree32_64.exe
"C:\Users\user\AppData\Local\MP3Doctor Free 2020\mp3doctorfree32_64.exe" -i
 malicious
C:\Windows\System32\powercfg.exe
C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0
 malicious
C:\Windows\System32\powercfg.exe
C:\Windows\system32\powercfg.exe /x -hibernate-timeout-dc 0
 malicious
C:\Windows\SysWOW64\schtasks.exe
schtasks /create /f /RU "user" /tr "C:\ProgramData\WinTrackerSP\WinTrackerSP.exe" /tn "WinTrackerSP HR" /sc HOURLY /rl HIGHEST
 malicious
C:\Windows\System32\powercfg.exe
C:\Windows\system32\powercfg.exe /x -standby-timeout-ac 0
 malicious
C:\Windows\System32\powercfg.exe
C:\Windows\system32\powercfg.exe /x -standby-timeout-dc 0
 malicious
C:\Windows\SysWOW64\schtasks.exe
schtasks /create /f /RU "user" /tr "C:\ProgramData\WinTrackerSP\WinTrackerSP.exe" /tn "WinTrackerSP LG" /sc ONLOGON /rl HIGHEST
 malicious
C:\ProgramData\WinTrackerSP\WinTrackerSP.exe
C:\ProgramData\WinTrackerSP\WinTrackerSP.exe
 malicious
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k NetSvcs -p -s NcaSvc
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s fhsvc
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -s WPDBusEnum
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 452 -p 424 -ip 424
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 424 -s 284
C:\Users\user\AppData\Local\Temp\7zSAB2.tmp\Install.exe
.\Install.exe
C:\Users\user\AppData\Local\Temp\is-5JVP5.tmp\H1pBxuA3W1wJGbhYT2DZXaLH.tmp
"C:\Users\user\AppData\Local\Temp\is-5JVP5.tmp\H1pBxuA3W1wJGbhYT2DZXaLH.tmp" /SL5="$70066,5141152,54272,C:\Users\user\Documents\SimpleAdobe\H1pBxuA3W1wJGbhYT2DZXaLH.exe"
C:\Users\user\AppData\Local\Temp\7zSA35.tmp\Install.exe
.\Install.exe
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\sc.exe
C:\Windows\system32\sc.exe delete "CIFUBVHI"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\sc.exe
C:\Windows\system32\sc.exe create "CIFUBVHI" binpath= "C:\ProgramData\lmguvcpihozg\eqtpkqwqodik.exe" start= "auto"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
There are 36 hidden processes, click here to show them.

URLs

Name
IP
Malicious
77.105.135.107:3445
malicious
http://85.28.47.4/69934896f997d5bb/sqlite3.dll#
unknown
 malicious
http://85.28.47.4/69934896f997d5bb/softokn3.dll
85.28.47.4
 malicious
http://85.28.47.4/69934896f997d5bb/mozglue.dll
85.28.47.4
 malicious
http://85.28.47.4/69934896f997d5bb/nss3.dll
85.28.47.4
 malicious
http://85.28.47.4/69934896f997d5bb/vcruntime140.dll
85.28.47.4
 malicious
http://85.28.47.4/69934896f997d5bb/freebl3.dll
85.28.47.4
 malicious
http://85.28.47.4/920475a59bac849d.php
85.28.47.4
 malicious
http://85.28.47.4/69934896f997d5bb/sqlite3.dll
85.28.47.4
 malicious
https://duckduckgo.com/chrome_newtab
unknown
https://duckduckgo.com/ac/?q=
unknown
https://bitbucket.org:80/sdgdf/fbghhj/downloads/streamer.exem
unknown
https://jira.adguard.com/browse/AG-7046
unknown
https://steamcommunity.com/profiles/76561199707802586hellosqlt.dllsqlite3.dll
unknown
https://download.wondershare.net/cbs_down/filmora-idco_full1901.exe
unknown
https://papi.vk.com/pushsse/ruim
unknown
https://vk.com/doc461844031_680356434?hash=KmXLjZzwyKBjmzxff0Jo9U1YwRL71yZftAbVL5kdyKD&dl=3v6LT2A7IS
unknown
http://pki-crl.symauth.com/offlineca/TheInstituteofElectricalandElectronicsusersIncIEEERootCA.cr
unknown
https://sun6-23.userapi.com/
unknown
https://vk.com:80/doc851967711_678965991?hash=15v5bIC0BdxsDWrpl71N2Lf9ztIhZN508DquMzIAGCz&dl=yDzL4lh
unknown
https://st6-21.vk.com/css/al/base.ec2ae8ae.css
unknown
http://80.78.242.100/d/525403pD
unknown
https://jira.adguard.com/browse/AG-20455
unknown
https://bitbucket.org:80/sdgdf/fbghhj/downloads/streamer.exeV
unknown
https://jira.adguard.com/browse/AG-20454
unknown
https://vk.com
unknown
https://www.instagram.com
unknown
http://download.wondershare.net/cbs_down/filmora-idco_64bit_full1901.exe
unknown
http://80.78.242.100/d/525403com
unknown
https://aui-cdn.atlassian.com/
unknown
http://pop.wondershare.com/filmora-licen
unknown
https://a.884736279.xyz/385137/setup.exe
79.174.95.43
http://77.105.133.27/download/123p.exey
unknown
http://helsinki-dtc.com/updates/yd/wrtzr_yt_a_1/win/version.txt?ZOmFPgPUTVZNbWpVqvSvPLQtsthTrEhbx
194.67.87.38
http://85.28.47.4/69934896f997d5bb/freebl3.dllq
unknown
http://www.innosetup.com/
unknown
https://bbuseruploads.s3.amazonaws.com/FPj
unknown
https://filmora.w
unknown
http://77.91.77.81/mine/amadka.exe00
unknown
https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4pLk4pqk4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
unknown
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
unknown
http://helsinki-dtc.com/updates/yd/yt_wrtzr_1/win/version.txt?BaGHTJrEOqpSoOUUbPmVVgUlkCFxoVbnT
194.67.87.38
https://sun6-22.userapi.com/
unknown
https://vk.com/doc851967711_678965991?hash=15v5bIC0BdxsDWrpl71N2Lf9ztIhZN508DquMzIAGCz&dl=yDzL4lhSc6Qh08VS3lx8KlKwYrkSiYGlwvhnSbB1cMD&api=1&no_preview=1#1
87.240.132.78
https://www.ecosia.org/newtab/
unknown
https://jira.adguard.com/browse/AG-20454G
unknown
http://www.rapidfilestorage.com/clrls/cl_rls.json
185.22.66.15
https://stats.vk-portal.net
unknown
http://www.winimage.com/zLibDllm_object
unknown
https://sun6-21.userapi.com/c235031/u851967711/docs/d19/e642d2d3ea8a/File.bmp?extra=codZE4oOkF_mb0aHMW2_KJkLotDgGHzpcd-JeGF88YLnbk2Qm4WcZoXVvzJ1HuH2HaOhqgSp6_uV0Z6TCfxUYwreX5Rq2H_XmfQYz82S4_LBrsYcRulTXC2HKGtLY-ovV1tbmUk3ivmp
95.142.206.1
https://sun6-22.userapi.com/%r
unknown
http://80.78.242.100/d/525403
80.78.242.100
https://vk.com/doc5294803_669843349?hash=9zPjskz2rlw4WpxESbjigfNghvMBCG7BIpLthkH7eKs&dl=usJOnLsECNfeEiGdn2IU9JTEdwqaRFTDnZMFQJn7v9z&api=1&no_preview=1#ww11
87.240.132.78
https://r.mradx.net
unknown
https://cdn.cookielaw.org/
unknown
https://vk.com/doc851967711_678909859?hash=lNew8DPFlC3FkyFwDvSRD3AUel2qUbt8XwQ47izbny0&dl=VoWAeLPwa3VHUZ6RGMrmgXoJxs6sK0ufCNL8HdLsSa4&api=1&no_preview=1#xin
87.240.132.78
http://www.rapidfilestorage.com/updates/yd/wrtzr_yt_a_1/win/version.txt?lkNOHJiXnxKRAffVlKrZwoIEmkviEhCxR
185.22.66.16
https://a.884736279.xyz/
unknown
https://static.vk.me
unknown
https://vk.com/oot%
unknown
http://77.91.77.81/cost/go.exeAppData
unknown
http://www.rapidfilestorage.com/updates/yd/yt_wrtzr_1/win/version.txt?BAxskCrAzBkAQLhyBAyQiyrSwfaJVtVcO
185.22.66.16
https://st6-21.vk.com/dist/web/polyfills.isolated.70196a4e.js
unknown
https://jira.adguard.com/browse/AG-20455N
unknown
http://77.91.77.81/cost/go.exe
unknown
http://ocsp.sectigo.com0
unknown
https://vk.com:80/doc851967711_678909859?hash=lNew8DPFlC3FkyFwDvSRD3AUel2qUbt8XwQ47izbny0&dl=VoWAeLP
unknown
https://cdn.discordapp.com/attachments/1255737669737254954/1257455463088394404/setup.exe?ex=66847828&is=668326a8&hm=9a0a6baa5ff045d491afd87efad3dd033618cc8c5ce04018ccc10ef67b97fd67&
162.159.133.233
https://vk.com:80/doc461844031_680356434?hash=KmXLjZzwyKBjmzxff0Jo9U1YwRL71yZftAbVL5kdyKD&dl=3v6LT2A
unknown
https://cdn.discordapp.com/
unknown
https://monoblocked.com/
unknown
https://jira.int.agrd.dev/browse/AG-32263
unknown
https://st6-21.vk.com
unknown
https://cdn.ampproject.org
unknown
https://sun6-22.userapi.com/c235031/u851967711/docs/d58/101acf609709/crypted.bmp?extra=Ux3hmN1iPre6d
unknown
http://77.105.133.27/download/th/space.php
77.105.133.27
https://login.vk.com/?act=logout&hash=a280e68e075c926b49&_origin=https%3A%2F%2Fvk.com&lrt=BDpxh3TFcr
unknown
http://77.105.133.27/download/123p.exe
77.105.133.27
https://bitbucket.org/m/v
unknown
https://vk.com/zD
unknown
https://monoblocked.com/385137/setup.exeom/
unknown
https://www.wondershare.com/privacy.html
unknown
https://monoblocked.com/385137/setup.exexe
unknown
https://cdn.syndication.twimg.com
unknown
https://dev.vk.com
unknown
https://vk.com/doc461844031_680356434?hash=KmXLjZzwyKBjmzxff0Jo9U1YwRL71yZftAbVL5kdyKD&dl=3v6LT2A7IS0PX4HrE4vRkDm0d4mbocnTvyEbLzKxGUP&api=1&no_preview=1#def_meta
87.240.132.78
https://securepubads.g.doubleclick.net
unknown
https://www.wondershare.com/company/end-user-license-agreement.html
unknown
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
unknown
https://api.myip.com/
104.26.9.59
https://vk.ru
unknown
https://jira.adguard.com/browse/AG-18203.
unknown
https://web-security-reports.services.atlassian.com/csp-report/bb-website
unknown
http://api2.check-data.xyz/api2/google_api_ifi
44.240.96.128
http://77.91.77.81/mine/amadka.exew$
unknown
https://jira.adguard.com/browse/AG-159168
unknown
https://d136azpfpnge1l.cloudfront.net/;
unknown
https://sun6-23.userapi.com/zD
unknown
https://bitbucket.org/sdgdf/fbghhj/downloads/streamer.exeal
unknown
https://st6-21.vk.com/css/fonts/VKSansDisplayDemiBoldFaux.v100.woff2
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
a.884736279.xyz
79.174.95.43
 malicious
t.me
149.154.167.99
 malicious
service-domain.xyz
54.210.117.250
 malicious
ellaboratepwsz.xyz
unknown
 malicious
api2.check-data.xyz
unknown
 malicious
bitbucket.org
104.192.141.1
tea.arpdabl.org
207.180.253.128
env-3936544.jcloud.kz
185.22.66.16
monoblocked.com
45.130.41.108
d1u0l9f6kr1di3.cloudfront.net
13.225.78.36
helsinki-dtc.com
194.67.87.38
lop.foxesjoy.com
188.114.96.3
cdn.discordapp.com
162.159.133.233
sun6-21.userapi.com
95.142.206.1
iplogger.org
172.67.132.113
pool.hashvault.pro
142.202.242.45
fp2e7a.wpc.phicdn.net
192.229.221.95
s3-w.us-east-1.amazonaws.com
3.5.20.219
api.myip.com
104.26.9.59
potterryisiw.shop
188.114.97.3
ipinfo.io
34.117.186.192
sun6-22.userapi.com
95.142.206.2
sun6-23.userapi.com
95.142.206.3
googlehosted.l.googleusercontent.com
142.250.181.225
checkdata-1114476139.us-west-2.elb.amazonaws.com
44.240.96.128
vk.com
87.240.132.78
bbuseruploads.s3.amazonaws.com
unknown
www.rapidfilestorage.com
unknown
clients2.googleusercontent.com
unknown
skrptfiles.tracemonitors.com
unknown
There are 20 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
149.154.167.99
t.me
United Kingdom
malicious
85.28.47.4
unknown
Russian Federation
malicious
79.174.95.43
a.884736279.xyz
Russian Federation
malicious
77.105.135.107
unknown
Russian Federation
malicious
34.117.186.192
ipinfo.io
United States
104.26.9.59
api.myip.com
United States
77.105.133.27
unknown
Russian Federation
87.240.132.78
vk.com
Russian Federation
80.78.242.100
unknown
Russian Federation
172.67.132.113
iplogger.org
United States
95.142.206.3
sun6-23.userapi.com
Russian Federation
104.192.141.1
bitbucket.org
United States
95.142.206.2
sun6-22.userapi.com
Russian Federation
95.142.206.1
sun6-21.userapi.com
Russian Federation
77.105.132.27
unknown
Russian Federation
3.5.20.219
s3-w.us-east-1.amazonaws.com
United States
162.159.133.233
cdn.discordapp.com
United States
207.180.253.128
tea.arpdabl.org
Germany
49.13.159.121
unknown
Germany
5.42.99.177
unknown
Russian Federation
77.91.77.81
unknown
Russian Federation
77.91.77.80
unknown
Russian Federation
188.114.96.3
lop.foxesjoy.com
European Union
45.130.41.108
monoblocked.com
Russian Federation
127.0.0.1
unknown
unknown
There are 15 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{929E38D7-F85C-4E9F-9205-1838BD20B49A}Machine\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions
Exclusions_Extensions
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{929E38D7-F85C-4E9F-9205-1838BD20B49A}Machine\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions\Extensions
exe
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{929E38D7-F85C-4E9F-9205-1838BD20B49A}Machine\SOFTWARE\Policies\Microsoft\Windows Defender
DisableAntiSpyware
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{929E38D7-F85C-4E9F-9205-1838BD20B49A}Machine\SOFTWARE\Policies\Microsoft\Windows Defender
DisableRoutinelyTakingAction
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{929E38D7-F85C-4E9F-9205-1838BD20B49A}Machine\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection
DisableBehaviorMonitoring
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{929E38D7-F85C-4E9F-9205-1838BD20B49A}Machine\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection
DisableOnAccessProtection
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{929E38D7-F85C-4E9F-9205-1838BD20B49A}Machine\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection
DisableScanOnRealtimeEnable
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{929E38D7-F85C-4E9F-9205-1838BD20B49A}Machine\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection
DisableRealtimeMonitoring
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{929E38D7-F85C-4E9F-9205-1838BD20B49A}Machine\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection
DisableIOAVProtection
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\group policy objects\{929E38D7-F85C-4E9F-9205-1838BD20B49A}Machine\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection
DisableRawWriteNotification
 malicious
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules
C:\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
ExtreamFanV5
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\424
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\424
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\424
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4440
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4440
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4440
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\8172
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\8172
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\8172
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4044
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4044
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4044
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\5264
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\5264
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\5264
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4344
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4344
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4344
CreationTime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4256
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4256
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\4256
CreationTime
\REGISTRY\A\{ab6d4e3a-cfe3-d7de-0de8-6a9690ab611c}\Root\InventoryApplicationFile\4q6k8slqg7m24byo|e5537ead6bacad3c
ProgramId
\REGISTRY\A\{ab6d4e3a-cfe3-d7de-0de8-6a9690ab611c}\Root\InventoryApplicationFile\4q6k8slqg7m24byo|e5537ead6bacad3c
FileId
\REGISTRY\A\{ab6d4e3a-cfe3-d7de-0de8-6a9690ab611c}\Root\InventoryApplicationFile\4q6k8slqg7m24byo|e5537ead6bacad3c
LowerCaseLongPath
\REGISTRY\A\{ab6d4e3a-cfe3-d7de-0de8-6a9690ab611c}\Root\InventoryApplicationFile\4q6k8slqg7m24byo|e5537ead6bacad3c
LongPathHash
\REGISTRY\A\{ab6d4e3a-cfe3-d7de-0de8-6a9690ab611c}\Root\InventoryApplicationFile\4q6k8slqg7m24byo|e5537ead6bacad3c
Name
\REGISTRY\A\{ab6d4e3a-cfe3-d7de-0de8-6a9690ab611c}\Root\InventoryApplicationFile\4q6k8slqg7m24byo|e5537ead6bacad3c
OriginalFileName
\REGISTRY\A\{ab6d4e3a-cfe3-d7de-0de8-6a9690ab611c}\Root\InventoryApplicationFile\4q6k8slqg7m24byo|e5537ead6bacad3c
Publisher
\REGISTRY\A\{ab6d4e3a-cfe3-d7de-0de8-6a9690ab611c}\Root\InventoryApplicationFile\4q6k8slqg7m24byo|e5537ead6bacad3c
Version
\REGISTRY\A\{ab6d4e3a-cfe3-d7de-0de8-6a9690ab611c}\Root\InventoryApplicationFile\4q6k8slqg7m24byo|e5537ead6bacad3c
BinFileVersion
\REGISTRY\A\{ab6d4e3a-cfe3-d7de-0de8-6a9690ab611c}\Root\InventoryApplicationFile\4q6k8slqg7m24byo|e5537ead6bacad3c
BinaryType
\REGISTRY\A\{ab6d4e3a-cfe3-d7de-0de8-6a9690ab611c}\Root\InventoryApplicationFile\4q6k8slqg7m24byo|e5537ead6bacad3c
ProductName
\REGISTRY\A\{ab6d4e3a-cfe3-d7de-0de8-6a9690ab611c}\Root\InventoryApplicationFile\4q6k8slqg7m24byo|e5537ead6bacad3c
ProductVersion
\REGISTRY\A\{ab6d4e3a-cfe3-d7de-0de8-6a9690ab611c}\Root\InventoryApplicationFile\4q6k8slqg7m24byo|e5537ead6bacad3c
LinkDate
\REGISTRY\A\{ab6d4e3a-cfe3-d7de-0de8-6a9690ab611c}\Root\InventoryApplicationFile\4q6k8slqg7m24byo|e5537ead6bacad3c
BinProductVersion
\REGISTRY\A\{ab6d4e3a-cfe3-d7de-0de8-6a9690ab611c}\Root\InventoryApplicationFile\4q6k8slqg7m24byo|e5537ead6bacad3c
AppxPackageFullName
\REGISTRY\A\{ab6d4e3a-cfe3-d7de-0de8-6a9690ab611c}\Root\InventoryApplicationFile\4q6k8slqg7m24byo|e5537ead6bacad3c
AppxPackageRelativeId
\REGISTRY\A\{ab6d4e3a-cfe3-d7de-0de8-6a9690ab611c}\Root\InventoryApplicationFile\4q6k8slqg7m24byo|e5537ead6bacad3c
Size
\REGISTRY\A\{ab6d4e3a-cfe3-d7de-0de8-6a9690ab611c}\Root\InventoryApplicationFile\4q6k8slqg7m24byo|e5537ead6bacad3c
Language
\REGISTRY\A\{ab6d4e3a-cfe3-d7de-0de8-6a9690ab611c}\Root\InventoryApplicationFile\4q6k8slqg7m24byo|e5537ead6bacad3c
Usn
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
DeviceTicket
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
DeviceId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Token\{67082621-8D18-4333-9C64-10DE93676363}
ApplicationFlags
HKEY_CURRENT_USER\SOFTWARE\Microsoft\IdentityCRL\Immersive\production\Property
0018000DDABBE6B3
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Cached
{40DD6E20-7C17-11CE-A804-00AA003CA9F6} {000214EF-0000-0000-C000-000000000046} 0xFFFF
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MP3Doctor Free 2020_is1
Inno Setup: Setup Version
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MP3Doctor Free 2020_is1
Inno Setup: App Path
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MP3Doctor Free 2020_is1
InstallLocation
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MP3Doctor Free 2020_is1
Inno Setup: Icon Group
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MP3Doctor Free 2020_is1
Inno Setup: User
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MP3Doctor Free 2020_is1
DisplayName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MP3Doctor Free 2020_is1
UninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MP3Doctor Free 2020_is1
QuietUninstallString
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MP3Doctor Free 2020_is1
NoModify
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MP3Doctor Free 2020_is1
NoRepair
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MP3Doctor Free 2020_is1
InstallDate
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MP3Doctor Free 2020_is1
EstimatedSize
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
SlowContextMenuEntries
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager
PendingFileRenameOperations
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager
PendingFileRenameOperations
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
PerfMMFileName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\SVGALabel
airp_nstage_i66_1
There are 69 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
21664602000
heap
page read and write
 malicious
A01000
unkown
page execute and read and write
 malicious
3AC1000
trusted library allocation
page read and write
 malicious
402000
remote allocation
page execute and read and write
 malicious
1CF4000
heap
page read and write
 malicious
4314000
trusted library allocation
page read and write
 malicious
21665139000
heap
page read and write
 malicious
400000
remote allocation
page execute and read and write
 malicious
338B000
trusted library allocation
page read and write
 malicious
437B000
trusted library allocation
page read and write
 malicious
B82000
unkown
page readonly
 malicious
402000
remote allocation
page execute and read and write
 malicious
42E1000
trusted library allocation
page read and write
 malicious
73A000
unkown
page read and write
 malicious
43AF000
trusted library allocation
page read and write
 malicious
85A000
unkown
page execute and read and write
7FF67573D000
unkown
page write copy
2BC3000
trusted library allocation
page read and write
49FE000
stack
page read and write
9D7000
stack
page read and write
21663E99000
heap
page read and write
21663D44000
heap
page read and write
C000114000
direct allocation
page read and write
2FF4000
trusted library allocation
page read and write
2295000
heap
page read and write
140000000
unkown
page readonly
244E000
stack
page read and write
32AE000
trusted library allocation
page read and write
21028CE0000
heap
page read and write
2BDE000
trusted library allocation
page read and write
2FA3000
trusted library allocation
page read and write
10000000
unkown
page readonly
FC7AD7F000
stack
page read and write
41B0000
heap
page read and write
420000
unkown
page write copy
16A0000
direct allocation
page read and write
6A0A000
trusted library allocation
page read and write
21664291000
heap
page read and write
234B0000
heap
page read and write
21117E41000
heap
page read and write
860000
heap
page read and write
E80000
heap
page read and write
105DB000
direct allocation
page read and write
2B35000
trusted library allocation
page read and write
21663891000
heap
page read and write
216644B0000
heap
page read and write
41B000
unkown
page readonly
E17000
heap
page read and write
A80000
unkown
page execute and read and write
3190000
heap
page read and write
25939E90000
direct allocation
page read and write
13E0000
heap
page read and write
420000
unkown
page read and write
1273000
trusted library allocation
page read and write
2BF7000
trusted library allocation
page read and write
21663E91000
heap
page read and write
C00009C000
direct allocation
page read and write
21663CA4000
heap
page read and write
2F4A0000
trusted library allocation
page read and write
54E0000
trusted library section
page read and write
C1A000
heap
page read and write
6E0000
unkown
page execute and read and write
222DF000
direct allocation
page readonly
747F000
trusted library allocation
page read and write
112B000
unkown
page execute and read and write
8C0000
heap
page read and write
C71000
unkown
page execute read
436F000
trusted library allocation
page read and write
6A0000
unkown
page readonly
23495000
heap
page read and write
305C000
trusted library allocation
page read and write
21663CA8000
heap
page read and write
60EE000
stack
page read and write
300D000
trusted library allocation
page read and write
422000
unkown
page write copy
C00003D000
direct allocation
page read and write
42AF000
trusted library allocation
page read and write
1587AC79000
heap
page read and write
64B1000
heap
page read and write
234AA000
heap
page read and write
2FC0000
trusted library allocation
page read and write
411000
unkown
page readonly
1310000
direct allocation
page read and write
C000036000
direct allocation
page read and write
9276000
heap
page read and write
FC7AC7E000
stack
page read and write
670000
unkown
page readonly
C00016C000
direct allocation
page read and write
6A07000
trusted library allocation
page read and write
79C0000
heap
page read and write
21663F76000
heap
page read and write
234C1000
heap
page read and write
7317000
heap
page read and write
3110000
trusted library allocation
page read and write
3150000
trusted library allocation
page read and write
1556000
trusted library allocation
page execute and read and write
2597F304000
direct allocation
page read and write
42A1000
trusted library allocation
page read and write
ABC000
stack
page read and write
2597F131000
direct allocation
page read and write
6970000
trusted library allocation
page read and write
1022000
unkown
page readonly
DD3129D000
stack
page read and write
B12000
unkown
page execute read
2166383D000
heap
page read and write
21663838000
heap
page read and write
234BE000
heap
page read and write
234CB000
heap
page read and write
21664703000
heap
page read and write
C000110000
direct allocation
page read and write
840000
heap
page read and write
21663862000
heap
page read and write
C000883000
direct allocation
page read and write
BA6000
heap
page read and write
13A6000
heap
page read and write
1700000
heap
page read and write
5850000
trusted library allocation
page read and write
1975D000
stack
page read and write
3A10000
heap
page read and write
1036000
unkown
page readonly
9BB000
stack
page read and write
5810000
trusted library allocation
page read and write
1587B940000
trusted library allocation
page read and write
21661DF7000
heap
page read and write
3069000
trusted library allocation
page read and write
B35000
heap
page read and write
3111000
heap
page read and write
1880000
direct allocation
page read and write
13D0000
unkown
page execute and read and write
2482EC39000
heap
page read and write
5790000
trusted library allocation
page read and write
41D8000
heap
page read and write
2166442E000
heap
page read and write
23C8B6F0000
heap
page read and write
5FA000
heap
page read and write
21663CD1000
heap
page read and write
C000092000
direct allocation
page read and write
2166383D000
heap
page read and write
234C8000
heap
page read and write
70F1000
heap
page read and write
FFAF000
stack
page read and write
234CA000
heap
page read and write
A5F000
unkown
page execute and read and write
14C7E000
stack
page read and write
72E000
heap
page read and write
5AD0000
trusted library allocation
page read and write
21663CAB000
heap
page read and write
2FD0000
trusted library allocation
page read and write
1A20000
heap
page read and write
400000
unkown
page readonly
105D8000
direct allocation
page readonly
39FE000
stack
page read and write
7D0000
heap
page read and write
305E000
trusted library allocation
page read and write
2597F140000
direct allocation
page read and write
566D000
heap
page read and write
6F1000
heap
page read and write
21663EC8000
heap
page read and write
423000
unkown
page read and write
1880000
direct allocation
page read and write
33A4000
trusted library allocation
page read and write
1530000
trusted library allocation
page read and write
5130000
heap
page read and write
234BE000
heap
page read and write
21663CAC000
heap
page read and write
70E1000
heap
page read and write
49AE000
stack
page read and write
72B7000
heap
page read and write
466000
heap
page read and write
21663F75000
heap
page read and write
457F000
trusted library allocation
page read and write
70D01FE000
stack
page read and write
3111000
heap
page read and write
3FB0000
heap
page read and write
3E11000
trusted library allocation
page read and write
5A8A000
trusted library allocation
page read and write
2A90000
heap
page execute and read and write
2BCA000
trusted library allocation
page read and write
332F000
trusted library allocation
page read and write
21663EC8000
heap
page read and write
28F3000
trusted library allocation
page read and write
41B000
unkown
page readonly
2166492C000
heap
page read and write
BCE000
stack
page read and write
21663EA9000
heap
page read and write
5BB0000
trusted library allocation
page execute and read and write
234B0000
heap
page read and write
1EC0000
heap
page read and write
32E6000
trusted library allocation
page read and write
CED000
stack
page read and write
C00012C000
direct allocation
page read and write
21663CD1000
heap
page read and write
3980000
heap
page read and write
28E084B0000
heap
page read and write
879000
unkown
page execute and read and write
28D0000
trusted library allocation
page read and write
139A000
heap
page read and write
2340000
direct allocation
page read and write
1310000
direct allocation
page read and write
748A000
trusted library allocation
page read and write
1710000
heap
page read and write
B5F000
stack
page read and write
1D96000
heap
page read and write
3111000
heap
page read and write
5BFE000
stack
page read and write
15800302000
heap
page read and write
1ED1000
heap
page read and write
1120000
heap
page read and write
13D0000
unkown
page execute and write copy
16A0000
direct allocation
page read and write
490000
unkown
page readonly
216663F6000
heap
page read and write
3380000
trusted library allocation
page read and write
234BE000
heap
page read and write
216655DF000
heap
page read and write
222DD000
direct allocation
page readonly
2004000
direct allocation
page read and write
2B7A000
trusted library allocation
page read and write
8AC000
unkown
page execute and read and write
670000
heap
page read and write
70D0BFE000
stack
page read and write
2EE1000
heap
page read and write
3111000
heap
page read and write
1A4C5F9000
stack
page read and write
216637B0000
trusted library allocation
page read and write
7AFB000
stack
page read and write
20D6A760000
heap
page read and write
1300000
heap
page read and write
1029000
unkown
page readonly
140A0B000
unkown
page read and write
21663EF3000
heap
page read and write
21663814000
heap
page read and write
2B61000
trusted library allocation
page read and write
234CA000
heap
page read and write
234C0000
heap
page read and write
1EE4000
heap
page read and write
70B0000
heap
page read and write
53A000
heap
page read and write
BA1000
unkown
page read and write
2166389D000
heap
page read and write
5AB0000
trusted library allocation
page read and write
1200000
heap
page read and write
1384000
heap
page read and write
13BB7000
direct allocation
page execute and read and write
960000
heap
page read and write
153D000
trusted library allocation
page execute and read and write
401000
unkown
page execute read
5BA0000
trusted library allocation
page execute and read and write
234B0000
heap
page read and write
234C3000
heap
page read and write
2229F000
direct allocation
page readonly
4380000
trusted library allocation
page read and write
1A4CF7E000
stack
page read and write
7FF67570D000
unkown
page read and write
3F53000
heap
page read and write
32CD000
trusted library allocation
page read and write
5660000
heap
page read and write
2482EC39000
heap
page read and write
21666064000
heap
page read and write
374F000
stack
page read and write
3111000
heap
page read and write
21663838000
heap
page read and write
24C0000
direct allocation
page read and write
234A3000
heap
page read and write
21663DCF000
heap
page read and write
13B8000
heap
page read and write
1BD95000
heap
page read and write
3119000
trusted library allocation
page read and write
A84000
unkown
page execute and read and write
21663C98000
heap
page read and write
4231000
trusted library allocation
page read and write
683000
heap
page read and write
234C1000
heap
page read and write
21663826000
heap
page read and write
C000000000
direct allocation
page read and write
410E000
stack
page read and write
66741000
unkown
page execute read
1880000
trusted library allocation
page read and write
346D000
trusted library allocation
page read and write
7574000
trusted library allocation
page read and write
3767000
trusted library allocation
page read and write
CFC000
stack
page read and write
234AE000
heap
page read and write
291B000
trusted library allocation
page execute and read and write
4FF000
unkown
page readonly
2BAA78E0000
heap
page read and write
1A10000
heap
page read and write
732E000
stack
page read and write
2BA2000
trusted library allocation
page read and write
59B0000
trusted library allocation
page read and write
21663DE0000
heap
page read and write
21029180000
remote allocation
page read and write
131C000
unkown
page readonly
2892C000
stack
page read and write
AD0000
heap
page read and write
2900000
trusted library allocation
page read and write
40D000
unkown
page write copy
13CD000
unkown
page execute and write copy
70D09FD000
stack
page read and write
1FC679D0000
heap
page read and write
7FF675C3D000
unkown
page read and write
1EE4000
heap
page read and write
21663858000
heap
page read and write
21029202000
trusted library allocation
page read and write
3111000
heap
page read and write
16A0000
direct allocation
page read and write
2B33000
trusted library allocation
page read and write
21663F56000
heap
page read and write
234AA000
heap
page read and write
802000
unkown
page readonly
21663D24000
heap
page read and write
2BB5000
trusted library allocation
page read and write
783E000
stack
page read and write
530000
heap
page read and write
2BAA7A2B000
heap
page read and write
2639000
heap
page read and write
21663F3A000
heap
page read and write
A75000
unkown
page execute and read and write
7FF675C46000
unkown
page write copy
32E4000
trusted library allocation
page read and write
234AA000
heap
page read and write
25939EC0000
direct allocation
page read and write
2D00000
heap
page execute and read and write
3775000
trusted library allocation
page read and write
400000
unkown
page readonly
21663CA8000
heap
page read and write
5742000
trusted library allocation
page read and write
21663E41000
heap
page read and write
28E08580000
heap
page read and write
334F000
trusted library allocation
page read and write
3335000
trusted library allocation
page read and write
1590000
heap
page read and write
21663D24000
heap
page read and write
3761000
trusted library allocation
page read and write
21117E02000
heap
page read and write
3058000
trusted library allocation
page read and write
2166429C000
heap
page read and write
1587AC28000
heap
page read and write
216647D4000
heap
page read and write
43A8000
trusted library allocation
page read and write
2497EFF000
stack
page read and write
190000
heap
page read and write
66741000
unkown
page execute read
3111000
heap
page read and write
13BB8000
direct allocation
page read and write
64CA000
heap
page read and write
2B6E000
trusted library allocation
page read and write
4B50000
direct allocation
page read and write
15B0000
heap
page read and write
7560000
trusted library allocation
page read and write
1880000
direct allocation
page read and write
554000
heap
page read and write
4C2000
unkown
page write copy
2166389D000
heap
page read and write
11D0000
heap
page read and write
C0000A0000
direct allocation
page read and write
3028000
trusted library allocation
page read and write
2597F144000
direct allocation
page read and write
1FF0000
heap
page read and write
7260000
heap
page read and write
400000
unkown
page readonly
3013000
trusted library allocation
page read and write
C000A22000
direct allocation
page read and write
2349E000
heap
page read and write
6665E000
unkown
page read and write
A8C000
unkown
page execute and read and write
5765000
trusted library allocation
page read and write
32F9000
trusted library allocation
page read and write
3329000
trusted library allocation
page read and write
21663DCF000
heap
page read and write
234AA000
heap
page read and write
1A4D2FE000
stack
page read and write
234C0000
heap
page read and write
21663834000
heap
page read and write
1587AC40000
heap
page read and write
869000
unkown
page execute and read and write
2478D7F000
stack
page read and write
400000
unkown
page readonly
1587ACFF000
heap
page read and write
3C64000
direct allocation
page execute and read and write
C81367F000
stack
page read and write
5290000
trusted library allocation
page read and write
1A4C1FE000
stack
page read and write
3111000
heap
page read and write
3111000
heap
page read and write
C00013A000
direct allocation
page read and write
1A4D5FE000
stack
page read and write
8DB000
stack
page read and write
668DF000
unkown
page readonly
41B000
unkown
page readonly
661F000
stack
page read and write
5E60000
trusted library allocation
page execute and read and write
16C6000
heap
page read and write
52B1000
trusted library allocation
page read and write
2B1F000
trusted library allocation
page read and write
1562000
trusted library allocation
page read and write
C00001E000
direct allocation
page read and write
21663CDD000
heap
page read and write
1BE6B000
stack
page read and write
579E000
stack
page read and write
FC7B27B000
stack
page read and write
2597F0F3000
direct allocation
page read and write
456D000
trusted library allocation
page read and write
3C4E000
stack
page read and write
119D000
unkown
page readonly
4400000
trusted library allocation
page read and write
2482EF13000
heap
page read and write
1C12B000
heap
page read and write
21663829000
heap
page read and write
5480000
trusted library allocation
page execute and read and write
1587BC40000
trusted library section
page readonly
72EE000
heap
page read and write
4C6E000
direct allocation
page read and write
13C4000
heap
page read and write
40B000
unkown
page read and write
13A0000
heap
page read and write
A4D000
unkown
page execute and read and write
21661D70000
trusted library allocation
page read and write
2166381D000
heap
page read and write
2BBF000
trusted library allocation
page read and write
5BC000
stack
page read and write
2330000
heap
page read and write
2BA4000
trusted library allocation
page read and write
13B0000
trusted library allocation
page read and write
DAD767E000
stack
page read and write
21663CDD000
heap
page read and write
21663CC2000
heap
page read and write
21663EF3000
heap
page read and write
C00018C000
direct allocation
page read and write
18E000
stack
page read and write
3066000
trusted library allocation
page read and write
3111000
heap
page read and write
175E000
heap
page read and write
2482EC39000
heap
page read and write
208C000
heap
page read and write
16A0000
direct allocation
page read and write
3111000
heap
page read and write
2FD9000
trusted library allocation
page read and write
21663891000
heap
page read and write
420000
unkown
page read and write
7F7D0000
direct allocation
page execute and read and write
7460000
trusted library allocation
page read and write
119A000
unkown
page read and write
7FF6662CF000
unkown
page readonly
7490000
trusted library allocation
page read and write
EBE000
stack
page read and write
326E77F000
stack
page read and write
21663CCD000
heap
page read and write
400000
unkown
page readonly
445000
remote allocation
page execute and read and write
1750000
heap
page read and write
21663EA9000
heap
page read and write
7FF675C46000
unkown
page write copy
15A0000
heap
page read and write
3D5E000
stack
page read and write
21663826000
heap
page read and write
DAD747C000
stack
page read and write
1540000
trusted library allocation
page read and write
6F1000
heap
page read and write
1880000
direct allocation
page read and write
2FF6000
trusted library allocation
page read and write
5BBE000
stack
page read and write
32B2000
trusted library allocation
page read and write
7FF675BD2000
unkown
page read and write
C00023A000
direct allocation
page read and write
4BF000
unkown
page readonly
2482EC38000
heap
page read and write
400000
unkown
page readonly
21663FAC000
heap
page read and write
2166382F000
heap
page read and write
21118470000
trusted library allocation
page read and write
540000
heap
page read and write
6665E000
unkown
page read and write
54DE000
stack
page read and write
2FB6000
trusted library allocation
page execute and read and write
234BE000
heap
page read and write
1587BFA0000
trusted library allocation
page read and write
156B000
trusted library allocation
page execute and read and write
2013000
heap
page read and write
2482EC00000
unkown
page read and write
7FF675C39000
unkown
page read and write
86F000
unkown
page execute and read and write
2349E000
heap
page read and write
21663838000
heap
page read and write
2B29000
trusted library allocation
page read and write
16ED000
trusted library allocation
page execute and read and write
13C4000
heap
page read and write
23C8B6F8000
heap
page read and write
1310000
direct allocation
page read and write
3416000
trusted library allocation
page read and write
C70000
unkown
page readonly
B0D000
heap
page read and write
21663CC2000
heap
page read and write
20D6A780000
heap
page read and write
5B30000
trusted library allocation
page read and write
223190C0000
heap
page read and write
364E000
stack
page read and write
4560000
trusted library allocation
page read and write
34AF000
trusted library allocation
page read and write
BE0000
direct allocation
page execute and read and write
2340000
direct allocation
page read and write
3363000
trusted library allocation
page read and write
2FDF000
trusted library allocation
page read and write
3389000
trusted library allocation
page read and write
1DED000
heap
page read and write
1AF7000
heap
page read and write
AF0000
heap
page read and write
52AE000
trusted library allocation
page read and write
C0000A2000
direct allocation
page read and write
1DFB000
heap
page read and write
1BD8D000
heap
page read and write
332D000
trusted library allocation
page read and write
2BC5000
trusted library allocation
page read and write
2597F310000
direct allocation
page read and write
326E67B000
stack
page read and write
4B50000
trusted library allocation
page read and write
10000000
direct allocation
page read and write
2930000
trusted library allocation
page read and write
C00001A000
direct allocation
page read and write
3047000
trusted library allocation
page read and write
2597F380000
direct allocation
page read and write
423000
unkown
page read and write
2482EC2B000
heap
page read and write
38EB000
stack
page read and write
5B20000
trusted library allocation
page read and write
16A0000
direct allocation
page read and write
530000
heap
page read and write
304B000
trusted library allocation
page read and write
21663F57000
heap
page read and write
1D0000
trusted library allocation
page read and write
1310000
direct allocation
page read and write
C000057000
direct allocation
page read and write
52DF000
trusted library allocation
page read and write
401000
unkown
page execute read
140CE7000
unkown
page execute read
804000
unkown
page readonly
820000
heap
page read and write
234CA000
heap
page read and write
1A0E000
stack
page read and write
25939C20000
heap
page read and write
840000
heap
page read and write
311B000
trusted library allocation
page read and write
13C4000
heap
page read and write
4F0C000
stack
page read and write
7495000
trusted library allocation
page read and write
7FF675704000
unkown
page read and write
4C4000
unkown
page write copy
234C8000
heap
page read and write
2F53C000
heap
page read and write
234BE000
heap
page read and write
1E84000
heap
page read and write
2166565F000
heap
page read and write
32C7000
trusted library allocation
page read and write
12FD000
heap
page read and write
53E000
heap
page read and write
2454000
heap
page read and write
87F000
unkown
page execute and read and write
2482EF00000
heap
page read and write
C00006E000
direct allocation
page read and write
1282000
trusted library allocation
page read and write
2166382C000
heap
page read and write
1304000
heap
page read and write
234BE000
heap
page read and write
C0000A8000
direct allocation
page read and write
2B69000
trusted library allocation
page read and write
216638A6000
heap
page read and write
13E8000
heap
page read and write
45D9000
trusted library allocation
page read and write
21663CB2000
heap
page read and write
1587AB80000
trusted library allocation
page read and write
C000041000
direct allocation
page read and write
21663CD1000
heap
page read and write
810000
heap
page read and write
21663FAD000
heap
page read and write
197BE000
stack
page read and write
4A6000
unkown
page readonly
1B537450000
heap
page read and write
5A61000
trusted library allocation
page read and write
BA1000
unkown
page write copy
5980000
heap
page execute and read and write
45BA000
trusted library allocation
page read and write
23496000
heap
page read and write
21663862000
heap
page read and write
21117DE0000
heap
page read and write
3015000
trusted library allocation
page read and write
9E0000
heap
page read and write
21664A73000
heap
page read and write
3111000
heap
page read and write
1587B51A000
heap
page read and write
3C64000
direct allocation
page execute and read and write
D1C000
unkown
page read and write
3080000
trusted library allocation
page read and write
1337000
stack
page read and write
3111000
heap
page read and write
174F000
heap
page read and write
216648E6000
heap
page read and write
2DA0000
heap
page read and write
216638A9000
heap
page read and write
2BAA7A00000
heap
page read and write
FC7AF79000
stack
page read and write
6F5000
unkown
page readonly
A5B000
unkown
page execute and read and write
1470000
heap
page read and write
59B000
heap
page read and write
1319000
unkown
page readonly
C00005D000
direct allocation
page read and write
7FF675420000
unkown
page readonly
222A8000
direct allocation
page readonly
C00011C000
direct allocation
page read and write
C000154000
direct allocation
page read and write
326EBFE000
stack
page read and write
87D000
unkown
page execute and read and write
C00006C000
direct allocation
page read and write
A6A000
unkown
page execute and read and write
4CC2000
direct allocation
page read and write
5C10000
trusted library allocation
page execute and read and write
1587ACA1000
heap
page read and write
64B4000
heap
page read and write
32CB000
trusted library allocation
page read and write
10E6000
heap
page read and write
C2D000
heap
page read and write
C00014E000
direct allocation
page read and write
13A8000
heap
page read and write
21663817000
heap
page read and write
21663CD9000
heap
page read and write
12D0000
unkown
page read and write
10152000
direct allocation
page read and write
5C6E000
stack
page read and write
234A9000
heap
page read and write
234A8000
heap
page read and write
326E8FE000
unkown
page readonly
350E000
stack
page read and write
21664FB0000
heap
page read and write
72EE000
stack
page read and write
2482EC7A000
heap
page read and write
CBE000
heap
page read and write
20D6AB60000
heap
page read and write
1BD4D000
heap
page read and write
D1C000
unkown
page write copy
56F0000
trusted library allocation
page read and write
4385000
trusted library allocation
page read and write
140CAD000
unkown
page execute read
12B8000
heap
page read and write
A90000
unkown
page execute and read and write
DAD757E000
stack
page read and write
494000
unkown
page write copy
18D0000
heap
page read and write
21663FAD000
heap
page read and write
234C1000
heap
page read and write
1A4C3FC000
stack
page read and write
234A3000
heap
page read and write
21664B3A000
heap
page read and write
30F0000
heap
page read and write
52E0000
trusted library allocation
page read and write
1D421000
heap
page read and write
2FCB000
trusted library allocation
page execute and read and write
25939C00000
heap
page read and write
2148000
direct allocation
page read and write
3136000
trusted library allocation
page read and write
70F7000
heap
page read and write
72F000
stack
page read and write
21663E45000
heap
page read and write
216655EC000
heap
page read and write
21663CD1000
heap
page read and write
C000140000
direct allocation
page read and write
234B6000
heap
page read and write
2482EC38000
unkown
page read and write
174D000
heap
page read and write
3C64000
direct allocation
page execute and read and write
1C26B000
heap
page read and write
1533000
trusted library allocation
page execute and read and write
8D0000
unkown
page read and write
61ECC000
direct allocation
page read and write
3D4E000
stack
page read and write
496000
unkown
page read and write
5D70000
trusted library section
page read and write
36AD000
stack
page read and write
755F000
stack
page read and write
52D0000
heap
page execute and read and write
75B0000
trusted library allocation
page read and write
326F0FE000
unkown
page readonly
172E000
heap
page read and write
3F50000
heap
page read and write
290A000
trusted library allocation
page execute and read and write
4577000
trusted library allocation
page read and write
64C0000
heap
page read and write
427000
unkown
page readonly
15800180000
trusted library allocation
page read and write
1E50000
heap
page read and write
1240000
heap
page read and write
2011000
direct allocation
page read and write
21663D24000
heap
page read and write
139D000
heap
page read and write
54F000
unkown
page readonly
234AA000
heap
page read and write
1686000
heap
page read and write
2482EE02000
heap
page read and write
2482EC39000
heap
page read and write
3111000
heap
page read and write
234CE000
heap
page read and write
2349E000
heap
page read and write
21663D24000
heap
page read and write
3060000
trusted library allocation
page read and write
171BF000
stack
page read and write
C000046000
direct allocation
page read and write
45CE000
trusted library allocation
page read and write
2166567F000
heap
page read and write
5B40000
heap
page read and write
DD316FE000
stack
page read and write
7CDD000
stack
page read and write
234B6000
heap
page read and write
CB0000
heap
page read and write
154D000
trusted library allocation
page execute and read and write
9BC7D8F000
stack
page read and write
2FC7000
trusted library allocation
page execute and read and write
C000116000
direct allocation
page read and write
316E000
trusted library allocation
page read and write
4550000
trusted library allocation
page read and write
401000
unkown
page execute read
1550000
trusted library allocation
page read and write
411000
unkown
page readonly
9260000
heap
page read and write
1B00000
heap
page read and write
B80000
heap
page read and write
D1E000
unkown
page write copy
3978000
heap
page read and write
2482EC7A000
heap
page read and write
28E08380000
heap
page read and write
1587AC5B000
heap
page read and write
544F000
stack
page read and write
1FC676E0000
heap
page read and write
1510000
heap
page read and write
FC7B07A000
stack
page read and write
2B82000
trusted library allocation
page read and write
868000
heap
page read and write
A92000
unkown
page execute and read and write
2FF8000
trusted library allocation
page read and write
2BFB000
trusted library allocation
page read and write
B80000
unkown
page readonly
17B1000
heap
page read and write
21663829000
heap
page read and write
4585000
trusted library allocation
page read and write
5C6E000
stack
page read and write
C0003B0000
direct allocation
page read and write
2BAA7B02000
heap
page read and write
155A000
trusted library allocation
page execute and read and write
4567000
trusted library allocation
page read and write
16F0000
heap
page read and write
1D84000
heap
page read and write
131B000
unkown
page execute and write copy
21663F76000
heap
page read and write
3084000
trusted library allocation
page read and write
5294000
trusted library allocation
page read and write
45F6000
trusted library allocation
page read and write
21663831000
heap
page read and write
21664A71000
heap
page read and write
21663CC2000
heap
page read and write
AF1000
unkown
page execute read
1C124000
heap
page read and write
70BC000
heap
page read and write
C000050000
direct allocation
page read and write
234B0000
heap
page read and write
41B1000
heap
page read and write
2482ED00000
trusted library allocation
page read and write
1560000
trusted library allocation
page read and write
C70000
heap
page read and write
1A4CDFE000
unkown
page readonly
234CE000
heap
page read and write
7462000
trusted library allocation
page read and write
C000148000
direct allocation
page read and write
21663881000
heap
page read and write
559000
unkown
page readonly
B70000
heap
page read and write
1A4D6FE000
unkown
page readonly
105DA000
direct allocation
page execute and read and write
1580024F000
heap
page read and write
400000
remote allocation
page execute and read and write
234A3000
heap
page read and write
910000
heap
page read and write
23C8B9E0000
heap
page read and write
2482EC77000
heap
page read and write
153B000
stack
page read and write
2166381E000
heap
page read and write
32D1000
trusted library allocation
page read and write
11C6000
stack
page read and write
30F3000
trusted library allocation
page read and write
20C4000
direct allocation
page read and write
77A000
unkown
page execute and read and write
21663826000
heap
page read and write
21663CD5000
heap
page read and write
875000
unkown
page execute and read and write
C000C00000
direct allocation
page read and write
32F3000
trusted library allocation
page read and write
66925000
unkown
page readonly
1755000
heap
page read and write
CF2000
unkown
page execute read
21663CC5000
heap
page read and write
21663831000
heap
page read and write
2FCC000
trusted library allocation
page read and write
1CB9E000
stack
page read and write
1565000
trusted library allocation
page execute and read and write
28ED000
trusted library allocation
page execute and read and write
21663F75000
heap
page read and write
1587AA70000
heap
page read and write
234C1000
heap
page read and write
13BB5000
direct allocation
page readonly
3C64000
direct allocation
page execute and read and write
401000
unkown
page execute read
2349E000
heap
page read and write
21663CC5000
heap
page read and write
21663EA9000
heap
page read and write
460000
heap
page read and write
C1E000
heap
page read and write
21663814000
heap
page read and write
16BF000
stack
page read and write
21117E00000
heap
page read and write
234CA000
heap
page read and write
C000800000
direct allocation
page read and write
345D000
trusted library allocation
page read and write
1580000
trusted library allocation
page read and write
28E3000
trusted library allocation
page execute and read and write
2166382F000
heap
page read and write
660000
direct allocation
page execute and read and write
2BAC000
trusted library allocation
page read and write
7FF675754000
unkown
page read and write
5A2000
unkown
page readonly
420000
heap
page read and write
234B6000
heap
page read and write
AFA000
heap
page read and write
61E01000
direct allocation
page execute read
1C79F000
stack
page read and write
88E000
unkown
page execute and read and write
21663D7F000
heap
page read and write
4CAA000
direct allocation
page read and write
1587AC91000
heap
page read and write
17CF000
stack
page read and write
400000
unkown
page readonly
7B9E000
stack
page read and write
401000
unkown
page execute read
725C000
stack
page read and write
2B51000
trusted library allocation
page read and write
407E000
stack
page read and write
1880000
direct allocation
page read and write
1BCFF000
stack
page read and write
C00000A000
direct allocation
page read and write
2482EF00000
heap
page read and write
3111000
heap
page read and write
5B53000
heap
page execute and read and write
2B7E000
trusted library allocation
page read and write
401000
unkown
page execute read
1490000
trusted library allocation
page read and write
21664542000
heap
page read and write
C000164000
direct allocation
page read and write
C0003EA000
direct allocation
page read and write
1880000
direct allocation
page read and write
17CE000
heap
page read and write
7485000
trusted library allocation
page read and write
2882C000
stack
page read and write
423000
unkown
page read and write
6F7000
unkown
page write copy
438B000
trusted library allocation
page read and write
13C5000
heap
page read and write
3870000
direct allocation
page execute and read and write
D41000
heap
page read and write
5D6E000
stack
page read and write
32CF000
trusted library allocation
page read and write
16A0000
direct allocation
page read and write
1DF1000
heap
page read and write
CF0000
heap
page read and write
2FBA000
trusted library allocation
page execute and read and write
130F000
heap
page read and write
7FF675BB1000
unkown
page read and write
2482ED02000
trusted library allocation
page read and write
1D19C000
stack
page read and write
1710000
heap
page read and write
500000
unkown
page readonly
4348000
trusted library allocation
page read and write
21663FAA000
heap
page read and write
2AD0000
heap
page read and write
2299000
heap
page read and write
3111000
heap
page read and write
27FE000
stack
page read and write
158002E5000
heap
page read and write
54C0000
trusted library allocation
page read and write
21663E41000
heap
page read and write
4C0000
heap
page read and write
21663CA8000
heap
page read and write
21663831000
heap
page read and write
3990000
direct allocation
page execute and read and write
2482EB00000
heap
page read and write
35D7000
trusted library allocation
page read and write
1960000
heap
page read and write
2F43000
trusted library allocation
page read and write
9670000
heap
page read and write
28E4000
trusted library allocation
page read and write
427000
unkown
page readonly
158002F4000
heap
page read and write
21028A13000
heap
page read and write
21663CE1000
heap
page read and write
7492000
trusted library allocation
page read and write
7FF675C42000
unkown
page write copy
5780000
trusted library allocation
page read and write
21663FA8000
heap
page read and write
400000
unkown
page readonly
3110000
heap
page read and write
4A9000
remote allocation
page execute and read and write
444000
remote allocation
page execute and read and write
1FC67700000
heap
page read and write
21663816000
heap
page read and write
21663F75000
heap
page read and write
21666084000
heap
page read and write
4389000
trusted library allocation
page read and write
3C20000
direct allocation
page execute and read and write
2F543000
heap
page read and write
21664F96000
heap
page read and write
9C000
stack
page read and write
710000
heap
page read and write
1880000
direct allocation
page read and write
C00008B000
direct allocation
page read and write
3771000
trusted library allocation
page read and write
13C4000
heap
page read and write
2166383D000
heap
page read and write
C000062000
direct allocation
page read and write
C000BFC000
direct allocation
page read and write
3048000
trusted library allocation
page read and write
13BB0000
direct allocation
page read and write
19D000
stack
page read and write
2166383D000
heap
page read and write
427000
unkown
page readonly
2229D000
direct allocation
page execute read
1FFE000
heap
page read and write
2482EF13000
heap
page read and write
2EE0000
heap
page read and write
455A000
trusted library allocation
page read and write
2BF5000
trusted library allocation
page read and write
70CFDFC000
stack
page read and write
3111000
heap
page read and write
3445000
trusted library allocation
page read and write
326ECFE000
unkown
page readonly
B3D000
stack
page read and write
20D6A7A8000
heap
page read and write
1BD20000
heap
page read and write
3111000
heap
page read and write
15800060000
trusted library allocation
page read and write
970000
direct allocation
page read and write
21663CC9000
heap
page read and write
670000
heap
page read and write
2BAA79E0000
heap
page read and write
C000400000
direct allocation
page read and write
216643AB000
heap
page read and write
3C1F000
stack
page read and write
1E07000
heap
page read and write
21663DC5000
heap
page read and write
21663CFC000
heap
page read and write
3111000
heap
page read and write
30CB000
stack
page read and write
C3C000
unkown
page execute and write copy
5A7E000
trusted library allocation
page read and write
6691F000
unkown
page write copy
7FF675704000
unkown
page write copy
14C0F000
stack
page read and write
216642BC000
heap
page read and write
216663D6000
heap
page read and write
22319120000
heap
page read and write
39EC000
stack
page read and write
2130000
direct allocation
page read and write
1880000
direct allocation
page read and write
365BD000
stack
page read and write
680000
heap
page read and write
32B6000
trusted library allocation
page read and write
140F05000
unkown
page execute read
5730000
heap
page read and write
5E4C000
stack
page read and write
1587AC74000
heap
page read and write
2910000
trusted library allocation
page read and write
3650000
heap
page read and write
19F3000
stack
page read and write
2359F000
heap
page read and write
21663F14000
heap
page read and write
14000B000
unkown
page read and write
21663FAA000
heap
page read and write
3342000
trusted library allocation
page read and write
715E000
stack
page read and write
52E5000
trusted library allocation
page read and write
234CB000
heap
page read and write
3637C000
stack
page read and write
7B50000
trusted library allocation
page read and write
378E000
stack
page read and write
1880000
direct allocation
page read and write
5AEE000
stack
page read and write
21663CE1000
heap
page read and write
2001000
heap
page read and write
FC7AF7E000
stack
page read and write
2BAA8070000
trusted library allocation
page read and write
520000
heap
page read and write
1FC67760000
heap
page read and write
6980000
heap
page read and write
52D0000
trusted library allocation
page read and write
21663EA9000
heap
page read and write
7B0000
heap
page read and write
2FA7000
trusted library allocation
page read and write
2B2F000
stack
page read and write
1310000
direct allocation
page read and write
1587B415000
heap
page read and write
158002CA000
heap
page read and write
13C4000
heap
page read and write
2597F271000
direct allocation
page read and write
FC7AB7F000
stack
page read and write
789000
unkown
page readonly
171A000
heap
page read and write
2000000
heap
page read and write
1260000
trusted library allocation
page read and write
1D1DD000
stack
page read and write
16E4000
trusted library allocation
page read and write
3C54000
direct allocation
page execute and read and write
21663817000
heap
page read and write
41C1000
heap
page read and write
7110000
heap
page read and write
437C000
trusted library allocation
page read and write
22319060000
heap
page read and write
456000
remote allocation
page execute and read and write
B8E000
heap
page read and write
400000
trusted library allocation
page read and write
2720000
heap
page read and write
88A000
unkown
page execute and read and write
3111000
heap
page read and write
651A000
heap
page read and write
2A7E000
stack
page read and write
305A000
trusted library allocation
page read and write
515000
unkown
page execute and read and write
17AD000
heap
page read and write
3111000
heap
page read and write
1D97000
heap
page read and write
15B5000
heap
page read and write
3030000
trusted library allocation
page read and write
74A0000
trusted library allocation
page read and write
814000
heap
page read and write
234B0000
heap
page read and write
C2250BD000
stack
page read and write
21664291000
heap
page read and write
2F54B000
heap
page read and write
1A4CFFE000
unkown
page readonly
7FF67570B000
unkown
page write copy
2BD8000
trusted library allocation
page read and write
2FC4000
trusted library allocation
page read and write
2BAA7A13000
heap
page read and write
C37000
unkown
page execute and write copy
7FF675C59000
unkown
page readonly
3617B000
stack
page read and write
6472000
heap
page read and write
234AC000
heap
page read and write
2482EC39000
heap
page read and write
2482ED24000
heap
page read and write
21663CB5000
heap
page read and write
1BE01000
heap
page read and write
2F54A000
heap
page read and write
1495000
heap
page read and write
510000
heap
page read and write
748F000
trusted library allocation
page read and write
138D000
heap
page read and write
1A4CCFE000
unkown
page readonly
1792000
heap
page read and write
70EB000
heap
page read and write
430000
heap
page read and write
21663804000
heap
page read and write
457A000
trusted library allocation
page read and write
1587AD13000
heap
page read and write
2BAA7A40000
heap
page read and write
C40000
heap
page read and write
1736000
heap
page read and write
15800020000
trusted library allocation
page read and write
7FC40000
trusted library allocation
page execute and read and write
422000
unkown
page write copy
15800030000
trusted library allocation
page read and write
2000000
direct allocation
page read and write
140F05000
unkown
page execute read
15CE000
stack
page read and write
751D000
stack
page read and write
5700000
heap
page read and write
4571000
trusted library allocation
page read and write
2B27000
trusted library allocation
page read and write
C000190000
direct allocation
page read and write
28E0000
trusted library allocation
page read and write
2BE0000
trusted library allocation
page read and write
2A3D000
stack
page read and write
7478000
trusted library allocation
page read and write
234B6000
heap
page read and write
C10000
heap
page read and write
21663826000
heap
page read and write
6A00000
trusted library allocation
page read and write
2482EE00000
heap
page read and write
422000
unkown
page write copy
2FB5000
trusted library allocation
page read and write
15800200000
heap
page read and write
3030000
trusted library allocation
page execute and read and write
1880000
direct allocation
page read and write
234AA000
heap
page read and write
234C8000
heap
page read and write
4FF0000
trusted library allocation
page read and write
2FE5000
trusted library allocation
page read and write
3450000
trusted library allocation
page read and write
38E9000
heap
page read and write
576A000
trusted library allocation
page read and write
A4B000
unkown
page execute and read and write
234C0000
heap
page read and write
17AD000
heap
page read and write
21663F65000
heap
page read and write
6420000
heap
page read and write
140009000
unkown
page readonly
12F0000
heap
page read and write
3142000
trusted library allocation
page read and write
57A000
unkown
page readonly
2597F2B0000
direct allocation
page read and write
3BF7000
heap
page read and write
1730000
heap
page read and write
1CD0000
heap
page read and write
16A0000
direct allocation
page read and write
14A0000
heap
page read and write
C000AF2000
direct allocation
page read and write
1A4D07E000
stack
page read and write
3376000
trusted library allocation
page read and write
1721D000
stack
page read and write
6FA000
unkown
page readonly
3111000
heap
page read and write
21663CD5000
heap
page read and write
21663EA9000
heap
page read and write
234C6000
heap
page read and write
21663D83000
heap
page read and write
DAD6F1B000
stack
page read and write
2166382F000
heap
page read and write
216658BC000
heap
page read and write
1E04000
heap
page read and write
13FE000
stack
page read and write
3111000
heap
page read and write
2597F350000
direct allocation
page read and write
2D7E000
stack
page read and write
1306000
heap
page read and write
2160000
direct allocation
page read and write
1D3DE000
stack
page read and write
234B0000
heap
page read and write
7FF675709000
unkown
page write copy
23C8B6D0000
heap
page read and write
21663CD9000
heap
page read and write
21661D70000
trusted library allocation
page read and write
131C000
unkown
page readonly
2FC6000
trusted library allocation
page read and write
32B8000
trusted library allocation
page read and write
21663CC0000
heap
page read and write
3111000
heap
page read and write
21029170000
trusted library allocation
page read and write
20D6A750000
heap
page read and write
8FA000
stack
page read and write
21663CAF000
heap
page read and write
17DB000
heap
page read and write
4A6000
unkown
page readonly
17EF000
heap
page read and write
58C0000
trusted library allocation
page execute and read and write
A59000
unkown
page execute and read and write
19B0000
heap
page read and write
1580022C000
heap
page read and write
1A4CAFE000
unkown
page readonly
580F000
stack
page read and write
3111000
heap
page read and write
1C110000
heap
page read and write
3361000
trusted library allocation
page read and write
55B0000
heap
page read and write
19B5000
heap
page read and write
3763000
trusted library allocation
page read and write
5A9E000
trusted library allocation
page read and write
2F9A000
trusted library allocation
page read and write
21663F75000
heap
page read and write
3340000
trusted library allocation
page read and write
22319128000
heap
page read and write
2AC1000
trusted library allocation
page read and write
21664A89000
heap
page read and write
C0005E4000
direct allocation
page read and write
1587BC20000
trusted library section
page readonly
3120000
heap
page read and write
21663807000
heap
page read and write
1315000
unkown
page read and write
216642B8000
heap
page read and write
1880000
direct allocation
page read and write
1580000
heap
page read and write
3F9E000
stack
page read and write
400000
unkown
page readonly
21028A2B000
heap
page read and write
19F8000
stack
page read and write
216638A6000
heap
page read and write
97C000
stack
page read and write
16A0000
direct allocation
page read and write
1120000
heap
page read and write
376D000
trusted library allocation
page read and write
21663FAB000
heap
page read and write
2166381A000
heap
page read and write
C000090000
direct allocation
page read and write
3C00000
heap
page read and write
1B0000
heap
page read and write
21664320000
heap
page read and write
21663CC0000
heap
page read and write
668DF000
unkown
page readonly
3111000
heap
page read and write
45EA000
trusted library allocation
page read and write
15800304000
heap
page read and write
3DD0000
heap
page read and write
16E3000
trusted library allocation
page execute and read and write
1580028F000
heap
page read and write
3F4E000
stack
page read and write
1587AB50000
heap
page read and write
439000
remote allocation
page execute and read and write
81E000
stack
page read and write
17AC000
heap
page read and write
965000
heap
page read and write
21663CE1000
heap
page read and write
4AFF000
stack
page read and write
21665A3C000
heap
page read and write
52BD000
trusted library allocation
page read and write
21664688000
heap
page read and write
335B000
trusted library allocation
page read and write
400000
unkown
page readonly
2B07EFE000
stack
page read and write
1A4C2FE000
unkown
page readonly
3170000
trusted library allocation
page read and write
16A0000
direct allocation
page read and write
158002F6000
heap
page read and write
21663CC9000
heap
page read and write
C000052000
direct allocation
page read and write
23C8B6B0000
heap
page read and write
37AE000
stack
page read and write
7340000
heap
page read and write
4C18000
direct allocation
page read and write
3344000
trusted library allocation
page read and write
1BD9D000
heap
page read and write
C000166000
direct allocation
page read and write
21663CA4000
heap
page read and write
1587B500000
heap
page read and write
21663862000
heap
page read and write
1430000
heap
page read and write
21663831000
heap
page read and write
1480000
heap
page read and write
671000
unkown
page execute read
3C6E000
direct allocation
page execute and read and write
5470000
heap
page read and write
21117E28000
heap
page read and write
2BDA000
trusted library allocation
page read and write
2105000
heap
page read and write
45E6000
trusted library allocation
page read and write
C000122000
direct allocation
page read and write
100E000
stack
page read and write
5A5B000
trusted library allocation
page read and write
7278000
heap
page read and write
960000
direct allocation
page read and write
2166381D000
heap
page read and write
3F0E000
stack
page read and write
4140000
heap
page read and write
75A0000
trusted library allocation
page execute and read and write
15800242000
heap
page read and write
1304000
heap
page read and write
45E0000
trusted library allocation
page read and write
1757000
heap
page read and write
1A4D8FE000
unkown
page readonly
6664D000
unkown
page readonly
13AE000
heap
page read and write
1440000
trusted library allocation
page execute and read and write
56F7000
trusted library allocation
page read and write
1880000
direct allocation
page read and write
216638A9000
heap
page read and write
1D0000
heap
page read and write
155E000
stack
page read and write
21663E91000
heap
page read and write
2B2F000
trusted library allocation
page read and write
223190C5000
heap
page read and write
1263000
trusted library allocation
page execute and read and write
510000
heap
page read and write
13C4000
heap
page read and write
C000192000
direct allocation
page read and write
32B0000
trusted library allocation
page read and write
A41000
unkown
page execute and read and write
EFE000
stack
page read and write
6A34000
trusted library allocation
page read and write
1A4D17E000
stack
page read and write
539000
remote allocation
page execute and read and write
20E4000
heap
page read and write
19C000
stack
page read and write
21663821000
heap
page read and write
2AB0000
heap
page read and write
5740000
trusted library allocation
page read and write
3378000
trusted library allocation
page read and write
671E000
stack
page read and write
21117F02000
heap
page read and write
529B000
trusted library allocation
page read and write
3C6E000
direct allocation
page execute and read and write
20E0000
heap
page read and write
C000008000
direct allocation
page read and write
3111000
heap
page read and write
51A000
heap
page read and write
143C000
stack
page read and write
2482EAE0000
heap
page read and write
C71000
unkown
page execute read
3011000
trusted library allocation
page read and write
5A95000
trusted library allocation
page read and write
18B5000
direct allocation
page read and write
3017000
trusted library allocation
page read and write
1BD2B000
heap
page read and write
2F67000
trusted library allocation
page read and write
A82000
unkown
page execute and read and write
178C000
heap
page read and write
70CFFFF000
stack
page read and write
5AC0000
trusted library allocation
page read and write
109E000
stack
page read and write
2400000
direct allocation
page read and write
2166495D000
heap
page read and write
119F000
unkown
page execute and write copy
1587AC13000
heap
page read and write
1BF6A000
stack
page read and write
560000
heap
page read and write
578000
unkown
page read and write
21663862000
heap
page read and write
703000
heap
page read and write
1304000
heap
page read and write
2BC1000
trusted library allocation
page read and write
1AF0000
heap
page read and write
1290000
trusted library allocation
page read and write
494000
unkown
page read and write
158001D0000
remote allocation
page read and write
21663C9F000
heap
page read and write
180C000
stack
page read and write
21661DA0000
remote allocation
page read and write
15800180000
trusted library allocation
page read and write
52E0000
heap
page read and write
2FB3000
trusted library allocation
page read and write
25939E10000
heap
page read and write
7FF675759000
unkown
page read and write
30D0000
heap
page read and write
25C0000
direct allocation
page read and write
FC7B17B000
stack
page read and write
32FB000
trusted library allocation
page read and write
641000
remote allocation
page execute and read and write
AA6000
unkown
page execute and read and write
3005000
trusted library allocation
page read and write
1A4C9FB000
stack
page read and write
3110000
trusted library allocation
page read and write
2BF3000
trusted library allocation
page read and write
5FE0000
trusted library allocation
page read and write
302E000
stack
page read and write
1587B3D1000
trusted library allocation
page read and write
1B537410000
heap
page read and write
222DA000
direct allocation
page readonly
4C8000
unkown
page readonly
2478CFF000
stack
page read and write
A24000
unkown
page execute and write copy
5A30000
heap
page read and write
1880000
direct allocation
page read and write
10A8000
heap
page read and write
15800050000
trusted library allocation
page read and write
564000
heap
page read and write
15800300000
heap
page read and write
21029180000
remote allocation
page read and write
1500000
heap
page read and write
21117D00000
heap
page read and write
2148000
direct allocation
page read and write
234B0000
heap
page read and write
1304000
heap
page read and write
1587BC00000
trusted library section
page readonly
A53000
unkown
page execute and read and write
2597F148000
direct allocation
page read and write
524D000
stack
page read and write
1E0D000
heap
page read and write
5E00000
trusted library allocation
page execute and read and write
313D000
trusted library allocation
page read and write
4D1000
remote allocation
page execute and read and write
5C00000
trusted library allocation
page read and write
30E0000
trusted library allocation
page read and write
1607000
heap
page read and write
1A4D0FE000
unkown
page readonly
64F2000
heap
page read and write
21663D44000
heap
page read and write
166F000
heap
page read and write
1CD9F000
stack
page read and write
21663891000
heap
page read and write
2B7C000
trusted library allocation
page read and write
15800258000
heap
page read and write
1587B513000
heap
page read and write
2B65000
trusted library allocation
page read and write
297E000
stack
page read and write
6691E000
unkown
page read and write
21663CC0000
heap
page read and write
2BAA7900000
heap
page read and write
16FC000
stack
page read and write
21663EA9000
heap
page read and write
21661DA0000
remote allocation
page read and write
5A50000
trusted library allocation
page read and write
17D1000
heap
page read and write
66740000
unkown
page readonly
21663820000
heap
page read and write
50D0000
trusted library allocation
page read and write
213C000
direct allocation
page read and write
311B000
trusted library allocation
page read and write
1D420000
heap
page read and write
1B9E000
stack
page read and write
400000
unkown
page readonly
21663EC8000
heap
page read and write
401000
unkown
page execute read
26BE000
stack
page read and write
51D000
unkown
page readonly
216638A6000
heap
page read and write
21663834000
heap
page read and write
365D000
heap
page read and write
21663CAB000
heap
page read and write
1A4BC7B000
stack
page read and write
73A000
unkown
page write copy
1E33000
heap
page read and write
41B000
unkown
page readonly
4FF000
unkown
page execute and read and write
1E84000
heap
page read and write
21663820000
heap
page read and write
122F000
stack
page read and write
22090000
direct allocation
page execute and read and write
562000
unkown
page readonly
3461000
trusted library allocation
page read and write
5610000
trusted library allocation
page read and write
4AC8000
trusted library allocation
page read and write
21028A40000
heap
page read and write
304E000
trusted library allocation
page read and write
1418E8000
unkown
page readonly
14FE000
stack
page read and write
128A000
trusted library allocation
page execute and read and write
145E000
stack
page read and write
293D000
stack
page read and write
15DB000
heap
page read and write
5D0000
heap
page read and write
2B80000
trusted library allocation
page read and write
64AE000
heap
page read and write
A1C000
unkown
page execute and write copy
1A4D1FE000
unkown
page readonly
2B07FFE000
stack
page read and write
66662000
unkown
page readonly
21663F52000
heap
page read and write
72D6000
heap
page read and write
1EAD000
heap
page read and write
2011000
direct allocation
page read and write
55C0000
heap
page read and write
353F000
trusted library allocation
page read and write
2B94000
trusted library allocation
page read and write
33B0000
trusted library allocation
page read and write
41B000
unkown
page readonly
529E000
stack
page read and write
5768000
trusted library allocation
page read and write
21663D6F000
heap
page read and write
79BF000
stack
page read and write
FC7AE7E000
stack
page read and write
1418E8000
unkown
page readonly
234A1000
heap
page read and write
171B000
heap
page read and write
1BD10000
heap
page read and write
1C0000
heap
page read and write
C81335D000
stack
page read and write
55A0000
heap
page read and write
15E5000
heap
page read and write
C000098000
direct allocation
page read and write
32C9000
trusted library allocation
page read and write
3111000
heap
page read and write
216638A9000
heap
page read and write
1880000
direct allocation
page read and write
3131000
trusted library allocation
page read and write
21663834000
heap
page read and write
234B3000
heap
page read and write
1F71000
heap
page read and write
420000
unkown
page write copy
333E000
trusted library allocation
page read and write
21663881000
heap
page read and write
234B2000
heap
page read and write
1D528000
heap
page read and write
8B0000
unkown
page execute and read and write
51E000
heap
page read and write
2B63000
trusted library allocation
page read and write
5860000
trusted library allocation
page read and write
2478C7D000
stack
page read and write
64F8000
heap
page read and write
1250000
trusted library allocation
page read and write
2BE4000
trusted library allocation
page read and write
56F9000
trusted library allocation
page read and write
5FD0000
trusted library allocation
page execute and read and write
15800261000
heap
page read and write
9A000
stack
page read and write
15800060000
trusted library allocation
page read and write
217C000
direct allocation
page read and write
2FE3000
trusted library allocation
page read and write
1A4C6FE000
unkown
page readonly
871000
unkown
page execute and read and write
4376000
trusted library allocation
page read and write
21028C00000
heap
page read and write
54B000
heap
page read and write
70D07FF000
stack
page read and write
2450000
heap
page read and write
10A0000
heap
page read and write
3043000
trusted library allocation
page read and write
28FD000
trusted library allocation
page execute and read and write
2BE6000
trusted library allocation
page read and write
A61000
unkown
page execute and read and write
C000C75000
direct allocation
page read and write
21663CA8000
heap
page read and write
25939EE0000
heap
page read and write
696E000
stack
page read and write
2B0807E000
unkown
page readonly
1297000
trusted library allocation
page execute and read and write
2166381D000
heap
page read and write
31EF000
stack
page read and write
5590000
trusted library section
page readonly
32AC000
trusted library allocation
page read and write
1587AC96000
heap
page read and write
2482EF02000
heap
page read and write
9C000
stack
page read and write
61E00000
direct allocation
page execute and read and write
234C1000
heap
page read and write
A51000
unkown
page execute and read and write
2166429C000
heap
page read and write
21663F14000
heap
page read and write
21663CAE000
heap
page read and write
14B0E000
stack
page read and write
21663F14000
heap
page read and write
789000
unkown
page readonly
2166389D000
heap
page read and write
3BF0000
heap
page read and write
500000
heap
page read and write
5C8000
remote allocation
page execute and read and write
512E000
stack
page read and write
747A000
trusted library allocation
page read and write
D2B000
heap
page read and write
665D1000
unkown
page execute read
21117E13000
heap
page read and write
C0000A6000
direct allocation
page read and write
234CF000
heap
page read and write
1CDA000
heap
page read and write
A00000
unkown
page readonly
510000
heap
page read and write
21663CA0000
heap
page read and write
25939E34000
direct allocation
page read and write
2FB0000
trusted library allocation
page read and write
681000
heap
page read and write
1B537458000
heap
page read and write
21663862000
heap
page read and write
3111000
heap
page read and write
1A4CBFE000
unkown
page readonly
21663891000
heap
page read and write
16E0000
trusted library allocation
page read and write
2166389D000
heap
page read and write
2482EF02000
heap
page read and write
C000024000
direct allocation
page read and write
52B6000
trusted library allocation
page read and write
3111000
heap
page read and write
1A4C7FB000
stack
page read and write
34CF000
stack
page read and write
66920000
unkown
page read and write
4393000
trusted library allocation
page read and write
401000
unkown
page execute read
400000
unkown
page readonly
2FE0000
trusted library allocation
page read and write
1880000
direct allocation
page read and write
3111000
heap
page read and write
21664295000
heap
page read and write
2BAA7A02000
heap
page read and write
401000
unkown
page execute read
1587B691000
trusted library allocation
page read and write
2166381D000
heap
page read and write
1E66000
heap
page read and write
1A4D7FB000
stack
page read and write
41B000
unkown
page readonly
5B1F000
stack
page read and write
45FF000
trusted library allocation
page read and write
10F0000
heap
page read and write
578000
unkown
page write copy
41B000
unkown
page readonly
21117E2B000
heap
page read and write
1E86000
heap
page read and write
1880000
direct allocation
page read and write
C00003B000
direct allocation
page read and write
2EE1000
heap
page read and write
1310000
direct allocation
page read and write
75CD000
trusted library allocation
page read and write
3111000
heap
page read and write
7FF675C42000
unkown
page read and write
171E000
heap
page read and write
E1E000
heap
page read and write
8A2000
unkown
page execute and read and write
1125000
heap
page read and write
B3C000
heap
page read and write
21663862000
heap
page read and write
10165000
direct allocation
page read and write
C0000AC000
direct allocation
page read and write
1ED1000
heap
page read and write
D86000
unkown
page execute and read and write
21663802000
heap
page read and write
140001000
unkown
page execute read
70D0000
heap
page read and write
10000000
direct allocation
page read and write
498000
unkown
page write copy
158002C4000
heap
page read and write
66662000
unkown
page readonly
3D60000
heap
page read and write
37D0000
heap
page read and write
9BC807F000
stack
page read and write
EC0000
heap
page read and write
C000136000
direct allocation
page read and write
966F000
stack
page read and write
13C4000
heap
page read and write
326E87E000
stack
page read and write
C000BC2000
direct allocation
page read and write
573000
unkown
page readonly
322E000
stack
page read and write
B4A000
unkown
page execute and read and write
1860000
heap
page read and write
FAD000
stack
page read and write
BA3000
unkown
page write copy
21663862000
heap
page read and write
15800074000
trusted library allocation
page read and write
3111000
heap
page read and write
216643F1000
heap
page read and write
43D0000
trusted library allocation
page read and write
A64000
unkown
page execute and read and write
21663D44000
heap
page read and write
665D0000
unkown
page readonly
2166383D000
heap
page read and write
21663821000
heap
page read and write
2FE8000
trusted library allocation
page read and write
2FAD000
trusted library allocation
page read and write
21663FA8000
heap
page read and write
34BE000
trusted library allocation
page read and write
C000028000
direct allocation
page read and write
C000100000
direct allocation
page read and write
2482EC38000
heap
page read and write
46C000
heap
page read and write
877000
unkown
page execute and read and write
13C4000
heap
page read and write
E0E000
stack
page read and write
64CC000
heap
page read and write
C70000
unkown
page readonly
2482EC39000
heap
page read and write
222D2000
direct allocation
page read and write
38DE000
stack
page read and write
6504000
heap
page read and write
2482ED15000
trusted library allocation
page read and write
C000059000
direct allocation
page read and write
1A2D000
heap
page read and write
234C0000
heap
page read and write
21663CAE000
heap
page read and write
2BC7000
trusted library allocation
page read and write
2E11000
trusted library allocation
page read and write
72E9000
heap
page read and write
21663899000
heap
page read and write
234AF000
heap
page read and write
234A4000
heap
page read and write
925E000
stack
page read and write
61ED4000
direct allocation
page readonly
1DD7000
heap
page read and write
2BE2000
trusted library allocation
page read and write
2FE1000
trusted library allocation
page read and write
25939E30000
direct allocation
page read and write
51A000
unkown
page readonly
528E000
stack
page read and write
422000
unkown
page write copy
2BA6000
trusted library allocation
page read and write
21663831000
heap
page read and write
21663E41000
heap
page read and write
10001000
direct allocation
page execute read
5820000
trusted library allocation
page read and write
342C000
trusted library allocation
page read and write
2BAA7A32000
heap
page read and write
1E10000
heap
page read and write
1393000
heap
page read and write
21663D07000
heap
page read and write
21663F3B000
heap
page read and write
681000
heap
page read and write
21663CB0000
heap
page read and write
21663DC5000
heap
page read and write
2B87000
trusted library allocation
page read and write
86B000
unkown
page execute and read and write
B12000
unkown
page execute read
7FF675BCB000
unkown
page read and write
7FF675C59000
unkown
page readonly
5BF0000
trusted library allocation
page read and write
2482EC8B000
heap
page read and write
21663D34000
heap
page read and write
4C9E000
stack
page read and write
19C000
stack
page read and write
300F000
trusted library allocation
page read and write
56EE000
stack
page read and write
17DE000
heap
page read and write
1304000
heap
page read and write
1580021F000
heap
page read and write
234C1000
heap
page read and write
2137000
direct allocation
page read and write
2482EC8B000
heap
page read and write
1D2A000
heap
page read and write
336A000
trusted library allocation
page read and write
20D6AB65000
heap
page read and write
1D0000
heap
page read and write
17C1000
heap
page read and write
3111000
heap
page read and write
1587B400000
heap
page read and write
46FF000
trusted library allocation
page read and write
15800170000
trusted library allocation
page read and write
332B000
trusted library allocation
page read and write
3323000
trusted library allocation
page read and write
9C000
stack
page read and write
195D000
stack
page read and write
F00000
heap
page read and write
7FF665E80000
unkown
page execute read
40B000
unkown
page execute and read and write
6FB0000
heap
page read and write
54D0000
trusted library allocation
page execute and read and write
329E000
stack
page read and write
3C64000
direct allocation
page execute and read and write
11D9000
heap
page read and write
A5D000
unkown
page execute and read and write
2001000
heap
page read and write
54A0000
trusted library allocation
page read and write
15801000000
heap
page read and write
1C330000
heap
page read and write
5343000
heap
page read and write
7570000
trusted library allocation
page read and write
21663F14000
heap
page read and write
5FA000
heap
page read and write
59EE000
stack
page read and write
FD0000
heap
page read and write
30F0000
direct allocation
page read and write
45C7000
trusted library allocation
page read and write
21663831000
heap
page read and write
2138000
direct allocation
page read and write
14E000
stack
page read and write
C3C000
unkown
page execute and read and write
401000
unkown
page execute read
21663D24000
heap
page read and write
5830000
trusted library allocation
page read and write
61EB7000
direct allocation
page readonly
2E0E000
stack
page read and write
4FE0000
trusted library allocation
page read and write
234C1000
heap
page read and write
2B84000
trusted library allocation
page read and write
850000
direct allocation
page read and write
3180000
trusted library allocation
page read and write
3111000
heap
page read and write
57A1000
trusted library allocation
page read and write
21663FA8000
heap
page read and write
21663881000
heap
page read and write
10002000
unkown
page readonly
3111000
heap
page read and write
1304000
heap
page read and write
234AA000
heap
page read and write
1BFC4000
heap
page read and write
1BD3B000
heap
page read and write
216638A9000
heap
page read and write
2162000
direct allocation
page read and write
2BBD000
trusted library allocation
page read and write
E6A000
stack
page read and write
21663FAC000
heap
page read and write
3C64000
direct allocation
page execute and read and write
21663FAC000
heap
page read and write
3111000
heap
page read and write
234CD000
heap
page read and write
7FF67570E000
unkown
page write copy
21663F75000
heap
page read and write
55C5000
heap
page read and write
64E9000
heap
page read and write
16A0000
direct allocation
page read and write
C00008D000
direct allocation
page read and write
5B0000
heap
page read and write
21663862000
heap
page read and write
363BB000
stack
page read and write
2260000
heap
page read and write
C30000
heap
page read and write
1880000
direct allocation
page read and write
1264000
trusted library allocation
page read and write
FC7AA7D000
stack
page read and write
7FF675751000
unkown
page write copy
2B6C000
trusted library allocation
page read and write
1310000
direct allocation
page read and write
5A66000
trusted library allocation
page read and write
64DE000
heap
page read and write
21664C13000
heap
page read and write
6DF000
unkown
page readonly
5830000
heap
page read and write
5BD0000
trusted library allocation
page read and write
2B0817C000
stack
page read and write
470F000
stack
page read and write
5AA0000
trusted library allocation
page read and write
335D000
trusted library allocation
page read and write
1F0000
heap
page read and write
3154000
trusted library allocation
page read and write
3769000
trusted library allocation
page read and write
C000066000
direct allocation
page read and write
21663831000
heap
page read and write
216637B0000
trusted library allocation
page read and write
132F000
heap
page read and write
3160000
trusted library allocation
page read and write
AF0000
unkown
page readonly
1379000
heap
page read and write
8C5000
heap
page read and write
1292000
trusted library allocation
page read and write
2166389F000
heap
page read and write
2AA0000
trusted library allocation
page read and write
1587B402000
heap
page read and write
341E000
trusted library allocation
page read and write
7590000
trusted library allocation
page read and write
3111000
heap
page read and write
420000
unkown
page read and write
1A4D47E000
unkown
page readonly
1304000
heap
page read and write
2166382F000
heap
page read and write
526E000
stack
page read and write
34E2000
trusted library allocation
page read and write
1A4DEFE000
unkown
page readonly
11A0000
unkown
page readonly
66925000
unkown
page readonly
75A000
unkown
page readonly
793E000
stack
page read and write
873000
unkown
page execute and read and write
140CAA000
unkown
page readonly
17AA000
heap
page read and write
1D4A000
heap
page read and write
3064000
trusted library allocation
page read and write
21663821000
heap
page read and write
55D000
heap
page read and write
7BD0000
heap
page read and write
1880000
direct allocation
page read and write
21663CCD000
heap
page read and write
14A5000
heap
page read and write
35C4000
trusted library allocation
page read and write
400000
unkown
page execute and read and write
127D000
trusted library allocation
page execute and read and write
2B4E000
trusted library allocation
page read and write
517000
unkown
page read and write
2497B9F000
stack
page read and write
22098000
direct allocation
page execute read
18CD000
stack
page read and write
12E6000
heap
page read and write
3C18000
heap
page read and write
40BD000
stack
page read and write
210289E0000
heap
page read and write
15800070000
trusted library allocation
page read and write
2F96000
trusted library allocation
page read and write
3321000
trusted library allocation
page read and write
33CE000
stack
page read and write
423000
unkown
page read and write
5F0000
heap
page read and write
881000
unkown
page execute and read and write
1A4C0FE000
unkown
page readonly
7C0000
heap
page read and write
3FC0000
heap
page read and write
14A7000
heap
page read and write
32AA000
trusted library allocation
page read and write
3032000
trusted library allocation
page read and write
C80000
heap
page read and write
1304000
heap
page read and write
21663899000
heap
page read and write
25939E38000
direct allocation
page read and write
A57000
unkown
page execute and read and write
17C9000
heap
page read and write
326EDFE000
stack
page read and write
32D4000
trusted library allocation
page read and write
728000
unkown
page readonly
2FCA000
trusted library allocation
page read and write
5F7E000
stack
page read and write
128B000
stack
page read and write
665D0000
unkown
page readonly
1587FFA0000
trusted library allocation
page read and write
7FF675420000
unkown
page readonly
1587AC8F000
heap
page read and write
1310000
direct allocation
page read and write
3111000
heap
page read and write
16A0000
trusted library allocation
page read and write
5750000
trusted library allocation
page execute and read and write
3C53000
direct allocation
page execute and read and write
3301000
trusted library allocation
page read and write
2BAA8202000
trusted library allocation
page read and write
143B000
stack
page read and write
2018000
direct allocation
page read and write
40B000
unkown
page write copy
2482EC7A000
unkown
page read and write
21663814000
heap
page read and write
21663FAD000
heap
page read and write
21663826000
heap
page read and write
C0003F0000
direct allocation
page read and write
2EE1000
heap
page read and write
2770000
trusted library allocation
page read and write
1B537735000
heap
page read and write
72F000
unkown
page readonly
C000200000
direct allocation
page read and write
110F000
stack
page read and write
2166383D000
heap
page read and write
6FA000
unkown
page readonly
671000
unkown
page execute read
10EE000
stack
page read and write
216638A6000
heap
page read and write
21663CD5000
heap
page read and write
3374000
trusted library allocation
page read and write
21664F90000
heap
page read and write
2482EC77000
heap
page read and write
24B0000
heap
page read and write
1A4CC7E000
stack
page read and write
400000
remote allocation
page execute and read and write
5B6E000
stack
page read and write
5840000
heap
page read and write
1520000
trusted library allocation
page read and write
C000038000
direct allocation
page read and write
21663862000
heap
page read and write
70DC000
heap
page read and write
21028A27000
heap
page read and write
5A6A000
heap
page read and write
234B0000
heap
page read and write
3111000
heap
page read and write
32A1000
trusted library allocation
page read and write
1AF5000
heap
page read and write
420000
unkown
page write copy
234AA000
heap
page read and write
21028A02000
heap
page read and write
1880000
direct allocation
page read and write
427000
unkown
page readonly
8B2000
unkown
page execute and read and write
861000
unkown
page execute and read and write
16D0000
trusted library allocation
page read and write
9F0000
heap
page read and write
4A6000
remote allocation
page execute and read and write
420000
unkown
page write copy
21663CD9000
heap
page read and write
EAC000
stack
page read and write
21663834000
heap
page read and write
21663D1E000
heap
page read and write
895000
unkown
page execute and read and write
41B6000
heap
page read and write
C000132000
direct allocation
page read and write
3111000
heap
page read and write
234C0000
heap
page read and write
32B4000
trusted library allocation
page read and write
C00004D000
direct allocation
page read and write
21663D1E000
heap
page read and write
557000
heap
page read and write
1880000
direct allocation
page read and write
9770000
unclassified section
page read and write
3111000
heap
page read and write
234CF000
heap
page read and write
13C0000
heap
page read and write
38E5000
heap
page read and write
2B0827E000
unkown
page readonly
1256E000
stack
page read and write
234B0000
heap
page read and write
1304000
heap
page read and write
13A0000
heap
page read and write
1D79000
heap
page read and write
75C0000
trusted library allocation
page read and write
3478000
trusted library allocation
page read and write
E6E000
stack
page read and write
6691E000
unkown
page read and write
21663F65000
heap
page read and write
60E000
heap
page read and write
30F0000
direct allocation
page read and write
22319050000
heap
page read and write
41C0000
heap
page read and write
2A80000
trusted library allocation
page execute and read and write
21663F75000
heap
page read and write
21663DD0000
heap
page read and write
972000
direct allocation
page read and write
7FF675C3F000
unkown
page read and write
3111000
heap
page read and write
5F0000
heap
page read and write
58BF000
stack
page read and write
28E083B8000
heap
page read and write
3C64000
direct allocation
page execute and read and write
AF1000
unkown
page execute read
1587BC50000
trusted library section
page readonly
21663891000
heap
page read and write
C37000
unkown
page execute and read and write
56F0000
trusted library allocation
page read and write
401000
unkown
page execute read
22319080000
heap
page read and write
AF9000
unkown
page execute and read and write
3040000
heap
page execute and read and write
3353000
trusted library allocation
page read and write
1D89000
heap
page read and write
1D0000
heap
page read and write
21663831000
heap
page read and write
A00000
unkown
page readonly
691C000
stack
page read and write
21663891000
heap
page read and write
1F75000
heap
page read and write
158002E3000
heap
page read and write
2166381D000
heap
page read and write
30AF000
stack
page read and write
28FF000
stack
page read and write
337A000
trusted library allocation
page read and write
E10000
heap
page read and write
21663845000
heap
page read and write
12D9000
heap
page read and write
5630000
heap
page execute and read and write
28E082A0000
heap
page read and write
422000
unkown
page write copy
57E0000
trusted library allocation
page execute and read and write
20D6A7A0000
heap
page read and write
69DE000
stack
page read and write
21117CE0000
heap
page read and write
21664291000
heap
page read and write
234B0000
heap
page read and write
25939EE5000
heap
page read and write
539C000
stack
page read and write
C000026000
direct allocation
page read and write
3C60000
direct allocation
page execute and read and write
3111000
heap
page read and write
76B2000
trusted library allocation
page read and write
8A0000
unkown
page execute and read and write
5330000
heap
page read and write
2260B000
stack
page read and write
3111000
heap
page read and write
15800100000
trusted library allocation
page read and write
21663821000
heap
page read and write
1744000
heap
page read and write
21663E45000
heap
page read and write
234CF000
heap
page read and write
15800031000
trusted library allocation
page read and write
2FDB000
trusted library allocation
page read and write
326EFFE000
stack
page read and write
55E000
heap
page read and write
500000
heap
page read and write
C00005B000
direct allocation
page read and write
21663D50000
heap
page read and write
2F94000
trusted library allocation
page read and write
21029180000
remote allocation
page read and write
61EE000
stack
page read and write
4B9E000
stack
page read and write
8A4000
unkown
page execute and read and write
216638A9000
heap
page read and write
502000
remote allocation
page execute and read and write
23C8B6A0000
heap
page read and write
5A9B000
trusted library allocation
page read and write
919000
unkown
page execute and read and write
21663FA8000
heap
page read and write
61ECD000
direct allocation
page readonly
21663862000
heap
page read and write
2F92000
trusted library allocation
page read and write
21663826000
heap
page read and write
1A4C4FE000
unkown
page readonly
A6E000
unkown
page execute and read and write
13C4000
heap
page read and write
21663FAC000
heap
page read and write
3175000
trusted library allocation
page read and write
72F2000
heap
page read and write
1FC67768000
heap
page read and write
2F98000
trusted library allocation
page read and write
681E000
stack
page read and write
1880000
direct allocation
page read and write
5760000
trusted library allocation
page read and write
1534000
trusted library allocation
page read and write
1A26000
heap
page read and write
21663826000
heap
page read and write
9C000
stack
page read and write
158002F0000
heap
page read and write
435000
remote allocation
page execute and read and write
64EE000
heap
page read and write
7FF67575B000
unkown
page readonly
12B0000
heap
page read and write
430000
remote allocation
page execute and read and write
1CDE000
heap
page read and write
21663881000
heap
page read and write
2597F0F0000
direct allocation
page read and write
A3A000
unkown
page execute and read and write
86D000
unkown
page execute and read and write
64A4000
heap
page read and write
13C4000
heap
page read and write
32EA000
trusted library allocation
page read and write
216659AD000
heap
page read and write
1587FFF0000
trusted library allocation
page read and write
1D90000
heap
page read and write
5867000
trusted library allocation
page read and write
2334000
heap
page read and write
3111000
heap
page read and write
21664D88000
heap
page read and write
2CF0000
trusted library allocation
page read and write
3457000
trusted library allocation
page read and write
364E000
stack
page read and write
1210000
heap
page read and write
694000
heap
page read and write
2B4C000
trusted library allocation
page read and write
27BE000
stack
page read and write
1B537730000
heap
page read and write
3372000
trusted library allocation
page read and write
21663CDD000
heap
page read and write
1B5373F0000
heap
page read and write
C000802000
direct allocation
page read and write
5020000
trusted library allocation
page read and write
3111000
heap
page read and write
728000
unkown
page readonly
66920000
unkown
page read and write
326EEFE000
unkown
page readonly
3035000
trusted library allocation
page read and write
1A4CB7E000
stack
page read and write
64DC000
heap
page read and write
742E000
stack
page read and write
1587FFB0000
trusted library allocation
page read and write
2BAE000
trusted library allocation
page read and write
694000
heap
page read and write
670000
unkown
page readonly
420000
unkown
page read and write
C000087000
direct allocation
page read and write
216648CE000
heap
page read and write
2497A9C000
stack
page read and write
21663FAD000
heap
page read and write
3BF1000
heap
page read and write
2166383D000
heap
page read and write
234A9000
heap
page read and write
21663821000
heap
page read and write
1100000
heap
page read and write
7FF67575B000
unkown
page readonly
1FC679D5000
heap
page read and write
216637B0000
trusted library allocation
page read and write
45AD000
trusted library allocation
page read and write
1319000
unkown
page readonly
2482EC7A000
heap
page read and write
131B000
unkown
page execute and read and write
3111000
heap
page read and write
1587AB90000
trusted library section
page read and write
3111000
heap
page read and write
21663F75000
heap
page read and write
5890000
trusted library allocation
page read and write
140000000
unkown
page readonly
3231000
trusted library allocation
page read and write
5490000
trusted library allocation
page execute and read and write
301A000
trusted library allocation
page read and write
216644EA000
heap
page read and write
3111000
heap
page read and write
3A1C000
heap
page read and write
58A0000
trusted library allocation
page execute and read and write
4B1000
remote allocation
page execute and read and write
C50000
heap
page read and write
3303000
trusted library allocation
page read and write
2482EC77000
heap
page read and write
1318000
heap
page read and write
21663CB4000
heap
page read and write
21663CA9000
heap
page read and write
7325000
heap
page read and write
71B000
heap
page read and write
64B7000
heap
page read and write
21663CDD000
heap
page read and write
21663831000
heap
page read and write
2540000
direct allocation
page read and write
21663F65000
heap
page read and write
21663F37000
heap
page read and write
3346000
trusted library allocation
page read and write
2B31000
trusted library allocation
page read and write
B2C000
heap
page read and write
1286000
trusted library allocation
page execute and read and write
C000186000
direct allocation
page read and write
A55000
unkown
page execute and read and write
DD3139E000
stack
page read and write
8D5E000
stack
page read and write
7BD3000
heap
page read and write
2074000
heap
page read and write
4850000
heap
page read and write
3E8E000
stack
page read and write
221F6000
direct allocation
page execute read
25939EB0000
direct allocation
page read and write
1233000
heap
page read and write
2166383D000
heap
page read and write
490000
unkown
page readonly
1345000
direct allocation
page read and write
A48000
unkown
page execute and read and write
AF0000
unkown
page readonly
2482EC39000
heap
page read and write
753000
unkown
page readonly
337E000
trusted library allocation
page read and write
2B44000
trusted library allocation
page read and write
234B4000
heap
page read and write
1587AC7D000
heap
page read and write
52D000
remote allocation
page execute and read and write
5A81000
trusted library allocation
page read and write
21663CCD000
heap
page read and write
59B000
heap
page read and write
15800160000
trusted library allocation
page read and write
57B0000
heap
page read and write
6A30000
trusted library allocation
page read and write
2250000
heap
page read and write
C000168000
direct allocation
page read and write
21663834000
heap
page read and write
334C000
trusted library allocation
page read and write
21663CD5000
heap
page read and write
2B42000
trusted library allocation
page read and write
5BE0000
trusted library allocation
page execute and read and write
2482EBE0000
trusted library allocation
page read and write
21663F75000
heap
page read and write
C000020000
direct allocation
page read and write
22091000
direct allocation
page execute read
1B4D000
stack
page read and write
21118602000
trusted library allocation
page read and write
2482EC7A000
heap
page read and write
312E000
trusted library allocation
page read and write
21663821000
heap
page read and write
A01000
unkown
page execute and write copy
7FF665AA0000
unkown
page readonly
21663CC2000
heap
page read and write
2166383D000
heap
page read and write
21663F96000
heap
page read and write
1587ACB4000
heap
page read and write
140CE1000
unkown
page read and write
1C289000
heap
page read and write
342F000
trusted library allocation
page read and write
427000
unkown
page readonly
21663F56000
heap
page read and write
510000
heap
page read and write
2FDD000
trusted library allocation
page read and write
423A000
trusted library allocation
page read and write
1880000
direct allocation
page read and write
61EB4000
direct allocation
page read and write
2D37000
stack
page read and write
1310000
direct allocation
page read and write
6F0000
heap
page read and write
422000
unkown
page write copy
216638A9000
heap
page read and write
3111000
heap
page read and write
3114000
trusted library allocation
page read and write
2917000
trusted library allocation
page execute and read and write
EDF000
stack
page read and write
111A000
heap
page read and write
1580008E000
trusted library allocation
page read and write
5B10000
trusted library allocation
page execute and read and write
1E30000
heap
page read and write
491000
unkown
page execute read
430000
heap
page read and write
234AF000
heap
page read and write
21663831000
heap
page read and write
1587BB20000
trusted library allocation
page read and write
C22513F000
stack
page read and write
1304000
heap
page read and write
2482EC38000
heap
page read and write
32EC000
trusted library allocation
page read and write
23C8B9E5000
heap
page read and write
401000
unkown
page execute read
21664DCE000
heap
page read and write
1AF7000
heap
page read and write
21663CC5000
heap
page read and write
756E000
stack
page read and write
1A4C8FE000
unkown
page readonly
7FF67573C000
unkown
page read and write
28B6D000
stack
page read and write
1BE13000
heap
page read and write
96000
stack
page read and write
A3C000
stack
page read and write
2BF9000
trusted library allocation
page read and write
B60000
heap
page read and write
28E08585000
heap
page read and write
70D05FF000
stack
page read and write
17C9000
heap
page read and write
1304000
heap
page read and write
50E000
remote allocation
page execute and read and write
400000
unkown
page readonly
5840000
trusted library allocation
page execute and read and write
77C000
unkown
page read and write
21663D24000
heap
page read and write
234AA000
heap
page read and write
72C8000
heap
page read and write
422000
unkown
page write copy
52F0000
trusted library allocation
page read and write
1343000
heap
page read and write
234AB000
heap
page read and write
17DB000
heap
page read and write
3111000
heap
page read and write
38A7000
trusted library allocation
page read and write
10CB000
stack
page read and write
1D7E000
heap
page read and write
3437000
trusted library allocation
page read and write
438E000
trusted library allocation
page read and write
6499000
heap
page read and write
6A0000
unkown
page readonly
1ED0000
heap
page read and write
234B6000
heap
page read and write
3307000
trusted library allocation
page read and write
CBB000
heap
page read and write
3111000
heap
page read and write
6691F000
unkown
page write copy
7356000
heap
page read and write
126D000
trusted library allocation
page execute and read and write
2EE7000
trusted library allocation
page read and write
15800100000
trusted library allocation
page read and write
343A000
trusted library allocation
page read and write
510000
heap
page read and write
15800030000
trusted library allocation
page read and write
884000
unkown
page execute and read and write
158002C6000
heap
page read and write
C00004B000
direct allocation
page read and write
21664648000
heap
page read and write
3D8D000
stack
page read and write
2B46000
trusted library allocation
page read and write
21663F96000
heap
page read and write
1310000
direct allocation
page read and write
2BAA7A44000
heap
page read and write
4D0000
heap
page read and write
234A8000
heap
page read and write
650F000
heap
page read and write
2482EC39000
heap
page read and write
15800254000
heap
page read and write
11A0000
unkown
page readonly
1CF9D000
stack
page read and write
30EE000
stack
page read and write
4235000
trusted library allocation
page read and write
427000
unkown
page readonly
1A4D37E000
stack
page read and write
C000146000
direct allocation
page read and write
70D03FF000
stack
page read and write
61ED3000
direct allocation
page read and write
430000
heap
page read and write
21661E0A000
heap
page read and write
746E000
stack
page read and write
1B5373E0000
heap
page read and write
5310000
trusted library allocation
page read and write
360F000
stack
page read and write
3327000
trusted library allocation
page read and write
1703000
trusted library allocation
page read and write
1587AC2B000
heap
page read and write
2166382F000
heap
page read and write
4443000
trusted library allocation
page read and write
58EE000
stack
page read and write
21663CCD000
heap
page read and write
6A1000
unkown
page execute read
E9D000
unkown
page readonly
1587AC00000
heap
page read and write
234C0000
heap
page read and write
72A9000
heap
page read and write
A4F000
unkown
page execute and read and write
665D1000
unkown
page execute read
469000
heap
page read and write
491000
unkown
page execute read
1389000
heap
page read and write
490F000
stack
page read and write
119D000
unkown
page readonly
158001D0000
remote allocation
page read and write
11D7000
heap
page read and write
2FA9000
trusted library allocation
page read and write
13E000
stack
page read and write
21663F76000
heap
page read and write
2B2B000
trusted library allocation
page read and write
21663862000
heap
page read and write
216645F9000
heap
page read and write
3348000
trusted library allocation
page read and write
234C8000
heap
page read and write
4DD000
remote allocation
page execute and read and write
170D000
trusted library allocation
page execute and read and write
FC7AAFF000
stack
page read and write
3111000
heap
page read and write
1FC67600000
heap
page read and write
F67000
stack
page read and write
17C9000
heap
page read and write
758000
unkown
page read and write
850000
heap
page read and write
25939DF0000
heap
page read and write
517000
unkown
page write copy
21663D51000
heap
page read and write
643000
remote allocation
page execute and read and write
21663831000
heap
page read and write
1587BC10000
trusted library section
page readonly
1A10000
trusted library allocation
page execute and read and write
2290000
heap
page read and write
21663CD9000
heap
page read and write
3111000
heap
page read and write
560B000
stack
page read and write
2166383D000
heap
page read and write
21028A00000
heap
page read and write
2482EC39000
heap
page read and write
234B2000
heap
page read and write
341C000
trusted library allocation
page read and write
71EE000
stack
page read and write
42C1000
trusted library allocation
page read and write
21664971000
heap
page read and write
21663C94000
heap
page read and write
2B2D000
trusted library allocation
page read and write
21663F61000
heap
page read and write
1587AA50000
heap
page read and write
21663CB2000
heap
page read and write
20CE000
stack
page read and write
75A000
unkown
page readonly
2B5F000
trusted library allocation
page read and write
FC7AC7A000
stack
page read and write
3111000
heap
page read and write
CE4000
heap
page read and write
158001D0000
remote allocation
page read and write
1D421000
heap
page read and write
10001000
unkown
page execute read
5A72000
trusted library allocation
page read and write
1A4BFF7000
stack
page read and write
6E0000
heap
page read and write
21663CC5000
heap
page read and write
7FF675421000
unkown
page execute read
28E083B0000
heap
page read and write
23498000
heap
page read and write
1357000
heap
page read and write
2FAB000
trusted library allocation
page read and write
C00009E000
direct allocation
page read and write
2BAA000
trusted library allocation
page read and write
1A4DE7E000
stack
page read and write
7FF675C43000
unkown
page write copy
216638A9000
heap
page read and write
3111000
heap
page read and write
4545000
trusted library allocation
page read and write
21028B02000
heap
page read and write
21663E45000
heap
page read and write
17DE000
heap
page read and write
25939C28000
heap
page read and write
21028A22000
heap
page read and write
2906000
trusted library allocation
page execute and read and write
530000
heap
page read and write
30F0000
heap
page execute and read and write
1DF3000
heap
page read and write
32E2000
trusted library allocation
page read and write
C000175000
direct allocation
page read and write
1587BC30000
trusted library section
page readonly
57B3000
heap
page read and write
7465000
trusted library allocation
page read and write
1390000
heap
page read and write
557000
heap
page read and write
32FF000
trusted library allocation
page read and write
2FCE000
trusted library allocation
page read and write
21664298000
heap
page read and write
254B000
direct allocation
page read and write
3049000
trusted library allocation
page read and write
1490000
heap
page read and write
234AD000
heap
page read and write
1450000
heap
page read and write
2482EE13000
heap
page read and write
C000080000
direct allocation
page read and write
1810000
heap
page read and write
87B000
unkown
page execute and read and write
1D520000
trusted library allocation
page read and write
C000022000
direct allocation
page read and write
3062000
trusted library allocation
page read and write
2F544000
heap
page read and write
61ED0000
direct allocation
page read and write
74B0000
trusted library allocation
page execute and read and write
1587AD02000
heap
page read and write
5200000
trusted library allocation
page execute and read and write
7FF675757000
unkown
page write copy
48AE000
stack
page read and write
2482EC77000
heap
page read and write
64D0000
heap
page read and write
C00019A000
direct allocation
page read and write
21663F65000
heap
page read and write
7B4E000
stack
page read and write
32FD000
trusted library allocation
page read and write
7B00000
trusted library allocation
page execute and read and write
980000
heap
page read and write
21663F3B000
heap
page read and write
14A0000
heap
page read and write
17A9000
heap
page read and write
536E000
stack
page read and write
60E000
heap
page read and write
216643CF000
heap
page read and write
1388000
stack
page read and write
15E0000
heap
page read and write
1DF5000
heap
page read and write
7FF67570A000
unkown
page read and write
6664D000
unkown
page readonly
530000
heap
page read and write
3359000
trusted library allocation
page read and write
1880000
direct allocation
page read and write
59F000
heap
page read and write
7FF67573E000
unkown
page read and write
422000
unkown
page write copy
1580030C000
heap
page read and write
19C000
stack
page read and write
2B07BBB000
stack
page read and write
43E3000
trusted library allocation
page read and write
15D0000
heap
page read and write
3325000
trusted library allocation
page read and write
1347000
heap
page read and write
1D410000
heap
page read and write
21665302000
heap
page read and write
1DB7000
heap
page read and write
4589000
trusted library allocation
page read and write
676000
heap
page read and write
6DF000
unkown
page readonly
3111000
heap
page read and write
21663F65000
heap
page read and write
15800190000
trusted library allocation
page read and write
427000
unkown
page readonly
216643AF000
heap
page read and write
530000
heap
page read and write
123A000
stack
page read and write
234B2000
heap
page read and write
21663838000
heap
page read and write
7FF6662B5000
unkown
page readonly
7FF675421000
unkown
page execute read
21663838000
heap
page read and write
14AAC000
stack
page read and write
2482EC39000
heap
page read and write
21663826000
heap
page read and write
5864000
heap
page read and write
C000084000
direct allocation
page read and write
C00015C000
direct allocation
page read and write
66740000
unkown
page readonly
2166389D000
heap
page read and write
C000150000
direct allocation
page read and write
797E000
stack
page read and write
21664619000
heap
page read and write
2482EC78000
unkown
page read and write
2FAF000
stack
page read and write
C0002D0000
direct allocation
page read and write
302A000
trusted library allocation
page read and write
2FAF000
trusted library allocation
page read and write
52C2000
trusted library allocation
page read and write
1560000
heap
page read and write
26E0000
heap
page read and write
1C332000
heap
page read and write
13C4000
heap
page read and write
C00007E000
direct allocation
page read and write
6A1000
unkown
page execute read
5DBE000
stack
page read and write
5BC0000
trusted library allocation
page read and write
7580000
trusted library allocation
page execute and read and write
C8133DF000
stack
page read and write
57A000
unkown
page readonly
180000
heap
page read and write
5DFE000
stack
page read and write
2597F1CB000
direct allocation
page read and write
5D2000
unkown
page execute and write copy
16A0000
direct allocation
page read and write
234B0000
heap
page read and write
1A4D4FE000
unkown
page readonly
3100000
trusted library allocation
page read and write
21663CE1000
heap
page read and write
D6C000
unkown
page execute and read and write
2482EC13000
unkown
page read and write
374E000
stack
page read and write
41B000
unkown
page readonly
21663CFC000
heap
page read and write
45A1000
trusted library allocation
page read and write
1480000
trusted library allocation
page read and write
C000064000
direct allocation
page read and write
920000
heap
page read and write
457C000
trusted library allocation
page read and write
1BA0000
direct allocation
page execute and read and write
CF2000
unkown
page execute read
2FB1000
trusted library allocation
page read and write
16A0000
direct allocation
page read and write
2080000
heap
page read and write
E15000
unkown
page execute and read and write
234CA000
heap
page read and write
1587B51A000
heap
page read and write
7FF6662C1000
unkown
page readonly
2BD6000
trusted library allocation
page read and write
5B4000
heap
page read and write
FC7B37F000
stack
page read and write
3111000
heap
page read and write
5B00000
trusted library allocation
page read and write
8CF0000
trusted library allocation
page execute and read and write
1A4CD7E000
stack
page read and write
C000002000
direct allocation
page read and write
2482EC7A000
heap
page read and write
3387000
trusted library allocation
page read and write
3111000
heap
page read and write
5B50000
heap
page execute and read and write
21663D24000
heap
page read and write
2D3C000
stack
page read and write
216638A9000
heap
page read and write
21663817000
heap
page read and write
30C6000
stack
page read and write
234C0000
heap
page read and write
1252D000
stack
page read and write
216638A6000
heap
page read and write
32BB000
trusted library allocation
page read and write
21663F61000
heap
page read and write
15800110000
trusted library allocation
page read and write
70D4000
heap
page read and write
50B0000
trusted library section
page read and write
1C99F000
stack
page read and write
19C000
stack
page read and write
1587ACB8000
heap
page read and write
2070000
heap
page read and write
401000
unkown
page execute read
21661DA0000
remote allocation
page read and write
59A000
unkown
page execute and read and write
51A000
unkown
page readonly
582D000
stack
page read and write
9C000
stack
page read and write
AC0000
heap
page read and write
2BA8000
trusted library allocation
page read and write
21663E91000
heap
page read and write
21664298000
heap
page read and write
5A0000
unkown
page readonly
35BC000
trusted library allocation
page read and write
23495000
heap
page read and write
1226000
heap
page read and write
21664562000
heap
page read and write
2482EC7A000
heap
page read and write
2166383D000
heap
page read and write
21663D96000
heap
page read and write
16A0000
direct allocation
page read and write
C00003F000
direct allocation
page read and write
1614000
heap
page read and write
A49000
unkown
page execute and read and write
21663D1E000
heap
page read and write
1830000
heap
page read and write
21663862000
heap
page read and write
1552000
trusted library allocation
page read and write
758000
unkown
page write copy
21663CAC000
heap
page read and write
122F000
heap
page read and write
1567000
trusted library allocation
page execute and read and write
5C20000
heap
page execute and read and write
21663881000
heap
page read and write
32EF000
trusted library allocation
page read and write
10001000
direct allocation
page execute read
21663CB4000
heap
page read and write
9BC7D0D000
stack
page read and write
C000194000
direct allocation
page read and write
234A7000
heap
page read and write
FFEB000
stack
page read and write
234A8000
heap
page read and write
6F7000
unkown
page read and write
43F000
remote allocation
page execute and read and write
129B000
trusted library allocation
page execute and read and write
21664642000
heap
page read and write
119F000
unkown
page execute and read and write
21663811000
heap
page read and write
5A90000
trusted library allocation
page read and write
C75000
heap
page read and write
3111000
heap
page read and write
5340000
heap
page read and write
158002FB000
heap
page read and write
19C000
stack
page read and write
2B67000
trusted library allocation
page read and write
5030000
trusted library allocation
page read and write
427000
unkown
page readonly
529E000
trusted library allocation
page read and write
1280000
trusted library allocation
page read and write
C2251BF000
stack
page read and write
1587B502000
heap
page read and write
C25000
unkown
page execute and read and write
7469000
trusted library allocation
page read and write
234BE000
heap
page read and write
C000031000
direct allocation
page read and write
There are 2624 hidden memdumps, click here to show them.