IOC Report
gobEmOm5sr.exe

loading gif

Files

File Path
Type
Category
Malicious
gobEmOm5sr.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
initial sample
 malicious
C:\ProgramData\DB Light Pack Engine 9.6.45\DB Light Pack Engine 9.6.45.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\freebl3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\jewkkwnf\jewkkwnf.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\ProgramData\mozglue.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\nss3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\softokn3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\xprfjygruytr\etzpikspwykg.exe
PE32+ executable (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\userDGHCBAAEHC.exe
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\userJJJJDAAECG.exe
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\gobEmOm5sr.exe.log
ASCII text, with CRLF line terminators
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\66c6fcb30b9dd_123p[1].exe
PE32+ executable (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\install[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\lamp[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\sgnr[1].exe
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\3D003UC5\vjgg[1].exe
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\66d59ef9d4404_premium[1].exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\66d70e8640404_trics[1].exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\66d98aa7bea3e_newPrime[1].exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\freebl3[2].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\YLNGKWRH\mozglue[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\66d1b7f7f3765_Front[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\66d9de22f231f_crypted[1].exe
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\freebl3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\lnef[1].exe
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\mozglue[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\nss3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\softokn3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\vjgg[1].exe
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\66d897ad1752a_File[1].exe
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\NewStar\is-2Q3FJ.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\NewStar\is-9IS1N.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\NewStar\is-EAF0N.tmp
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\NewStar\is-KRTJG.tmp
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\NewStar\libeay32.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\NewStar\libssl-1_1.dll (copy)
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\NewStar\newstar.exe
PE32 executable (GUI) Intel 80386, for MS Windows
modified
 malicious
C:\Users\user\AppData\Local\NewStar\ssleay32.dll (copy)
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\NewStar\unins000.exe (copy)
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\PowerExpertNNT\PowerExpertNNT.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\filename.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\is-9E297.tmp\PsIhedmEA44FNRssEU8V9OlH.tmp
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\is-QIRUR.tmp\_isetup\_iscrypt.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\is-QIRUR.tmp\_isetup\_setup64.tmp
PE32+ executable (console) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\Documents\iofolko5\1YtOZF0EeqgcR_ddwAXkTcuY.exe
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\Documents\iofolko5\2Umx78uafM0WA03fzJyYYhBa.exe
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\Documents\iofolko5\7wpHB_IZvVwIDf0EgO_TfPH6.exe
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\Documents\iofolko5\8LEi0YA5qqlYpHd7zimCU8lz.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\Documents\iofolko5\JJdIaooFQpkpcWNUCJ71mJDj.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Documents\iofolko5\OvoRF_A3QBH3keQBtcOqN7Fa.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Documents\iofolko5\PsIhedmEA44FNRssEU8V9OlH.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Documents\iofolko5\QUh1lM2wAJwuyCkYckhrDFwz.exe
PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\Documents\iofolko5\REaoHTwA9AqN_cDvubi9mxZt.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\Documents\iofolko5\lenTsqDIajevXTuJaJ03oKGb.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\Documents\iofolko5\wvASxpczH5zLyfxXnILhiH8_.exe
PE32+ executable (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\Documents\iofolko5\yh8OwfLgsaGOEy8sLU5UpJIK.exe
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\ProgramData\AEGHJEGIEBFIJJKFIIIJ
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 1, database pages 24, cookie 0xe, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\AFHDBGHJKFIDHJJJEBKEBGIEBG
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\AKJDGIEHCAEHIEBFBKKKKFIDBK
SQLite 3.x database, last written using SQLite version 3042000, file counter 11, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 11
dropped
C:\ProgramData\BFCFBKKKFHCFHJKFIIEH
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\BGDAAKJJ
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie 0x24, schema 4, UTF-8, version-valid-for 2
dropped
C:\ProgramData\EBAEBFIIECBG\KKKJKE
SQLite 3.x database, last written using SQLite version 3042000, file counter 11, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 11
dropped
C:\ProgramData\EHDHDHIE
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie 0x24, schema 4, UTF-8, version-valid-for 2
dropped
C:\ProgramData\EHJDHJKFIECAAKFIJJKJ
ASCII text, with very long lines (1809), with CRLF line terminators
dropped
C:\ProgramData\GDHIIIIEHCFIECAKFHJD
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\HIIIDAKK
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\HJDGCGDBGCAAEBFIECGHDGCAAE
SQLite 3.x database, last written using SQLite version 3042000, file counter 11, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 11
dropped
C:\ProgramData\IJKJDAFHJDHIEBGCFIDBKKFCBA
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
dropped
C:\ProgramData\JJJKEHCAKFBFHJKEHCFI
SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 1, database pages 24, cookie 0xe, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\KECBFBAE
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\Microsoft\Network\Downloader\edb.log
data
dropped
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
Extensible storage engine DataBase, version 0x620, checksum 0x21affdae, page size 16384, DirtyShutdown, Windows version 10.0
dropped
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
data
dropped
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_8LEi0YA5qqlYpHd7_f94c499b57e91d3582facb436aa323a8b871b46_1278b98d_a70bfa2d-27da-4935-b504-5a5224f60ae6\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_yh8OwfLgsaGOEy8s_7c7751c8bf03fc010969a63692d22f07edd721_dafb36ed_cc0c21d2-855a-41f3-8ee6-cd3172c5c71a\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6EBA.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER6FA6.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER72FF.tmp.dmp
Mini DuMP crash report, 15 streams, Fri Sep 6 06:17:30 2024, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER762B.tmp.dmp
Mini DuMP crash report, 15 streams, Fri Sep 6 06:17:30 2024, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER767A.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER76D9.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7810.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER78EB.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER793B.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER79F5.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER7E3C.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WER8409.tmp.txt
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERF811.tmp.csv
data
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERFB5E.tmp.txt
data
dropped
C:\ProgramData\db96-it-45.dat
Non-ISO extended-ASCII text, with no line terminators
dropped
C:\ProgramData\db96-rc-45.dat
data
dropped
C:\ProgramData\db96-res-a.dat
ASCII text, with no line terminators
dropped
C:\ProgramData\db96-res-b.dat
ASCII text, with no line terminators
dropped
C:\ProgramData\msvcp140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\ProgramData\vcruntime140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\Public\Desktop\Google Chrome.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:41 2023, mtime=Wed Oct 4 11:02:29 2023, atime=Wed Sep 27 04:28:27 2023, length=3242272, window=hide
dropped
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\1YtOZF0EeqgcR_ddwAXkTcuY.exe.log
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\2Umx78uafM0WA03fzJyYYhBa.exe.log
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\7wpHB_IZvVwIDf0EgO_TfPH6.exe.log
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\QUh1lM2wAJwuyCkYckhrDFwz.exe.log
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\REaoHTwA9AqN_cDvubi9mxZt.exe.log
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RegAsm.exe.log
ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\msvcp140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZJCZETOO\vcruntime140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ZVZFKMB9\download[1].txt
ASCII text
dropped
C:\Users\user\AppData\Local\NewStar\Visio\areas.vss (copy)
Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.0, Code page: 1251, Author: Alex M, Last Saved By: , Name of Creating Application: Microsoft Visio, Last Saved Time/Date: Wed Jul 2 10:49:43 2008
dropped
C:\Users\user\AppData\Local\NewStar\Visio\areas.vssx (copy)
Microsoft Visio 2013+
dropped
C:\Users\user\AppData\Local\NewStar\Visio\devices.vssx (copy)
Microsoft Visio 2013+
dropped
C:\Users\user\AppData\Local\NewStar\Visio\is-62RQQ.tmp
Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1251, Author: Alex M, Template: C:\work\NetDiagram\visio\netdiagram.vst, Last Saved By: Alex M, Name of Creating Application: Microsoft Visio, Last Saved Time/Date: Tue Aug 14 11:36:07 2012
dropped
C:\Users\user\AppData\Local\NewStar\Visio\is-80T9O.tmp
Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.0, Code page: 1251, Author: Alex M, Last Saved By: , Name of Creating Application: Microsoft Visio, Last Saved Time/Date: Wed Jul 2 10:49:43 2008
dropped
C:\Users\user\AppData\Local\NewStar\Visio\is-GPFUN.tmp
Microsoft Visio 2013+
dropped
C:\Users\user\AppData\Local\NewStar\Visio\is-HOV2G.tmp
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, Code page: 1251, Author: Alex M, Name of Creating Application: Microsoft Visio
dropped
C:\Users\user\AppData\Local\NewStar\Visio\is-KOTAO.tmp
Microsoft Visio 2013+
dropped
C:\Users\user\AppData\Local\NewStar\Visio\is-N5C1M.tmp
Microsoft Visio 2013+
dropped
C:\Users\user\AppData\Local\NewStar\Visio\is-OVLK7.tmp
Microsoft Visio 2013+
dropped
C:\Users\user\AppData\Local\NewStar\Visio\lines.vss (copy)
Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, Code page: 1251, Author: Alex M, Name of Creating Application: Microsoft Visio
dropped
C:\Users\user\AppData\Local\NewStar\Visio\lines.vssx (copy)
Microsoft Visio 2013+
dropped
C:\Users\user\AppData\Local\NewStar\Visio\netdiagram.vst (copy)
Composite Document File V2 Document, Little Endian, Os: Windows, Version 5.1, Code page: 1251, Author: Alex M, Template: C:\work\NetDiagram\visio\netdiagram.vst, Last Saved By: Alex M, Name of Creating Application: Microsoft Visio, Last Saved Time/Date: Tue Aug 14 11:36:07 2012
dropped
C:\Users\user\AppData\Local\NewStar\Visio\netdiagram.vstx (copy)
Microsoft Visio 2013+
dropped
C:\Users\user\AppData\Local\NewStar\file_id.diz (copy)
ISO-8859 text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\NewStar\is-9AB6V.tmp
ISO-8859 text, with very long lines (584), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\NewStar\is-KLU82.tmp
ISO-8859 text, with very long lines (339), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\NewStar\is-NPO4N.tmp
ISO-8859 text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\NewStar\is-RE9LK.tmp
data
dropped
C:\Users\user\AppData\Local\NewStar\license.txt (copy)
ISO-8859 text, with very long lines (584), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\NewStar\unins000.dat
InnoSetup Log NewStar, version 0x30, 4845 bytes, 813848\user, "C:\Users\user\AppData\Local\NewStar"
dropped
C:\Users\user\AppData\Local\NewStar\whatsnew.txt (copy)
ISO-8859 text, with very long lines (339), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\Tmp783F.tmp
data
dropped
C:\Users\user\AppData\Local\Temp\Tmp785F.tmp
data
dropped
C:\Users\user\AppData\Local\Temp\delays.tmp
ISO-8859 text, with very long lines (65536), with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\is-QIRUR.tmp\_isetup\_shfoldr.dll
PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\twekgmwoe\slrmrjyhe
data
dropped
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2246122658-3693405117-2476756634-1002\76b53b3ec448f7ccdda2063b15d2bfc3_9e146be9-c76a-4720-bcdb-53011b87bd06
data
dropped
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerExpertNNT.lnk
MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Archive, ctime=Fri Sep 6 05:17:34 2024, mtime=Fri Sep 6 05:17:34 2024, atime=Fri Sep 6 05:17:22 2024, length=8684256, window=hide
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cookies.sqlite-shm
data
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\places.sqlite-shm
data
dropped
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
JSON data
dropped
C:\Windows\appcompat\Programs\Amcache.hve
MS Windows registry file, NT/2000 or above
dropped
There are 129 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\gobEmOm5sr.exe
"C:\Users\user\Desktop\gobEmOm5sr.exe"
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
 malicious
C:\Users\user\Documents\iofolko5\REaoHTwA9AqN_cDvubi9mxZt.exe
C:\Users\user\Documents\iofolko5\REaoHTwA9AqN_cDvubi9mxZt.exe
 malicious
C:\Users\user\Documents\iofolko5\PsIhedmEA44FNRssEU8V9OlH.exe
C:\Users\user\Documents\iofolko5\PsIhedmEA44FNRssEU8V9OlH.exe
 malicious
C:\Users\user\Documents\iofolko5\yh8OwfLgsaGOEy8sLU5UpJIK.exe
C:\Users\user\Documents\iofolko5\yh8OwfLgsaGOEy8sLU5UpJIK.exe
 malicious
C:\Users\user\Documents\iofolko5\8LEi0YA5qqlYpHd7zimCU8lz.exe
C:\Users\user\Documents\iofolko5\8LEi0YA5qqlYpHd7zimCU8lz.exe
 malicious
C:\Users\user\Documents\iofolko5\JJdIaooFQpkpcWNUCJ71mJDj.exe
C:\Users\user\Documents\iofolko5\JJdIaooFQpkpcWNUCJ71mJDj.exe
 malicious
C:\Users\user\Documents\iofolko5\7wpHB_IZvVwIDf0EgO_TfPH6.exe
C:\Users\user\Documents\iofolko5\7wpHB_IZvVwIDf0EgO_TfPH6.exe
 malicious
C:\Users\user\Documents\iofolko5\QUh1lM2wAJwuyCkYckhrDFwz.exe
C:\Users\user\Documents\iofolko5\QUh1lM2wAJwuyCkYckhrDFwz.exe
 malicious
C:\Users\user\Documents\iofolko5\wvASxpczH5zLyfxXnILhiH8_.exe
C:\Users\user\Documents\iofolko5\wvASxpczH5zLyfxXnILhiH8_.exe
 malicious
C:\Users\user\Documents\iofolko5\2Umx78uafM0WA03fzJyYYhBa.exe
C:\Users\user\Documents\iofolko5\2Umx78uafM0WA03fzJyYYhBa.exe
 malicious
C:\Users\user\Documents\iofolko5\1YtOZF0EeqgcR_ddwAXkTcuY.exe
C:\Users\user\Documents\iofolko5\1YtOZF0EeqgcR_ddwAXkTcuY.exe
 malicious
C:\Users\user\Documents\iofolko5\OvoRF_A3QBH3keQBtcOqN7Fa.exe
C:\Users\user\Documents\iofolko5\OvoRF_A3QBH3keQBtcOqN7Fa.exe
 malicious
C:\Users\user\Documents\iofolko5\lenTsqDIajevXTuJaJ03oKGb.exe
C:\Users\user\Documents\iofolko5\lenTsqDIajevXTuJaJ03oKGb.exe
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
 malicious
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
 malicious
C:\Users\user\Documents\iofolko5\REaoHTwA9AqN_cDvubi9mxZt.exe
"C:\Users\user\Documents\iofolko5\REaoHTwA9AqN_cDvubi9mxZt.exe"
 malicious
C:\Users\user\AppData\Local\NewStar\newstar.exe
"C:\Users\user\AppData\Local\NewStar\newstar.exe" -i
 malicious
C:\Windows\SysWOW64\schtasks.exe
schtasks /create /f /RU "user" /tr "C:\ProgramData\jewkkwnf\jewkkwnf.exe" /tn "jewkkwnf HR" /sc HOURLY /rl HIGHEST
 malicious
C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
"C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe"
 malicious
C:\Windows\SysWOW64\schtasks.exe
schtasks /create /f /RU "user" /tr "C:\ProgramData\jewkkwnf\jewkkwnf.exe" /tn "jewkkwnf LG" /sc ONLOGON /rl HIGHEST
 malicious
C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
"C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe"
 malicious
C:\ProgramData\jewkkwnf\jewkkwnf.exe
C:\ProgramData\jewkkwnf\jewkkwnf.exe
 malicious
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 456 -p 8032 -ip 8032
C:\Users\user\AppData\Local\Temp\is-9E297.tmp\PsIhedmEA44FNRssEU8V9OlH.tmp
"C:\Users\user\AppData\Local\Temp\is-9E297.tmp\PsIhedmEA44FNRssEU8V9OlH.tmp" /SL5="$20496,3169907,54272,C:\Users\user\Documents\iofolko5\PsIhedmEA44FNRssEU8V9OlH.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 8024 -ip 8024
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 8032 -s 852
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 8024 -s 824
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\Windows\System32\Conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
There are 35 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://46.8.231.109/c4754d4f680ead72.php
46.8.231.109
 malicious
http://46.8.231.109/1309cdeb8f4c8736/msvcp140.dll
46.8.231.109
 malicious
147.45.47.36:30035
malicious
https://t.me/edm0d
malicious
https://file-link-iota.vercel.app/&
unknown
 malicious
http://147.45.126.10/sql.dll
147.45.126.10
 malicious
http://185.215.113.100/
185.215.113.100
 malicious
http://46.8.231.109/1309cdeb8f4c8736/softokn3.dll
46.8.231.109
 malicious
http://185.215.113.100/0d60be0de163924d/sqlite3.dll
185.215.113.100
 malicious
https://steamcommunity.com/profiles/76561199768374681
malicious
http://46.8.231.109/1309cdeb8f4c8736/freebl3.dll
46.8.231.109
 malicious
locatedblsoqp.shop
malicious
https://file-link-iota.vercel.app/download
76.76.21.142
 malicious
caffegclasiqwp.shop
malicious
millyscroqwp.shop
malicious
http://46.8.231.109/1309cdeb8f4c8736/mozglue.dll
46.8.231.109
 malicious
traineiwnqo.shop
malicious
https://file-link-iota.vercel.app/downloadC:
unknown
 malicious
condedqpwqm.shop
malicious
http://46.29.235.52/sgnr.exe#spacet=
unknown
http://147.45.44.104/yuop/66d59ef9d4404_premium.exe#upusZ
unknown
http://147.45.44.104/revada/66c6fcb30b9dd_123p.exe
147.45.44.104
http://46.29.235.52/vjgg.exe#spaceu4
unknown
http://aka.ms/msal-net-iwa
unknown
http://aka.ms/valid-authorities
unknown
https://aka.ms/msal-client-apps
unknown
https://aka.ms/adal-net-broker-redirect-uri-android
unknown
https://aka.ms/msal-net-enable-keychain-access
unknown
http://147.45.44.104/revada/66c6fcb30b9dd_123p.exen
unknown
http://147.45.44.104/revada/66c6fcb30b9dd_123p.exej
unknown
http://46.29.235.52/vjgg.exe
46.29.235.52
https://api64.ipify.org:443/?format=json
unknown
http://gacan.zapto.org_DEBUG.zip/c
unknown
http://147.45.44.104/prog/66d70e8640404_trics.exeC:
unknown
http://www.softwareok.de/?Download=MagicMouseTrails
unknown
http://46.29.235.52/sgnr.exe#space?
unknown
https://sso2urn:ietf:wg:oauth:2.0:oob
unknown
http://147.45.44.104/revada/66c6fcb30b9dd_123p.exeb
unknown
http://147.45.44.104/yuop/66d9de22f231f_crypted.exe#1usoU
unknown
https://aka.ms/msal-net-up
unknown
http://46.29.235.52/sgnr.exe#spaceC:
unknown
http://46.29.235.52/vjgg.exe#spaceC:
unknown
https://api64.ipify.org/J
unknown
https://aka.ms/msal-net-application-configuration
unknown
http://147.45.44.104/revada/66d98aa7bea3e_newPrime.exe#realC:
unknown
http://147.45.44.104/revada/66c6fcb30b9dd_123p.exeP
unknown
http://147.45.44.104/yuop/66d59ef9d4404_premium.exe#upusC:
unknown
https://aka.ms/msal-net-b2c
unknown
http://147.45.44.104/malesa/66d1b7f7f3765_Front.exeC:
unknown
http://185.143.223.148:80/api/twofish.php
unknown
http://www.innosetup.com/
unknown
http://147.45.44.104/yuop/66d9de22f231f_crypted.exe#1B
unknown
https://api.ip.sb/ip
unknown
https://api.datamarket.azure.com/data.ashx/
unknown
http://46.29.235.52/vjgg.exe#space
46.29.235.52
http://46.29.235.52/sgnr.exe#space
46.29.235.52
https://aka.ms/msal-net-3x-cache-breaking-change)
unknown
https://iplogger.org/1nhuM4.js
104.26.2.46
https://github.com/dotnet/wpf
unknown
https://youtransfer.net/handler/download?action=download&download_id=uuVCUDm6&private_id=cb726802f5fcca567315ff7c87e27582&url=https%253A%252F%252Fyoutransfer.net%252FuuVCUDm6%252Fcb726802f5fcca567315ff7c87e27582
158.69.225.124
http://147.45.44.104/yuop/66d897ad1752a_File.exe#xinryptolC
unknown
https://aka.ms/msal-brokers
unknown
http://147.45.44.104/malesa/66d1b7f7f3765_Front.exellg
unknown
http://147.45.44.104/revada/66c6fcb30b9dd_123p.exei.dll
unknown
http://147.45.44.104/revada/66d98aa7bea3e_newPrime.exe#reall
unknown
http://147.45.44.104/yuop/66d897ad1752a_File.exe#xinC:
unknown
https://aka.ms/adal-iwa
unknown
http://176.113.115.33/ssl/install.exeC:
unknown
http://147.45.44.104/revada/66c6fcb30b9dd_123p.exe1
unknown
https://iplogger.org/0
unknown
https://datamarket.azure.com/embedded/consent?client_id=
unknown
http://147.45.44.104/revada/66d98aa7bea3e_newPrime.exe#realw
unknown
http://176.113.115.33/ssl/install.exezAp
unknown
http://46.29.235.52/vjgg.exe#spacez=
unknown
https://aka.ms/msal-net-3-breaking-changesy
unknown
http://www.winimage.com/zLibDllm_object
unknown
https://ipinfo.io/
unknown
http://185.143.223.148:80/api/crazyfish.php
unknown
http://185.143.223.148:80/api/twofish.php_C
unknown
https://datamarket.azure.com/embedded/resultrhttps://datamarket.accesscontrol.windows.net/v2/OAuth2-
unknown
https://iplogger.org:443/1nhuM4.jsoft
unknown
https://www.newtonsoft.com/jsonschema
unknown
http://147.45.44.104/malesa/66d1b7f7f3765_Front.exerZ
unknown
http://147.45.44.104/revada/66d98aa7bea3e_newPrime.exe#real
147.45.44.104
http://147.45.44.104/revada/66c6fcb30b9dd_123p.exeC:
unknown
http://147.45.44.104/yuop/66d59ef9d4404_premium.exe#upusG
unknown
http://185.143.223.148:80/api/twofish.phpB1CAD8C-2DAB-11D2-B604-00104B703EFD
unknown
https://ipinfo.io/https://ipgeolocation.io/::
unknown
http://www.softwareok.de/?seite=Microsoft/MagicMouseTrails
unknown
https://datamarket.azure.com/embedded/catalog?client_id=
unknown
http://31.41.244.9/nokia/lamp.exe0
unknown
http://www.softwareok.com/?seite=Microsoft/MagicMouseTrails/History
unknown
https://aka.ms/adal_token_cache_serializationdFailed
unknown
https://ipinfo.io:443/widget/demo/8.46.123.33
unknown
http://www.softwareok.com/?seite=Microsoft/MagicMouseTrails
unknown
http://240902180529931.tyr.zont16.com/f/fikbam0902931.exeZA
unknown
https://api64.ipify.org/?format=json
173.231.16.77
https://t.me/fneogrnfeowkhttps://t.me/edm0di11ihttps://steamcommunity.com/profiles/76561199768374681
unknown
http://46.29.235.52/vjgg.exe#spaceQZ~
unknown
http://185.143.223.148/
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
t.me
149.154.167.99
 malicious
stamppreewntnq.shop
188.114.96.3
 malicious
condedqpwqm.shop
104.21.10.172
 malicious
locatedblsoqp.shop
unknown
 malicious
traineiwnqo.shop
unknown
 malicious
youtransfer.net
158.69.225.124
ipinfo.io
34.117.59.81
file-link-iota.vercel.app
76.76.21.142
iplogger.org
104.26.2.46
api64.ipify.org
173.231.16.77
240902180529931.tyr.zont16.com
unknown
There are 1 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
46.8.231.109
unknown
Russian Federation
malicious
185.215.113.100
unknown
Portugal
malicious
194.163.35.141
unknown
Germany
malicious
185.196.8.214
unknown
Switzerland
malicious
149.154.167.99
t.me
United Kingdom
malicious
147.45.126.10
unknown
Russian Federation
malicious
77.105.164.24
unknown
Russian Federation
malicious
147.45.47.36
unknown
Russian Federation
malicious
104.21.10.172
condedqpwqm.shop
United States
malicious
188.114.96.3
stamppreewntnq.shop
European Union
malicious
185.143.223.148
unknown
Russian Federation
malicious
176.113.115.33
unknown
Russian Federation
147.45.44.104
unknown
Russian Federation
104.26.2.46
iplogger.org
United States
46.29.235.52
unknown
Russian Federation
31.41.244.9
unknown
Russian Federation
173.231.16.77
api64.ipify.org
United States
76.76.21.142
file-link-iota.vercel.app
United States
34.117.59.81
ipinfo.io
United States
176.111.174.109
unknown
Russian Federation
158.69.225.124
youtransfer.net
Canada
141.98.234.31
unknown
Russian Federation
89.105.201.183
unknown
Netherlands
127.0.0.1
unknown
unknown
There are 14 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F1A578C4CB5DE79A370893983FD4DA8B67B2B064
Blob
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\6120
Terminator
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\6120
Reason
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\TermReason\6120
CreationTime
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0001
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0001
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0001
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0001
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0001
RegFilesHash
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASAPI32
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASAPI32
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASAPI32
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASAPI32
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASAPI32
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASAPI32
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASAPI32
FileDirectory
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASMANCS
EnableFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASMANCS
EnableAutoFileTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASMANCS
EnableConsoleTracing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASMANCS
FileTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASMANCS
ConsoleTracingMask
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASMANCS
MaxFileSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Tracing\RegAsm_RASMANCS
FileDirectory
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Owner
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
SessionHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
Sequence
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFiles0000
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
RegFilesHash
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NewStar_is1
Inno Setup: Setup Version
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NewStar_is1
Inno Setup: App Path
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NewStar_is1
InstallLocation
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NewStar_is1
Inno Setup: Icon Group
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NewStar_is1
Inno Setup: User
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NewStar_is1
Inno Setup: Language
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NewStar_is1
DisplayName
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NewStar_is1
UninstallString
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NewStar_is1
QuietUninstallString
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NewStar_is1
NoModify
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NewStar_is1
NoRepair
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NewStar_is1
InstallDate
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NewStar_is1
EstimatedSize
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\8lei0ya5qqlyphd7|1df710279f544d94
ProgramId
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\8lei0ya5qqlyphd7|1df710279f544d94
FileId
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\8lei0ya5qqlyphd7|1df710279f544d94
LowerCaseLongPath
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\8lei0ya5qqlyphd7|1df710279f544d94
LongPathHash
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\8lei0ya5qqlyphd7|1df710279f544d94
Name
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\8lei0ya5qqlyphd7|1df710279f544d94
OriginalFileName
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\8lei0ya5qqlyphd7|1df710279f544d94
Publisher
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\8lei0ya5qqlyphd7|1df710279f544d94
Version
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\8lei0ya5qqlyphd7|1df710279f544d94
BinFileVersion
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\8lei0ya5qqlyphd7|1df710279f544d94
BinaryType
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\8lei0ya5qqlyphd7|1df710279f544d94
ProductName
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\8lei0ya5qqlyphd7|1df710279f544d94
ProductVersion
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\8lei0ya5qqlyphd7|1df710279f544d94
LinkDate
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\8lei0ya5qqlyphd7|1df710279f544d94
BinProductVersion
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\8lei0ya5qqlyphd7|1df710279f544d94
AppxPackageFullName
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\8lei0ya5qqlyphd7|1df710279f544d94
AppxPackageRelativeId
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\8lei0ya5qqlyphd7|1df710279f544d94
Size
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\8lei0ya5qqlyphd7|1df710279f544d94
Language
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\8lei0ya5qqlyphd7|1df710279f544d94
Usn
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
ClockTimeSeconds
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\IdentityCRL\ClockData
TickCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
PerfMMFileName
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\yh8owflgsagoey8s|ce64491d47e8d87f
ProgramId
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\yh8owflgsagoey8s|ce64491d47e8d87f
FileId
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\yh8owflgsagoey8s|ce64491d47e8d87f
LowerCaseLongPath
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\yh8owflgsagoey8s|ce64491d47e8d87f
LongPathHash
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\yh8owflgsagoey8s|ce64491d47e8d87f
Name
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\yh8owflgsagoey8s|ce64491d47e8d87f
OriginalFileName
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\yh8owflgsagoey8s|ce64491d47e8d87f
Publisher
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\yh8owflgsagoey8s|ce64491d47e8d87f
Version
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\yh8owflgsagoey8s|ce64491d47e8d87f
BinFileVersion
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\yh8owflgsagoey8s|ce64491d47e8d87f
BinaryType
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\yh8owflgsagoey8s|ce64491d47e8d87f
ProductName
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\yh8owflgsagoey8s|ce64491d47e8d87f
ProductVersion
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\yh8owflgsagoey8s|ce64491d47e8d87f
LinkDate
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\yh8owflgsagoey8s|ce64491d47e8d87f
BinProductVersion
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\yh8owflgsagoey8s|ce64491d47e8d87f
AppxPackageFullName
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\yh8owflgsagoey8s|ce64491d47e8d87f
AppxPackageRelativeId
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\yh8owflgsagoey8s|ce64491d47e8d87f
Size
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\yh8owflgsagoey8s|ce64491d47e8d87f
Language
\REGISTRY\A\{85dbebdd-7655-1403-3bc2-22f0c7fac17a}\Root\InventoryApplicationFile\yh8owflgsagoey8s|ce64491d47e8d87f
Usn
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
ExtreamFanV6
There are 74 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
1AF0000
direct allocation
page read and write
 malicious
2C91000
direct allocation
page execute and read and write
 malicious
14EE000
heap
page read and write
 malicious
E7A000
heap
page read and write
 malicious
43E5000
trusted library allocation
page read and write
 malicious
3CC5000
trusted library allocation
page read and write
 malicious
2BEF000
heap
page read and write
 malicious
27D8000
trusted library allocation
page read and write
 malicious
32B5000
trusted library allocation
page read and write
 malicious
402000
remote allocation
page execute and read and write
 malicious
402000
remote allocation
page execute and read and write
 malicious
400000
remote allocation
page execute and read and write
 malicious
14DD000
trusted library allocation
page execute and read and write
1D8DF000
heap
page read and write
15C9000
heap
page read and write
248E000
direct allocation
page read and write
2C24000
trusted library allocation
page read and write
16FF000
stack
page read and write
1195000
heap
page read and write
1010000
heap
page read and write
2CC2000
trusted library allocation
page execute and read and write
465000
heap
page read and write
2DA5000
heap
page read and write
112B000
trusted library allocation
page execute and read and write
E60000
heap
page read and write
554E000
stack
page read and write
5B9000
remote allocation
page execute and read and write
500000
heap
page read and write
2CEB000
heap
page read and write
68A10000
unkown
page readonly
1C5CA000
heap
page read and write
1413000
trusted library allocation
page execute and read and write
12E1000
unkown
page readonly
400000
unkown
page readonly
16F4000
trusted library allocation
page read and write
CDF000
unkown
page write copy
2BB3000
trusted library allocation
page read and write
58D0000
trusted library allocation
page execute and read and write
400000
remote allocation
page execute and read and write
5130000
heap
page read and write
4CE0000
direct allocation
page read and write
2031000
direct allocation
page read and write
12BC000
heap
page read and write
6289000
trusted library allocation
page read and write
9B3AE7F000
stack
page read and write
94E000
stack
page read and write
14E4000
trusted library allocation
page read and write
8C70000
heap
page read and write
1EC5AD00000
heap
page read and write
5E2E000
stack
page read and write
2EE6000
trusted library allocation
page read and write
1204000
trusted library allocation
page read and write
4CF0000
heap
page read and write
174F000
unkown
page read and write
56B0000
heap
page execute and read and write
2CB0000
heap
page read and write
68BEF000
unkown
page write copy
2FB3000
trusted library allocation
page read and write
2B3E000
trusted library allocation
page read and write
4CE0000
direct allocation
page read and write
27B0000
direct allocation
page read and write
2273F000
stack
page read and write
43AE000
stack
page read and write
19AFE000
stack
page read and write
9D0000
heap
page read and write
18CA000
direct allocation
page read and write
17ED000
stack
page read and write
310E000
stack
page read and write
1D28D000
stack
page read and write
19A0000
heap
page read and write
5A000
unkown
page readonly
480C000
stack
page read and write
2BBE000
trusted library allocation
page read and write
1106000
heap
page read and write
1370000
heap
page read and write
718D000
stack
page read and write
5656000
trusted library allocation
page read and write
4EC3000
heap
page read and write
1CF8000
direct allocation
page read and write
199C9F20000
trusted library section
page readonly
4CF1000
heap
page read and write
20B5000
heap
page read and write
4880000
heap
page read and write
68BEF000
unkown
page write copy
550000
heap
page read and write
18EA000
direct allocation
page read and write
2D8C000
heap
page read and write
7B429FE000
unkown
page readonly
6560000
heap
page execute and read and write
2C7B000
trusted library allocation
page read and write
BA0000
heap
page read and write
2C3D000
trusted library allocation
page read and write
1800000
direct allocation
page read and write
4261000
trusted library allocation
page read and write
185E000
stack
page read and write
2BD7000
trusted library allocation
page read and write
1700000
trusted library allocation
page read and write
1A50000
heap
page read and write
DB5000
trusted library allocation
page execute and read and write
1D8F2000
heap
page read and write
211C0000
heap
page read and write
1D904000
heap
page read and write
2FFF000
stack
page read and write
21C3F000
stack
page read and write
7B430FE000
unkown
page readonly
630B000
trusted library allocation
page read and write
199CE6C0000
remote allocation
page read and write
14C0000
heap
page read and write
1DFE000
heap
page read and write
61E00000
direct allocation
page execute and read and write
18A4000
direct allocation
page read and write
710000
heap
page read and write
F46000
unkown
page execute and write copy
1917000
direct allocation
page read and write
2E2A000
heap
page read and write
27E0000
direct allocation
page read and write
4CF1000
heap
page read and write
24AE000
direct allocation
page read and write
1D8F8000
heap
page read and write
456000
remote allocation
page execute and read and write
18C0000
heap
page read and write
4CF1000
heap
page read and write
3CF9000
heap
page read and write
29A30000
heap
page read and write
61ED3000
direct allocation
page read and write
2486000
direct allocation
page read and write
1D904000
heap
page read and write
199C8E00000
heap
page read and write
4BF000
unkown
page readonly
211B000
trusted library allocation
page execute and read and write
39FF000
stack
page read and write
5450000
trusted library allocation
page read and write
558E000
stack
page read and write
5665000
trusted library allocation
page read and write
2D67000
heap
page read and write
262E000
stack
page read and write
141933000
unkown
page execute read
2B14000
trusted library allocation
page read and write
DBB000
trusted library allocation
page execute and read and write
1C09E000
heap
page read and write
30C0000
heap
page read and write
F0E000
heap
page read and write
6287000
trusted library allocation
page read and write
587000
remote allocation
page execute and read and write
1160000
heap
page read and write
BA0000
heap
page read and write
2896000
trusted library allocation
page read and write
2EF6000
trusted library allocation
page read and write
52B0000
trusted library allocation
page read and write
AB4000
trusted library allocation
page read and write
68AF000
trusted library allocation
page read and write
1A83000
heap
page read and write
2424000
direct allocation
page read and write
27240000
heap
page read and write
5659000
trusted library allocation
page read and write
1D8F6000
heap
page read and write
2A31000
trusted library allocation
page read and write
1D90000
direct allocation
page read and write
2518000
direct allocation
page read and write
EDE000
unkown
page readonly
2F7E000
stack
page read and write
F00000
unkown
page readonly
2456000
direct allocation
page read and write
199CF000000
heap
page read and write
DAF000
stack
page read and write
5EC000
unkown
page execute and write copy
4ACC000
heap
page read and write
1097000
trusted library allocation
page execute and read and write
4CF1000
heap
page read and write
5644000
trusted library allocation
page read and write
10E5000
unkown
page execute and write copy
3797000
heap
page read and write
211C5000
heap
page read and write
10A0000
heap
page read and write
20CC000
direct allocation
page read and write
5160000
heap
page read and write
18B0000
direct allocation
page read and write
199C9C40000
trusted library allocation
page read and write
2CF2000
heap
page read and write
2261D000
direct allocation
page readonly
1DBE000
stack
page read and write
2EDD000
trusted library allocation
page read and write
774F000
stack
page read and write
1D8FB000
heap
page read and write
2FE4000
trusted library allocation
page read and write
1AE0000
trusted library allocation
page read and write
5A90000
trusted library section
page read and write
7E2000
direct allocation
page read and write
3573000
heap
page read and write
CAC000
unkown
page read and write
2500000
direct allocation
page read and write
2DA2000
heap
page read and write
5790000
heap
page read and write
1D904000
heap
page read and write
540E000
stack
page read and write
14D0000
trusted library allocation
page read and write
798D000
stack
page read and write
4DD4000
trusted library allocation
page read and write
1D91D000
heap
page read and write
1086000
trusted library allocation
page execute and read and write
1A1D000
heap
page read and write
5E6E000
stack
page read and write
280000
unkown
page readonly
2EFE000
stack
page read and write
16CC000
unkown
page read and write
5680000
trusted library allocation
page execute and read and write
10C0000
trusted library allocation
page read and write
970000
heap
page read and write
188A000
direct allocation
page read and write
2F7F000
trusted library allocation
page read and write
1EC5AB00000
trusted library allocation
page read and write
21190000
heap
page read and write
2441000
trusted library allocation
page read and write
2090000
direct allocation
page read and write
4CF1000
heap
page read and write
1188000
heap
page read and write
1AE6E000
stack
page read and write
A61000
unkown
page execute and read and write
AEE000
stack
page read and write
2DFE000
stack
page read and write
61EB7000
direct allocation
page readonly
1A78000
heap
page read and write
3D5E000
heap
page read and write
5C82000
trusted library allocation
page read and write
6285000
trusted library allocation
page read and write
1360000
trusted library allocation
page read and write
DF7000
heap
page read and write
4CF1000
heap
page read and write
101DE000
stack
page read and write
90F000
unkown
page read and write
8CAE000
heap
page read and write
1620000
heap
page read and write
32BE000
stack
page read and write
4215000
trusted library allocation
page read and write
180C000
direct allocation
page read and write
177C000
unkown
page write copy
272E000
stack
page read and write
1340000
heap
page read and write
71F0000
trusted library allocation
page execute and read and write
199C8EB0000
heap
page read and write
27DA000
direct allocation
page read and write
513E000
stack
page read and write
1110000
trusted library allocation
page execute and read and write
174FE000
stack
page read and write
1556000
heap
page read and write
400000
remote allocation
page execute and read and write
4CEF000
stack
page read and write
2E02000
heap
page read and write
4CF1000
heap
page read and write
2F2E000
trusted library allocation
page read and write
62C6000
trusted library allocation
page read and write
4211000
trusted library allocation
page read and write
850000
heap
page read and write
2E14000
trusted library allocation
page read and write
14000C000
unkown
page read and write
5C80000
trusted library allocation
page read and write
1050000
heap
page read and write
18DC000
trusted library allocation
page read and write
10D3000
heap
page read and write
51D0000
trusted library allocation
page read and write
1380000
trusted library allocation
page read and write
199CE44F000
heap
page read and write
18EE000
direct allocation
page read and write
3731000
trusted library allocation
page read and write
70F000
heap
page read and write
24F2000
direct allocation
page read and write
2420000
heap
page read and write
5B20000
heap
page read and write
199C8DA0000
trusted library allocation
page read and write
970000
heap
page read and write
31C0000
heap
page read and write
EBD000
heap
page read and write
5E60000
trusted library allocation
page read and write
2F17000
trusted library allocation
page read and write
316E000
stack
page read and write
4CF1000
heap
page read and write
141933000
unkown
page execute read
11CF000
stack
page read and write
1D8AF000
stack
page read and write
CDA000
unkown
page read and write
4CF1000
heap
page read and write
1D8E000
stack
page read and write
24B4000
direct allocation
page read and write
25A0000
heap
page read and write
43FE000
stack
page read and write
98F000
stack
page read and write
58CD000
stack
page read and write
29A70000
heap
page read and write
6F99000
heap
page read and write
D10000
heap
page read and write
20F0000
trusted library allocation
page read and write
1D8F9000
heap
page read and write
250E000
direct allocation
page read and write
1138000
direct allocation
page read and write
1882000
direct allocation
page read and write
4CE0000
direct allocation
page read and write
3E4E000
stack
page read and write
5D3000
trusted library allocation
page execute and read and write
133B000
stack
page read and write
1D8F9000
heap
page read and write
7E0000
heap
page read and write
4E4C000
stack
page read and write
1AE0F000
stack
page read and write
56F0000
trusted library allocation
page read and write
30000
unkown
page readonly
20F0000
direct allocation
page read and write
140F33000
unkown
page execute read
5B30000
heap
page read and write
14FBE000
stack
page read and write
493D000
stack
page read and write
47BF000
stack
page read and write
650000
heap
page read and write
4B7F000
stack
page read and write
2D70000
heap
page execute and read and write
14D3000
trusted library allocation
page execute and read and write
1D8FF000
heap
page read and write
1130000
direct allocation
page read and write
20C7000
direct allocation
page read and write
25E0000
heap
page execute and read and write
148D000
heap
page read and write
18E000
stack
page read and write
2440000
direct allocation
page read and write
22A0000
heap
page read and write
BE0000
unkown
page readonly
3D78000
heap
page read and write
FBE000
stack
page read and write
110E000
stack
page read and write
2BEE000
stack
page read and write
22890000
direct allocation
page read and write
29BFE000
heap
page read and write
24F4000
direct allocation
page read and write
1D8D2000
heap
page read and write
48FF000
stack
page read and write
191E000
direct allocation
page read and write
AE0000
heap
page read and write
159A000
heap
page read and write
6305000
trusted library allocation
page read and write
27A8000
direct allocation
page read and write
2731000
trusted library allocation
page read and write
1AEA000
trusted library allocation
page execute and read and write
33E6000
trusted library allocation
page read and write
1AFAE000
stack
page read and write
437000
remote allocation
page execute and read and write
5E6E000
trusted library allocation
page read and write
1D8F9000
heap
page read and write
7100000
trusted library allocation
page read and write
16E3000
trusted library allocation
page execute and read and write
7B426FB000
stack
page read and write
1D904000
heap
page read and write
24BA000
direct allocation
page read and write
4CF1000
heap
page read and write
1580000
trusted library allocation
page read and write
673E000
stack
page read and write
181A000
direct allocation
page read and write
51DE000
trusted library allocation
page read and write
1924000
direct allocation
page read and write
27B2000
direct allocation
page read and write
5446000
trusted library allocation
page read and write
5320000
direct allocation
page execute and read and write
1D8E9000
heap
page read and write
2FAB000
trusted library allocation
page read and write
1832000
direct allocation
page read and write
53C0000
trusted library allocation
page read and write
21D85000
direct allocation
page read and write
5D5F000
stack
page read and write
2CD0000
heap
page read and write
33BF000
stack
page read and write
8C72000
heap
page read and write
4DF0000
trusted library allocation
page read and write
40D000
unkown
page write copy
61ED0000
direct allocation
page read and write
2CAD000
stack
page read and write
199CE320000
trusted library allocation
page read and write
1AD0E000
stack
page read and write
3C7F000
stack
page read and write
181E000
direct allocation
page read and write
1083000
trusted library allocation
page read and write
11D8000
heap
page read and write
770000
heap
page read and write
5E00000
heap
page read and write
189E000
direct allocation
page read and write
7F0000
direct allocation
page read and write
5780000
trusted library allocation
page read and write
3F8E000
stack
page read and write
1500000
heap
page read and write
4D01000
heap
page read and write
5F5D000
heap
page read and write
1868000
direct allocation
page read and write
5BAE000
stack
page read and write
BDA000
heap
page read and write
EC000
stack
page read and write
1056000
heap
page read and write
1D14E000
stack
page read and write
1D904000
heap
page read and write
4CF1000
heap
page read and write
2C89000
trusted library allocation
page read and write
1AFB000
trusted library allocation
page execute and read and write
5F2C000
heap
page read and write
714000
heap
page read and write
2260000
heap
page read and write
1D8F6000
heap
page read and write
1EC5AA7F000
heap
page read and write
550000
heap
page read and write
1D8D0000
heap
page read and write
5AE000
stack
page read and write
225DF000
direct allocation
page readonly
2792000
direct allocation
page read and write
1233000
heap
page read and write
199CE4F0000
heap
page read and write
4CF1000
heap
page read and write
5E4E000
trusted library allocation
page read and write
124F000
heap
page read and write
1D904000
heap
page read and write
196E000
direct allocation
page read and write
EDA000
heap
page read and write
1810000
heap
page read and write
24EBDA00000
heap
page read and write
559000
heap
page read and write
5E9F000
stack
page read and write
BC0000
heap
page read and write
8CD4000
heap
page read and write
199CE4F4000
heap
page read and write
7B421FE000
unkown
page readonly
C7F000
unkown
page write copy
141968000
unkown
page readonly
2490000
direct allocation
page read and write
199CE600000
trusted library allocation
page read and write
FC1E3FE000
stack
page read and write
E5E000
stack
page read and write
2AED000
stack
page read and write
2BB6000
trusted library allocation
page read and write
116F000
heap
page read and write
199C9901000
trusted library allocation
page read and write
2A2A000
trusted library allocation
page read and write
14E6000
trusted library allocation
page read and write
2520000
direct allocation
page read and write
4CF1000
heap
page read and write
37BE000
stack
page read and write
5BA0000
trusted library allocation
page read and write
180000
heap
page read and write
11CE000
stack
page read and write
33AE000
stack
page read and write
70F000
heap
page read and write
26F3000
direct allocation
page read and write
4D94000
trusted library allocation
page read and write
2690000
heap
page read and write
1EC5AC13000
heap
page read and write
1180000
heap
page read and write
10A0000
heap
page read and write
1440000
heap
page read and write
5EAE000
stack
page read and write
278C000
direct allocation
page read and write
108A000
trusted library allocation
page execute and read and write
ACA000
unkown
page execute and read and write
225DD000
direct allocation
page execute read
20C8000
direct allocation
page read and write
CC3000
unkown
page read and write
72EF000
stack
page read and write
2F5A000
trusted library allocation
page read and write
2F92000
trusted library allocation
page read and write
19AE000
heap
page read and write
1010000
trusted library allocation
page read and write
61E01000
direct allocation
page execute read
18EA000
trusted library allocation
page read and write
9D0000
heap
page read and write
199C8E2B000
heap
page read and write
19C000
stack
page read and write
4E82000
trusted library allocation
page read and write
2A54000
heap
page read and write
23BB000
direct allocation
page read and write
2DC4000
heap
page read and write
2BA6000
trusted library allocation
page read and write
1238000
heap
page read and write
188E000
direct allocation
page read and write
3B7E000
stack
page read and write
211CA000
heap
page read and write
199CE4EC000
heap
page read and write
16C5000
unkown
page read and write
5C0000
trusted library allocation
page read and write
7214000
trusted library allocation
page read and write
B24000
unkown
page execute and read and write
4B4E000
stack
page read and write
1AC0000
trusted library allocation
page read and write
593D000
stack
page read and write
1920000
direct allocation
page read and write
1B40000
direct allocation
page read and write
1060000
trusted library allocation
page read and write
136F000
trusted library allocation
page read and write
820000
direct allocation
page read and write
15E0000
trusted library allocation
page read and write
199C9713000
heap
page read and write
1420000
heap
page read and write
24A0000
direct allocation
page read and write
13F2000
heap
page read and write
2E70000
heap
page read and write
68970000
unkown
page readonly
46FD000
stack
page read and write
A90000
remote allocation
page read and write
14E4E000
stack
page read and write
68E000
heap
page read and write
3973000
trusted library allocation
page read and write
7010000
trusted library allocation
page read and write
4E33000
heap
page execute and read and write
4DB6000
trusted library allocation
page read and write
494E000
stack
page read and write
19A8000
heap
page read and write
29AF000
stack
page read and write
9D9F000
stack
page read and write
4CF1000
heap
page read and write
5F0000
unkown
page execute and write copy
162E000
stack
page read and write
1026000
trusted library allocation
page read and write
54DE000
stack
page read and write
1096000
trusted library allocation
page execute and read and write
17CE000
unkown
page readonly
1437000
heap
page read and write
B2E000
stack
page read and write
2696000
direct allocation
page read and write
1040000
heap
page read and write
27B6000
direct allocation
page read and write
1D8F9000
heap
page read and write
1EC5AC00000
heap
page read and write
1870000
direct allocation
page read and write
2784000
direct allocation
page read and write
23AC2000
heap
page read and write
199CE42C000
heap
page read and write
161E000
heap
page read and write
627A000
trusted library allocation
page read and write
49F000
remote allocation
page execute and read and write
592000
remote allocation
page execute and read and write
56C0000
heap
page read and write
453E000
stack
page read and write
990000
heap
page read and write
1160000
heap
page read and write
34F0000
heap
page read and write
1D8F1000
heap
page read and write
190000
heap
page read and write
11DE000
heap
page read and write
1EC5A900000
trusted library allocation
page read and write
177D000
unkown
page readonly
2BB1000
direct allocation
page read and write
F74000
unkown
page readonly
59A4000
direct allocation
page read and write
4CF1000
heap
page read and write
40B000
unkown
page write copy
1247000
heap
page read and write
5460000
trusted library allocation
page read and write
1CF0000
direct allocation
page read and write
DAC000
stack
page read and write
6B0000
unkown
page readonly
20B9000
heap
page read and write
4CF1000
heap
page read and write
F3E000
unkown
page readonly
7C2000
unkown
page readonly
25D0000
trusted library allocation
page read and write
4CF1000
heap
page read and write
3130000
direct allocation
page read and write
CE0000
unkown
page readonly
490000
heap
page read and write
2F64000
trusted library allocation
page read and write
52A3000
heap
page read and write
5F40000
heap
page execute and read and write
48FD000
stack
page read and write
9E2000
unkown
page readonly
1EC5AA00000
unkown
page read and write
236E000
stack
page read and write
199C9F00000
trusted library section
page readonly
2A2C000
trusted library allocation
page read and write
22B5000
trusted library allocation
page execute and read and write
2424000
heap
page read and write
14E8000
trusted library allocation
page read and write
18FE000
direct allocation
page read and write
177C000
unkown
page write copy
F2D000
unkown
page execute and read and write
212C000
direct allocation
page read and write
2E34000
heap
page read and write
10FB000
heap
page read and write
5B0000
heap
page read and write
1A94E000
stack
page read and write
183F000
direct allocation
page read and write
2C1C000
trusted library allocation
page read and write
254D000
direct allocation
page read and write
40B000
unkown
page execute and read and write
30BF000
stack
page read and write
2CD7000
heap
page read and write
2EFA000
trusted library allocation
page read and write
15F0000
heap
page read and write
29AF2000
heap
page read and write
A60000
unkown
page read and write
4942000
trusted library allocation
page read and write
AAC000
stack
page read and write
18C8000
direct allocation
page read and write
B84000
heap
page read and write
2E1B000
heap
page read and write
199CE4C4000
heap
page read and write
1C465000
heap
page read and write
DFA000
stack
page read and write
11FA000
heap
page read and write
59E000
stack
page read and write
7D0000
direct allocation
page read and write
1D8F9000
heap
page read and write
FDB000
stack
page read and write
2BB0000
trusted library allocation
page read and write
68A11000
unkown
page execute read
5820000
heap
page read and write
2E030000
heap
page read and write
FC1DBFD000
stack
page read and write
188C000
direct allocation
page read and write
14C0000
trusted library allocation
page read and write
68A10000
unkown
page readonly
16A0000
heap
page read and write
7E0000
direct allocation
page read and write
810000
heap
page read and write
6050000
heap
page read and write
33FE000
stack
page read and write
244B000
direct allocation
page read and write
2600000
direct allocation
page read and write
8CB8000
heap
page read and write
57D0000
heap
page read and write
995000
heap
page read and write
199CE500000
heap
page read and write
2957000
direct allocation
page read and write
24F8000
direct allocation
page read and write
1DB50000
trusted library allocation
page read and write
2360000
direct allocation
page read and write
135E000
stack
page read and write
199C8E91000
heap
page read and write
2841000
trusted library allocation
page read and write
38BF000
stack
page read and write
1D3F000
direct allocation
page read and write
22536000
direct allocation
page execute read
7200000
trusted library allocation
page read and write
61ED4000
direct allocation
page readonly
199C9700000
heap
page read and write
4D0000
heap
page read and write
18E4000
direct allocation
page read and write
1395000
heap
page read and write
22950000
heap
page read and write
1EC5AA38000
heap
page read and write
1DE0000
direct allocation
page read and write
26B4000
direct allocation
page read and write
B5B000
stack
page read and write
1DB0D000
stack
page read and write
2FDF000
trusted library allocation
page read and write
2A58000
heap
page read and write
A80000
heap
page read and write
19D4000
heap
page read and write
123B000
trusted library allocation
page execute and read and write
997000
unkown
page readonly
5190000
direct allocation
page read and write
2F41000
trusted library allocation
page read and write
5F0000
heap
page read and write
199CE6C0000
remote allocation
page read and write
2060000
heap
page read and write
21B3E000
stack
page read and write
24C0000
direct allocation
page read and write
1080000
trusted library allocation
page read and write
199C8E7A000
heap
page read and write
C50000
heap
page read and write
1445000
heap
page read and write
7B42C7E000
stack
page read and write
223D0000
direct allocation
page execute and read and write
18E0000
direct allocation
page read and write
3440000
heap
page read and write
1205000
heap
page read and write
53C0000
trusted library allocation
page read and write
17ED000
unkown
page readonly
24DE000
direct allocation
page read and write
100E000
stack
page read and write
2CC1000
trusted library allocation
page read and write
400000
remote allocation
page execute and read and write
24EBE202000
trusted library allocation
page read and write
1B8D000
stack
page read and write
7620000
heap
page read and write
2707000
direct allocation
page read and write
1064000
trusted library allocation
page read and write
2418000
direct allocation
page read and write
9D0000
heap
page read and write
2F62000
trusted library allocation
page read and write
1846000
direct allocation
page read and write
21FEF000
stack
page read and write
E0E000
stack
page read and write
22884000
direct allocation
page read and write
1EC5AD13000
heap
page read and write
5E6E000
stack
page read and write
1269000
heap
page read and write
78D000
trusted library allocation
page read and write
4D0000
trusted library allocation
page read and write
2B4D000
trusted library allocation
page read and write
1D8F8000
heap
page read and write
26F9000
direct allocation
page read and write
246E000
direct allocation
page read and write
199CA2A0000
trusted library allocation
page read and write
2ED9000
trusted library allocation
page read and write
2F3D000
trusted library allocation
page read and write
4CF1000
heap
page read and write
4E30000
heap
page execute and read and write
9DA0000
unclassified section
page read and write
23A0000
trusted library allocation
page read and write
1D904000
heap
page read and write
4CF1000
heap
page read and write
36D0000
heap
page read and write
1804000
direct allocation
page read and write
3CE0000
heap
page read and write
453F000
stack
page read and write
CA0000
unkown
page execute and read and write
116B000
heap
page read and write
5280000
trusted library allocation
page read and write
327E000
stack
page read and write
589E000
stack
page read and write
4F1000
remote allocation
page execute and read and write
7B4387E000
stack
page read and write
2782000
direct allocation
page read and write
1E40000
heap
page read and write
4CF1000
heap
page read and write
2F1B000
trusted library allocation
page read and write
4CF1000
heap
page read and write
112C000
heap
page read and write
8EC000
stack
page read and write
199C8E5B000
heap
page read and write
1D912000
heap
page read and write
27C6000
direct allocation
page read and write
1888000
direct allocation
page read and write
5C7E000
stack
page read and write
5D4000
trusted library allocation
page read and write
14D4000
trusted library allocation
page read and write
2D4E000
stack
page read and write
30A7000
trusted library allocation
page read and write
AB0000
heap
page read and write
5440000
trusted library allocation
page read and write
223D1000
direct allocation
page execute read
1ACD000
trusted library allocation
page execute and read and write
4CF1000
heap
page read and write
20B0000
heap
page read and write
DCE000
heap
page read and write
2E4A000
heap
page read and write
AD0000
trusted library allocation
page read and write
2686000
direct allocation
page read and write
1D904000
heap
page read and write
5310000
direct allocation
page execute and read and write
6310000
trusted library allocation
page read and write
1866000
direct allocation
page read and write
1D91B000
heap
page read and write
D85000
heap
page read and write
1214000
trusted library allocation
page read and write
5EE000
unkown
page execute and write copy
1755E000
stack
page read and write
1C05C000
heap
page read and write
4CF1000
heap
page read and write
2A50000
trusted library allocation
page read and write
336F000
stack
page read and write
1598000
stack
page read and write
4CF1000
heap
page read and write
4DBE000
stack
page read and write
2DA8000
heap
page read and write
17D0000
trusted library allocation
page execute and read and write
AED000
unkown
page readonly
1EC5AA7F000
heap
page read and write
199CE330000
trusted library allocation
page read and write
51CE000
stack
page read and write
2EB3000
trusted library allocation
page read and write
1D91B000
heap
page read and write
28D2000
trusted library allocation
page read and write
C07000
unkown
page execute and read and write
1B5E000
stack
page read and write
4DE0000
trusted library allocation
page read and write
7B425FE000
unkown
page readonly
5EAE000
stack
page read and write
63FE000
stack
page read and write
F45000
unkown
page execute and read and write
15A0000
heap
page read and write
19A9F000
stack
page read and write
2892000
trusted library allocation
page read and write
7DE000
stack
page read and write
4CF1000
heap
page read and write
1EC5AA39000
heap
page read and write
5520000
trusted library allocation
page read and write
4CF1000
heap
page read and write
3660000
trusted library allocation
page read and write
4CC0000
heap
page read and write
6180000
trusted library allocation
page execute and read and write
68B5000
trusted library allocation
page read and write
5190000
direct allocation
page read and write
70F0000
trusted library allocation
page read and write
19EF000
stack
page read and write
9D0000
heap
page read and write
56E0000
trusted library allocation
page read and write
815000
heap
page read and write
2F5C000
trusted library allocation
page read and write
22B6000
trusted library allocation
page read and write
51BE000
heap
page read and write
2454000
direct allocation
page read and write
2705000
direct allocation
page read and write
9B3AFF9000
stack
page read and write
1860000
direct allocation
page read and write
F22000
unkown
page readonly
1B110000
heap
page read and write
EF7000
stack
page read and write
29B60000
trusted library allocation
page read and write
B7C000
heap
page read and write
211A0000
heap
page read and write
4CF1000
heap
page read and write
D80000
heap
page read and write
199C8E41000
heap
page read and write
400000
unkown
page readonly
4E70000
heap
page read and write
869000
stack
page read and write
199C9F40000
trusted library section
page readonly
31AE000
stack
page read and write
2C02000
trusted library allocation
page read and write
4AED000
trusted library allocation
page read and write
D30000
heap
page read and write
63B0000
trusted library allocation
page execute and read and write
3690000
trusted library allocation
page read and write
4CF1000
heap
page read and write
5FA000
heap
page read and write
17ED000
unkown
page readonly
7C0000
unkown
page readonly
61ED4000
direct allocation
page readonly
32B0000
heap
page read and write
4DD0000
trusted library allocation
page read and write
2728000
direct allocation
page read and write
199C8F02000
heap
page read and write
62FE000
stack
page read and write
16C4000
unkown
page write copy
29AFA000
heap
page read and write
199C8E13000
heap
page read and write
245E000
direct allocation
page read and write
150A000
heap
page read and write
272F8000
heap
page read and write
500000
remote allocation
page execute and read and write
68A02000
unkown
page readonly
68A000
heap
page read and write
778E000
stack
page read and write
68BA000
trusted library allocation
page read and write
2884000
trusted library allocation
page read and write
5350000
heap
page read and write
1086000
trusted library allocation
page read and write
997000
unkown
page readonly
80EE000
stack
page read and write
18AE000
direct allocation
page read and write
1240000
heap
page read and write
5AC000
stack
page read and write
2A4E000
heap
page read and write
2BDF000
trusted library allocation
page read and write
199CE458000
heap
page read and write
152F000
heap
page read and write
28E7000
trusted library allocation
page read and write
570000
heap
page read and write
9D5000
heap
page read and write
34FF000
stack
page read and write
683C000
stack
page read and write
1523000
heap
page read and write
109A000
trusted library allocation
page execute and read and write
2B50000
trusted library allocation
page read and write
AE0000
heap
page read and write
69F000
heap
page read and write
58E0000
trusted library allocation
page read and write
5190000
direct allocation
page read and write
317E000
stack
page read and write
2EFE000
trusted library allocation
page read and write
11BC000
heap
page read and write
514E000
stack
page read and write
2C6F000
stack
page read and write
10A7000
trusted library allocation
page execute and read and write
2E65000
trusted library allocation
page read and write
7B422FB000
stack
page read and write
199CE300000
trusted library allocation
page read and write
2B0C000
trusted library allocation
page read and write
DE0000
trusted library allocation
page read and write
61FE000
stack
page read and write
1934000
direct allocation
page read and write
9B000
stack
page read and write
5690000
trusted library allocation
page read and write
129E000
stack
page read and write
2272D000
stack
page read and write
91E000
heap
page read and write
10AB000
trusted library allocation
page execute and read and write
4CF1000
heap
page read and write
1370000
trusted library allocation
page execute and read and write
1C671000
heap
page read and write
2DB5000
trusted library allocation
page read and write
741E000
heap
page read and write
3C9E000
stack
page read and write
33E1000
trusted library allocation
page read and write
2ADF000
stack
page read and write
1300000
unkown
page readonly
2F1D000
trusted library allocation
page read and write
4C4000
unkown
page write copy
199CE442000
heap
page read and write
1C1AC000
stack
page read and write
4CF1000
heap
page read and write
2FCE000
stack
page read and write
320D000
stack
page read and write
4BBE000
stack
page read and write
2414000
direct allocation
page read and write
2DBE000
stack
page read and write
2E30000
heap
page read and write
2426000
direct allocation
page read and write
313F000
stack
page read and write
6890000
trusted library allocation
page read and write
27D4000
direct allocation
page read and write
BE7000
unkown
page execute and read and write
4A4F000
stack
page read and write
F0A000
heap
page read and write
42BF000
stack
page read and write
9C000
stack
page read and write
8CCE000
heap
page read and write
181C000
direct allocation
page read and write
19CB000
heap
page read and write
2C08000
trusted library allocation
page read and write
1D8F9000
heap
page read and write
1490000
trusted library allocation
page read and write
2D60000
heap
page read and write
1875000
direct allocation
page read and write
5F6E000
stack
page read and write
6380000
trusted library allocation
page read and write
2729D000
heap
page read and write
1AB8E000
stack
page read and write
2786000
direct allocation
page read and write
1619000
heap
page read and write
27F0000
trusted library allocation
page read and write
199C9F50000
trusted library section
page readonly
5CE000
heap
page read and write
48A4000
trusted library allocation
page read and write
2FCE000
unkown
page read and write
7610000
heap
page read and write
24EBDA02000
heap
page read and write
326F000
stack
page read and write
1C45E000
stack
page read and write
542B000
stack
page read and write
5FAF000
stack
page read and write
58D0000
direct allocation
page read and write
5E40000
trusted library allocation
page read and write
218FF000
stack
page read and write
2432000
direct allocation
page read and write
5453000
trusted library allocation
page read and write
1DB5D000
heap
page read and write
4CF1000
heap
page read and write
1D4000
heap
page read and write
12F7000
stack
page read and write
1EC5AA1C000
unkown
page read and write
27CC000
direct allocation
page read and write
4CE0000
direct allocation
page read and write
2692000
direct allocation
page read and write
199CE4DF000
heap
page read and write
5210000
trusted library allocation
page read and write
254A000
direct allocation
page read and write
7B42A7E000
stack
page read and write
619000
heap
page read and write
2E40000
heap
page read and write
2740000
direct allocation
page read and write
1377000
heap
page read and write
13D7000
heap
page read and write
5FE000
heap
page read and write
1430000
heap
page read and write
17AE000
stack
page read and write
29A98000
heap
page read and write
1073000
trusted library allocation
page execute and read and write
9AB000
stack
page read and write
3CF0000
heap
page read and write
65A000
heap
page read and write
5E0E000
heap
page read and write
4DBF000
stack
page read and write
199C8F13000
heap
page read and write
4CE0000
direct allocation
page read and write
35000
unkown
page readonly
58FE000
stack
page read and write
13CF000
stack
page read and write
2526000
direct allocation
page read and write
1A70000
heap
page read and write
190E000
direct allocation
page read and write
62D2000
trusted library allocation
page read and write
686A000
trusted library allocation
page read and write
5252000
heap
page read and write
6340000
trusted library allocation
page read and write
4428000
trusted library allocation
page read and write
4CF1000
heap
page read and write
12B0000
heap
page read and write
6330000
trusted library allocation
page read and write
4EF5000
trusted library allocation
page read and write
4DF5000
trusted library allocation
page read and write
199CE4FB000
heap
page read and write
199CE484000
heap
page read and write
24FA000
direct allocation
page read and write
2E7E000
stack
page read and write
2FC2000
trusted library allocation
page read and write
2E3B000
stack
page read and write
134D000
unkown
page readonly
140000000
unkown
page readonly
282000
unkown
page readonly
68BAF000
unkown
page readonly
16FB000
trusted library allocation
page read and write
1D0000
heap
page read and write
7B42BFE000
unkown
page readonly
21192000
heap
page read and write
400000
unkown
page readonly
61C000
heap
page read and write
ABD000
trusted library allocation
page execute and read and write
4CF1000
heap
page read and write
5D9E000
stack
page read and write
5AAE000
stack
page read and write
29ED000
stack
page read and write
1117000
heap
page read and write
183A000
direct allocation
page read and write
27AC000
direct allocation
page read and write
C81000
unkown
page write copy
C80000
unkown
page read and write
2380000
heap
page read and write
1AA4F000
stack
page read and write
2F37000
trusted library allocation
page read and write
9B3AEFF000
stack
page read and write
15FA000
heap
page read and write
241C000
direct allocation
page read and write
1890000
direct allocation
page read and write
61ECD000
direct allocation
page readonly
4CF1000
heap
page read and write
495000
heap
page read and write
199CE650000
trusted library allocation
page read and write
2C70000
trusted library allocation
page read and write
18B4000
direct allocation
page read and write
576000
heap
page read and write
FC1DEFE000
unkown
page readonly
1035000
heap
page read and write
3445000
trusted library allocation
page read and write
1309000
unkown
page readonly
590F000
stack
page read and write
28F0000
trusted library allocation
page read and write
5AA000
heap
page read and write
2A24000
trusted library allocation
page read and write
530D000
stack
page read and write
68A11000
unkown
page execute read
2C60000
heap
page read and write
2A52000
heap
page read and write
68AA000
trusted library allocation
page read and write
2402000
direct allocation
page read and write
58F0000
trusted library allocation
page read and write
840000
unkown
page readonly
714000
heap
page read and write
1B0000
heap
page read and write
2D82000
heap
page read and write
199C9F10000
trusted library section
page readonly
2E1C000
trusted library allocation
page read and write
3853000
trusted library allocation
page read and write
5360000
trusted library allocation
page execute and read and write
1370000
heap
page read and write
1C310000
heap
page read and write
184E000
direct allocation
page read and write
123D000
heap
page read and write
47FE000
stack
page read and write
7B41FFE000
unkown
page readonly
1808000
direct allocation
page read and write
1D8EA000
heap
page read and write
8C0000
heap
page read and write
62E1000
trusted library allocation
page read and write
1250000
trusted library allocation
page read and write
4AB000
unkown
page readonly
450000
heap
page read and write
1D904000
heap
page read and write
8CA5000
heap
page read and write
EB0000
heap
page read and write
5CC000
heap
page read and write
199C8D70000
heap
page read and write
1013000
trusted library allocation
page execute and read and write
172B000
unkown
page read and write
32D0000
heap
page read and write
2F94000
trusted library allocation
page read and write
2F05000
trusted library allocation
page read and write
140F33000
unkown
page execute read
3666000
trusted library allocation
page read and write
7B424FB000
stack
page read and write
1377000
heap
page read and write
112C000
stack
page read and write
49B000
unkown
page read and write
1210000
heap
page read and write
2DFE000
heap
page read and write
1AB0000
trusted library allocation
page read and write
387F000
stack
page read and write
53B0000
trusted library allocation
page read and write
1158000
heap
page read and write
70B000
heap
page read and write
5A8E000
stack
page read and write
4FF000
unkown
page execute and write copy
1C150000
heap
page read and write
1385000
trusted library allocation
page read and write
15CB000
heap
page read and write
20D8000
direct allocation
page read and write
1D91B000
heap
page read and write
199C95C1000
trusted library allocation
page read and write
14DF000
stack
page read and write
199CE2A0000
trusted library allocation
page read and write
FC1DDFE000
stack
page read and write
3F3E000
stack
page read and write
2D4E000
stack
page read and write
2730000
direct allocation
page read and write
1380000
heap
page read and write
18EC000
direct allocation
page read and write
ADF000
stack
page read and write
371E000
stack
page read and write
457E000
stack
page read and write
499000
unkown
page write copy
50F0000
heap
page read and write
1AF7000
trusted library allocation
page execute and read and write
69E000
heap
page read and write
2F2A000
trusted library allocation
page read and write
323F000
unkown
page read and write
21EEE000
stack
page read and write
1D38E000
stack
page read and write
199C8EA3000
heap
page read and write
1229000
stack
page read and write
1860000
trusted library allocation
page read and write
5300000
direct allocation
page execute and read and write
2508000
direct allocation
page read and write
6B8000
heap
page read and write
4CF1000
heap
page read and write
493000
remote allocation
page execute and read and write
850000
heap
page read and write
E9E000
stack
page read and write
2F47000
trusted library allocation
page read and write
2678000
direct allocation
page read and write
2E02C000
stack
page read and write
4CF1000
heap
page read and write
4961000
heap
page read and write
7B4297E000
stack
page read and write
7DD000
stack
page read and write
10000000
unkown
page readonly
71E0000
trusted library allocation
page read and write
199CE4C2000
heap
page read and write
788E000
stack
page read and write
39B3000
trusted library allocation
page read and write
17D5000
unkown
page readonly
1634000
heap
page read and write
400000
remote allocation
page execute and read and write
B31000
unkown
page execute and read and write
51EE000
trusted library allocation
page read and write
4CAE000
stack
page read and write
3590000
heap
page read and write
A80000
heap
page read and write
6BE000
heap
page read and write
DC4000
heap
page read and write
2D71000
trusted library allocation
page read and write
10FD000
stack
page read and write
158E000
heap
page read and write
2430000
heap
page execute and read and write
630000
heap
page read and write
199CE364000
trusted library allocation
page read and write
4E20000
trusted library allocation
page read and write
1A23000
heap
page read and write
11F0000
trusted library allocation
page read and write
822C000
stack
page read and write
52E0000
direct allocation
page execute and read and write
BE2000
unkown
page readonly
A4E000
stack
page read and write
4C0000
heap
page read and write
1730000
unkown
page write copy
456000
remote allocation
page execute and read and write
1D912000
heap
page read and write
4ED000
stack
page read and write
19D000
stack
page read and write
1060000
heap
page read and write
2720000
direct allocation
page read and write
18F6000
direct allocation
page read and write
270B000
direct allocation
page read and write
784D000
stack
page read and write
2F67000
trusted library allocation
page read and write
363F000
stack
page read and write
61EB7000
direct allocation
page readonly
4B40000
heap
page read and write
1024000
trusted library allocation
page read and write
180E000
direct allocation
page read and write
5E3000
heap
page read and write
1440000
heap
page read and write
1AA8E000
stack
page read and write
2E10000
trusted library allocation
page read and write
5330000
direct allocation
page execute and read and write
556000
heap
page read and write
2C44000
trusted library allocation
page read and write
27E4000
direct allocation
page read and write
592D000
stack
page read and write
1A30000
heap
page read and write
EB7000
unkown
page readonly
303B000
stack
page read and write
14000A000
unkown
page readonly
4CE0000
direct allocation
page read and write
4D90000
trusted library allocation
page read and write
18F2000
direct allocation
page read and write
2E33000
heap
page read and write
7B432FE000
unkown
page readonly
2F75000
trusted library allocation
page read and write
A61000
unkown
page execute and write copy
1816000
direct allocation
page read and write
367E000
stack
page read and write
832C000
stack
page read and write
1070000
trusted library allocation
page read and write
1D10F000
stack
page read and write
6410000
trusted library allocation
page execute and read and write
411000
unkown
page readonly
33EF000
stack
page read and write
1820000
direct allocation
page read and write
4D0000
trusted library allocation
page read and write
4CF1000
heap
page read and write
29E5000
heap
page read and write
3D71000
trusted library allocation
page read and write
2F5E000
trusted library allocation
page read and write
61ECC000
direct allocation
page read and write
51F1000
trusted library allocation
page read and write
560000
heap
page read and write
1D64E000
stack
page read and write
11FC000
heap
page read and write
199C8EB4000
heap
page read and write
2FBE000
stack
page read and write
29C09000
heap
page read and write
24C6000
direct allocation
page read and write
17CE000
unkown
page readonly
4E2E000
trusted library allocation
page read and write
22880000
direct allocation
page read and write
21C7D000
stack
page read and write
FC000
stack
page read and write
A60000
unkown
page readonly
1300000
heap
page read and write
1EC5AA3A000
heap
page read and write
2506000
direct allocation
page read and write
4CF1000
heap
page read and write
18CE000
direct allocation
page read and write
2F58000
trusted library allocation
page read and write
21294000
heap
page read and write
278A000
direct allocation
page read and write
199C9600000
heap
page read and write
243B000
direct allocation
page read and write
BD0000
heap
page read and write
EB5000
heap
page read and write
1190000
heap
page read and write
472E000
stack
page read and write
1C050000
heap
page read and write
5100000
trusted library allocation
page read and write
27200000
heap
page read and write
96000
stack
page read and write
2050000
heap
page read and write
1314000
unkown
page readonly
F29000
heap
page read and write
F39000
stack
page read and write
1D8EA000
heap
page read and write
4940000
heap
page read and write
61ECD000
direct allocation
page readonly
199C8D40000
heap
page read and write
AB0000
trusted library allocation
page read and write
482F000
stack
page read and write
4DBD000
trusted library allocation
page read and write
51CB000
stack
page read and write
225FE000
stack
page read and write
1834000
direct allocation
page read and write
5A0F000
stack
page read and write
3760000
heap
page read and write
1285D000
stack
page read and write
1CD6000
direct allocation
page read and write
C7E000
unkown
page read and write
2DA4000
heap
page read and write
2BC9000
trusted library allocation
page read and write
707000
trusted library allocation
page execute and read and write
1EC5AA2B000
heap
page read and write
25B0000
trusted library allocation
page execute and read and write
1800000
heap
page read and write
4CF1000
heap
page read and write
9F6000
heap
page read and write
21D8A000
direct allocation
page read and write
1729000
unkown
page write copy
6570000
trusted library allocation
page read and write
411000
unkown
page readonly
5DF0000
trusted library allocation
page execute and read and write
BD0000
heap
page read and write
13A0000
heap
page read and write
27BA000
direct allocation
page read and write
240A000
direct allocation
page read and write
1C03F000
stack
page read and write
10A5000
heap
page read and write
2F19000
trusted library allocation
page read and write
3B9E000
stack
page read and write
28F3000
trusted library allocation
page read and write
714000
heap
page read and write
8EF000
stack
page read and write
1D50D000
stack
page read and write
2D87000
heap
page read and write
2261F000
direct allocation
page readonly
466D000
stack
page read and write
1A39000
heap
page read and write
1C46C000
heap
page read and write
4E00000
trusted library allocation
page read and write
107D000
trusted library allocation
page execute and read and write
2EDB000
trusted library allocation
page read and write
2A56000
heap
page read and write
1EC5AC02000
heap
page read and write
38FE000
stack
page read and write
66FC000
stack
page read and write
1090000
heap
page read and write
15D0000
trusted library allocation
page execute and read and write
F45000
unkown
page execute and write copy
18EF000
stack
page read and write
577000
heap
page read and write
17E0000
heap
page read and write
2870000
trusted library allocation
page read and write
9B3B1FE000
stack
page read and write
272A0000
heap
page read and write
20E3000
trusted library allocation
page execute and read and write
2E82000
trusted library allocation
page read and write
B20000
remote allocation
page read and write
70B000
trusted library allocation
page execute and read and write
1D912000
heap
page read and write
432000
remote allocation
page execute and read and write
150E000
heap
page read and write
1D904000
heap
page read and write
1908000
trusted library allocation
page read and write
1E0000
heap
page read and write
401000
unkown
page execute read
2EDF000
trusted library allocation
page read and write
199C9702000
heap
page read and write
81EE000
stack
page read and write
199CE350000
trusted library allocation
page read and write
2452000
direct allocation
page read and write
720E000
trusted library allocation
page read and write
14E000
stack
page read and write
4AB000
unkown
page readonly
5A0000
heap
page read and write
13DE000
stack
page read and write
5EC000
stack
page read and write
680000
heap
page read and write
61E01000
direct allocation
page execute read
417F000
stack
page read and write
140001000
unkown
page execute read
28A8000
trusted library allocation
page read and write
2480000
direct allocation
page read and write
6899000
trusted library allocation
page read and write
17E0000
heap
page read and write
63A0000
trusted library allocation
page execute and read and write
149B000
stack
page read and write
16ED000
trusted library allocation
page execute and read and write
5260000
heap
page read and write
9B3B0FF000
stack
page read and write
170B000
trusted library allocation
page execute and read and write
219FF000
stack
page read and write
5AE000
heap
page read and write
FC1DCFE000
unkown
page readonly
18B2000
direct allocation
page read and write
2C2B000
stack
page read and write
470000
heap
page read and write
23AD000
stack
page read and write
651000
remote allocation
page execute and read and write
18E8000
direct allocation
page read and write
13CE000
stack
page read and write
5A7000
remote allocation
page execute and read and write
1000000
trusted library allocation
page read and write
1A45000
heap
page read and write
6BE000
heap
page read and write
2592000
direct allocation
page read and write
5660000
heap
page read and write
2C36000
trusted library allocation
page read and write
4CF1000
heap
page read and write
1806000
direct allocation
page read and write
18A2000
direct allocation
page read and write
1906000
direct allocation
page read and write
13BE000
heap
page read and write
AA0000
trusted library allocation
page read and write
4CF1000
heap
page read and write
634F000
stack
page read and write
18DE000
direct allocation
page read and write
5FDE000
stack
page read and write
AB3000
trusted library allocation
page execute and read and write
2263E000
stack
page read and write
1256000
heap
page read and write
3E55000
trusted library allocation
page read and write
E70000
heap
page read and write
5F2000
unkown
page execute and write copy
1D904000
heap
page read and write
1D8EA000
heap
page read and write
2C2D000
stack
page read and write
30CF000
stack
page read and write
1870000
heap
page execute and read and write
1194000
heap
page read and write
65FC000
stack
page read and write
2B40000
trusted library allocation
page read and write
4C6000
remote allocation
page execute and read and write
182C000
direct allocation
page read and write
FC1E0FE000
unkown
page readonly
2416000
direct allocation
page read and write
5E67000
trusted library allocation
page read and write
18D6000
direct allocation
page read and write
1309000
unkown
page readonly
2FAD000
trusted library allocation
page read and write
4E80000
trusted library allocation
page read and write
101D000
trusted library allocation
page execute and read and write
2EBF000
stack
page read and write
176D000
stack
page read and write
30A0000
trusted library allocation
page read and write
5CA0000
trusted library allocation
page execute and read and write
34F8000
heap
page read and write
6320000
trusted library allocation
page read and write
7B438FE000
unkown
page readonly
18E2000
direct allocation
page read and write
758F000
stack
page read and write
1D904000
heap
page read and write
2277D000
stack
page read and write
4CF1000
heap
page read and write
446000
remote allocation
page execute and read and write
1D8EA000
heap
page read and write
211D7000
heap
page read and write
620000
heap
page read and write
4C4000
remote allocation
page execute and read and write
2E27000
heap
page read and write
68971000
unkown
page execute read
2B4A000
trusted library allocation
page read and write
4CF1000
heap
page read and write
5B0E000
stack
page read and write
14DDC000
stack
page read and write
278E000
direct allocation
page read and write
2718000
direct allocation
page read and write
5E20000
heap
page read and write
7B423FE000
unkown
page readonly
A85000
heap
page read and write
225E8000
direct allocation
page readonly
140CAE000
unkown
page execute read
61EB4000
direct allocation
page read and write
6350000
trusted library allocation
page read and write
41BE000
stack
page read and write
6400000
trusted library allocation
page execute and read and write
24EBDA2B000
heap
page read and write
199C8DB0000
trusted library section
page read and write
1EC5AD02000
heap
page read and write
4EFE000
stack
page read and write
153D000
heap
page read and write
49D000
unkown
page write copy
CAB000
unkown
page write copy
2287F000
stack
page read and write
1D904000
heap
page read and write
AEB000
heap
page read and write
F25000
unkown
page readonly
5270000
trusted library allocation
page execute and read and write
400000
remote allocation
page execute and read and write
60EF000
stack
page read and write
F0A000
unkown
page execute and read and write
2EE3000
trusted library allocation
page read and write
2C30000
trusted library allocation
page read and write
714000
heap
page read and write
199C8D60000
heap
page read and write
24EBD900000
heap
page read and write
1ABCE000
stack
page read and write
FBA000
unkown
page readonly
75CE000
stack
page read and write
2862000
trusted library allocation
page read and write
90E000
stack
page read and write
ECD000
unkown
page readonly
F2E000
heap
page read and write
4DFE000
stack
page read and write
68BF000
trusted library allocation
page read and write
8CB2000
heap
page read and write
1424000
trusted library allocation
page read and write
32BA000
heap
page read and write
1C325000
heap
page read and write
1D91D000
heap
page read and write
1120000
trusted library allocation
page read and write
3F4F000
stack
page read and write
4CF1000
heap
page read and write
1D904000
heap
page read and write
14AF000
stack
page read and write
20F4000
trusted library allocation
page read and write
14C5000
heap
page read and write
5E46000
trusted library allocation
page read and write
14E0000
heap
page read and write
94E000
stack
page read and write
4E5000
remote allocation
page execute and read and write
5AC9000
direct allocation
page read and write
1850000
trusted library allocation
page execute and read and write
199CE513000
heap
page read and write
3CBE000
stack
page read and write
57D1000
heap
page read and write
61EB4000
direct allocation
page read and write
1AF0000
trusted library allocation
page read and write
2FAF000
trusted library allocation
page read and write
400000
remote allocation
page execute and read and write
2EBF000
trusted library allocation
page read and write
2422000
direct allocation
page read and write
1D8FF000
heap
page read and write
2C6F000
stack
page read and write
6280000
trusted library allocation
page read and write
56D0000
heap
page read and write
12F9000
stack
page read and write
6B1000
unkown
page execute read
6550000
trusted library allocation
page read and write
3790000
heap
page read and write
1C07E000
heap
page read and write
A60000
unkown
page readonly
DCE000
stack
page read and write
11F2000
heap
page read and write
34AD000
stack
page read and write
11D0000
heap
page read and write
6892000
trusted library allocation
page read and write
5189000
heap
page read and write
2CCA000
direct allocation
page execute and read and write
4A2000
remote allocation
page execute and read and write
1300000
unkown
page readonly
7B42B7E000
stack
page read and write
1D98000
trusted library allocation
page read and write
11F5000
heap
page read and write
21D7E000
stack
page read and write
52CF000
stack
page read and write
4CF1000
heap
page read and write
1D91B000
heap
page read and write
17E4000
unkown
page readonly
1D912000
heap
page read and write
4C2000
unkown
page write copy
327F000
stack
page read and write
199CE350000
trusted library allocation
page read and write
5980000
heap
page execute and read and write
58BE000
stack
page read and write
272AD000
heap
page read and write
2C19000
trusted library allocation
page read and write
17C8000
stack
page read and write
B5D000
unkown
page execute and read and write
15FE000
heap
page read and write
271C000
direct allocation
page read and write
B20000
remote allocation
page read and write
C7D000
unkown
page write copy
125E000
heap
page read and write
1120000
trusted library allocation
page read and write
1D91B000
heap
page read and write
11BB000
heap
page read and write
1535000
heap
page read and write
F20000
unkown
page readonly
4CF1000
heap
page read and write
1D918000
heap
page read and write
A86000
unkown
page readonly
7B428FE000
unkown
page readonly
BA8000
heap
page read and write
26A4000
direct allocation
page read and write
4FD000
remote allocation
page execute and read and write
6590000
trusted library allocation
page execute and read and write
5F20000
heap
page read and write
5E04000
heap
page read and write
1390000
trusted library allocation
page read and write
FC1DFFE000
stack
page read and write
4C8000
unkown
page readonly
4E6D000
stack
page read and write
408F000
stack
page read and write
483E000
stack
page read and write
3D0D000
stack
page read and write
241A000
direct allocation
page read and write
30B0000
trusted library allocation
page read and write
183E000
stack
page read and write
4CF1000
heap
page read and write
7120000
trusted library allocation
page read and write
523F000
stack
page read and write
574F000
stack
page read and write
1150000
heap
page read and write
2F07000
trusted library allocation
page read and write
6540000
trusted library allocation
page read and write
6580000
trusted library allocation
page read and write
9E8000
stack
page read and write
604E000
stack
page read and write
3CC0000
heap
page read and write
27220000
heap
page read and write
4CE0000
direct allocation
page read and write
2400000
direct allocation
page read and write
634000
heap
page read and write
1414000
trusted library allocation
page read and write
1223000
stack
page read and write
140CE2000
unkown
page read and write
1290000
direct allocation
page read and write
5350000
trusted library allocation
page execute and read and write
5371000
heap
page read and write
5B90000
trusted library allocation
page read and write
4DEE000
trusted library allocation
page read and write
1EC5AB02000
trusted library allocation
page read and write
184A000
direct allocation
page read and write
1D91B000
heap
page read and write
7B42AFE000
unkown
page readonly
106D000
trusted library allocation
page execute and read and write
4CF1000
heap
page read and write
26AE000
direct allocation
page read and write
61ED0000
direct allocation
page read and write
5DAE000
stack
page read and write
1EC5AA90000
heap
page read and write
F00000
heap
page read and write
283F000
stack
page read and write
169E000
stack
page read and write
562E000
stack
page read and write
2B63000
trusted library allocation
page read and write
10000
unkown
page readonly
1810000
direct allocation
page read and write
1EC5AA38000
heap
page read and write
4ACA000
heap
page read and write
1D8FF000
heap
page read and write
5EDE000
stack
page read and write
2E6D000
trusted library allocation
page read and write
4738000
trusted library allocation
page read and write
1120000
heap
page execute and read and write
6867000
trusted library allocation
page read and write
25B0000
direct allocation
page read and write
29A91000
heap
page read and write
59C4000
direct allocation
page read and write
1420000
trusted library allocation
page read and write
1D91F000
heap
page read and write
A7D000
unkown
page readonly
3091000
trusted library allocation
page read and write
53D0000
trusted library allocation
page execute and read and write
27D0000
direct allocation
page read and write
1932000
direct allocation
page read and write
57C0000
heap
page read and write
3130000
direct allocation
page read and write
1840000
trusted library allocation
page read and write
4A3F000
stack
page read and write
1AC4000
trusted library allocation
page read and write
2110000
trusted library allocation
page read and write
790000
heap
page execute and read and write
1090000
trusted library allocation
page read and write
1E00000
heap
page read and write
8CC1000
heap
page read and write
644E000
stack
page read and write
1577000
heap
page read and write
C7A000
unkown
page write copy
1AD3000
trusted library allocation
page read and write
900000
heap
page read and write
3D68000
heap
page read and write
43E1000
trusted library allocation
page read and write
9B0000
unkown
page readonly
71D0000
trusted library allocation
page execute and read and write
68BAF000
unkown
page readonly
270E000
direct allocation
page read and write
27DC000
direct allocation
page read and write
39CF000
trusted library allocation
page read and write
1700000
trusted library allocation
page read and write
3B3F000
stack
page read and write
1255000
heap
page read and write
16E0000
trusted library allocation
page read and write
FC1D87B000
stack
page read and write
714000
heap
page read and write
800000
heap
page read and write
2412000
direct allocation
page read and write
2F00000
trusted library allocation
page read and write
27AE000
direct allocation
page read and write
2502000
direct allocation
page read and write
1074000
trusted library allocation
page read and write
FC1E4FE000
unkown
page readonly
1ACCC000
stack
page read and write
460000
heap
page read and write
1370000
heap
page read and write
2780000
direct allocation
page read and write
3675000
trusted library allocation
page read and write
9B3ABCD000
stack
page read and write
47FF000
stack
page read and write
172F000
stack
page read and write
1445000
heap
page read and write
49E1000
heap
page read and write
46DE000
stack
page read and write
842000
unkown
page readonly
68BF5000
unkown
page readonly
1A40000
heap
page read and write
1EC5AB15000
trusted library allocation
page read and write
5470000
heap
page read and write
4CF1000
heap
page read and write
70B000
heap
page read and write
137E000
heap
page read and write
2F03000
trusted library allocation
page read and write
23F0000
heap
page read and write
2CAD000
stack
page read and write
32AE000
stack
page read and write
1400000
trusted library allocation
page read and write
A90000
remote allocation
page read and write
171D000
unkown
page read and write
199CE50E000
heap
page read and write
1717000
trusted library allocation
page execute and read and write
16E4000
trusted library allocation
page read and write
6EF0000
heap
page read and write
1D900000
heap
page read and write
10C0000
trusted library allocation
page read and write
58DE000
stack
page read and write
246E000
stack
page read and write
5634000
trusted library allocation
page read and write
7B42CFE000
unkown
page readonly
56D0000
trusted library allocation
page read and write
19E1000
heap
page read and write
490B000
stack
page read and write
1EC5A820000
heap
page read and write
4CF1000
heap
page read and write
20F2000
direct allocation
page read and write
2FD0000
heap
page read and write
CF9000
stack
page read and write
1D60E000
stack
page read and write
5444000
trusted library allocation
page read and write
5ACD000
direct allocation
page read and write
1D904000
heap
page read and write
2D51000
trusted library allocation
page read and write
2B58000
trusted library allocation
page read and write
3EFF000
stack
page read and write
1D904000
heap
page read and write
13E5000
heap
page read and write
BAA000
heap
page read and write
24E8000
direct allocation
page read and write
2DE80000
heap
page read and write
55B000
heap
page read and write
1D8EA000
heap
page read and write
18D8000
direct allocation
page read and write
40B000
unkown
page read and write
3801000
trusted library allocation
page read and write
4E90000
trusted library allocation
page execute and read and write
24EBE070000
trusted library allocation
page read and write
139E000
stack
page read and write
AE6000
unkown
page readonly
1850000
direct allocation
page read and write
9CE000
stack
page read and write
11D0000
heap
page read and write
1D8F6000
heap
page read and write
17E4000
unkown
page readonly
107D000
trusted library allocation
page execute and read and write
BAC000
stack
page read and write
CE0000
unkown
page readonly
1E70000
heap
page read and write
9B1000
unkown
page execute read
24D6000
direct allocation
page read and write
18A0000
direct allocation
page read and write
5B2E000
stack
page read and write
A0C000
heap
page read and write
4CF1000
heap
page read and write
5E0000
trusted library allocation
page read and write
180A000
direct allocation
page read and write
29A50000
heap
page read and write
2E00000
trusted library allocation
page read and write
2A50000
heap
page read and write
2F35000
trusted library allocation
page read and write
9E0000
heap
page read and write
1710000
trusted library allocation
page read and write
B13000
heap
page read and write
B20000
heap
page read and write
123B000
heap
page read and write
2D1E000
heap
page read and write
7B41CF7000
stack
page read and write
377F000
stack
page read and write
190C000
direct allocation
page read and write
1C0A0000
heap
page read and write
6895000
trusted library allocation
page read and write
590000
heap
page read and write
3E0E000
stack
page read and write
25C0000
trusted library allocation
page read and write
CD6000
unkown
page read and write
5CEE000
stack
page read and write
37DE000
stack
page read and write
5AD000
remote allocation
page execute and read and write
1864000
direct allocation
page read and write
F9B000
stack
page read and write
2712000
direct allocation
page read and write
2EF8000
trusted library allocation
page read and write
217E000
stack
page read and write
17F0000
heap
page read and write
D05000
unkown
page readonly
4E42000
trusted library allocation
page read and write
5790000
trusted library section
page read and write
13F5000
heap
page read and write
F70000
heap
page read and write
199CE454000
heap
page read and write
4CF1000
heap
page read and write
1D904000
heap
page read and write
5DE000
unkown
page read and write
2F43000
trusted library allocation
page read and write
1390000
trusted library allocation
page read and write
266C000
stack
page read and write
3CC2000
trusted library allocation
page read and write
1A45000
heap
page read and write
62DE000
trusted library allocation
page read and write
1179000
heap
page read and write
2F7B000
trusted library allocation
page read and write
211B0000
heap
page read and write
910000
heap
page read and write
199CE600000
trusted library allocation
page read and write
148E000
stack
page read and write
228C0000
heap
page read and write
62B0000
trusted library allocation
page read and write
199C9E20000
trusted library allocation
page read and write
211A9000
heap
page read and write
1912000
direct allocation
page read and write
26FF000
direct allocation
page read and write
50CF000
trusted library allocation
page read and write
10E1000
heap
page read and write
F90000
heap
page read and write
51DB000
trusted library allocation
page read and write
2710000
direct allocation
page read and write
1D8EA000
heap
page read and write
109B000
trusted library allocation
page execute and read and write
2E25000
heap
page read and write
13B0000
heap
page read and write
2F77000
trusted library allocation
page read and write
2128000
direct allocation
page read and write
5F00000
heap
page read and write
4CF1000
heap
page read and write
6B8000
heap
page read and write
172D000
stack
page read and write
3441000
trusted library allocation
page read and write
4CF1000
heap
page read and write
6278000
trusted library allocation
page read and write
226D000
stack
page read and write
2C2C000
trusted library allocation
page read and write
529B000
unkown
page read and write
AFF000
unkown
page execute and read and write
1031D000
stack
page read and write
68A02000
unkown
page readonly
2261A000
direct allocation
page readonly
1A50000
direct allocation
page read and write
7B42DFE000
unkown
page readonly
7B42FFE000
stack
page read and write
14A0000
heap
page read and write
1380000
trusted library allocation
page read and write
3261000
trusted library allocation
page read and write
950000
heap
page read and write
27D2000
direct allocation
page read and write
5430000
trusted library section
page readonly
5ACF000
direct allocation
page read and write
1E30000
trusted library allocation
page execute and read and write
2090000
direct allocation
page read and write
538F000
stack
page read and write
1C052000
heap
page read and write
91A000
heap
page read and write
18D0000
direct allocation
page read and write
2BAD000
stack
page read and write
47DF000
stack
page read and write
199CE491000
heap
page read and write
24EBDA13000
heap
page read and write
2FC4000
trusted library allocation
page read and write
1D8FE000
heap
page read and write
16CD000
unkown
page write copy
13A0000
heap
page read and write
2BDF000
stack
page read and write
16C4000
unkown
page write copy
341F000
stack
page read and write
1A8C000
stack
page read and write
5F8000
unkown
page execute and write copy
1330000
heap
page read and write
1707000
trusted library allocation
page execute and read and write
46C0000
heap
page read and write
4CF1000
heap
page read and write
BC0000
heap
page read and write
61E000
heap
page read and write
21DC0000
heap
page read and write
1D91D000
heap
page read and write
1D91F000
heap
page read and write
403F000
stack
page read and write
3D51000
trusted library allocation
page read and write
85C000
stack
page read and write
1B80000
heap
page read and write
3200000
heap
page execute and read and write
AC0000
trusted library allocation
page read and write
2DA8000
heap
page read and write
2DE7B000
stack
page read and write
3680000
trusted library allocation
page read and write
5EEE000
stack
page read and write
18F0000
direct allocation
page read and write
2D7B000
heap
page read and write
B51000
unkown
page execute and read and write
EE0000
heap
page read and write
51D4000
trusted library allocation
page read and write
5AD1000
direct allocation
page read and write
23B0000
direct allocation
page read and write
148B000
heap
page read and write
56C0000
heap
page read and write
4CE0000
direct allocation
page read and write
2490000
heap
page read and write
4CF1000
heap
page read and write
A84000
unkown
page readonly
DB0000
trusted library allocation
page read and write
400000
unkown
page readonly
1A7B000
heap
page read and write
1EC5A800000
heap
page read and write
2EBB000
trusted library allocation
page read and write
760E000
stack
page read and write
63F000
remote allocation
page execute and read and write
4CF1000
heap
page read and write
2C50000
trusted library allocation
page read and write
725E000
stack
page read and write
20C0000
direct allocation
page read and write
123C000
stack
page read and write
1D900000
heap
page read and write
320F000
stack
page read and write
27C0000
heap
page read and write
2B79000
trusted library allocation
page read and write
DB7000
trusted library allocation
page execute and read and write
68C4000
trusted library allocation
page read and write
1D8F9000
heap
page read and write
B60000
unkown
page execute and read and write
1D7AE000
stack
page read and write
7C0000
direct allocation
page read and write
373F000
stack
page read and write
13E000
stack
page read and write
140A0C000
unkown
page read and write
1527000
heap
page read and write
18DA000
direct allocation
page read and write
E70000
heap
page read and write
1572000
heap
page read and write
60F0000
trusted library allocation
page read and write
7B42EFE000
unkown
page readonly
774E000
stack
page read and write
2024000
direct allocation
page read and write
243E000
direct allocation
page read and write
4CF1000
heap
page read and write
7260000
trusted library allocation
page read and write
176C000
unkown
page read and write
AD6000
trusted library allocation
page execute and read and write
199CE3F0000
trusted library allocation
page read and write
21EE000
stack
page read and write
BE0000
heap
page read and write
62C1000
trusted library allocation
page read and write
1A89000
heap
page read and write
4A7E000
stack
page read and write
1D904000
heap
page read and write
9B3B2FA000
stack
page read and write
22C1000
heap
page read and write
12AB000
heap
page read and write
43C000
remote allocation
page execute and read and write
5F4000
unkown
page execute and write copy
3DFE000
stack
page read and write
326E000
stack
page read and write
10D8000
heap
page read and write
2794000
direct allocation
page read and write
460000
heap
page read and write
1D91B000
heap
page read and write
52FE000
stack
page read and write
F30000
heap
page read and write
156B000
trusted library allocation
page execute and read and write
1D920000
heap
page read and write
10E4000
unkown
page execute and read and write
1D8F2000
heap
page read and write
2876000
trusted library allocation
page read and write
115C000
heap
page read and write
3670000
trusted library allocation
page read and write
1092000
trusted library allocation
page read and write
BFB000
stack
page read and write
18E6000
direct allocation
page read and write
1547000
heap
page read and write
1745000
unkown
page read and write
5B8E000
stack
page read and write
2F9A000
trusted library allocation
page read and write
5D0000
heap
page read and write
10D0000
heap
page read and write
C7A000
unkown
page read and write
55C0000
heap
page execute and read and write
222F000
stack
page read and write
199CE310000
trusted library allocation
page read and write
836E000
stack
page read and write
2E33000
heap
page read and write
A9C000
unkown
page execute and read and write
68BF5000
unkown
page readonly
1112000
heap
page read and write
452000
remote allocation
page execute and read and write
18C5000
heap
page read and write
309A000
trusted library allocation
page read and write
10AA000
heap
page read and write
8C90000
heap
page read and write
353E000
stack
page read and write
860000
unkown
page read and write
3280000
heap
page read and write
352E000
heap
page read and write
1DF0000
heap
page read and write
DF0000
heap
page read and write
5D60000
heap
page read and write
2F54000
trusted library allocation
page read and write
4CF1000
heap
page read and write
24EBD9E0000
heap
page read and write
F00000
heap
page read and write
1082000
trusted library allocation
page read and write
199C8EA1000
heap
page read and write
ECE000
unkown
page readonly
E10000
heap
page read and write
4CE0000
direct allocation
page read and write
42FE000
stack
page read and write
199CE660000
trusted library allocation
page read and write
BA2000
stack
page read and write
4DB1000
trusted library allocation
page read and write
68C0000
trusted library allocation
page read and write
23ED000
stack
page read and write
AD0000
heap
page read and write
199C95F0000
trusted library allocation
page read and write
1B90000
direct allocation
page read and write
2EE1000
trusted library allocation
page read and write
7F4B0000
trusted library allocation
page execute and read and write
2DFE000
heap
page read and write
2F11000
trusted library allocation
page read and write
140000000
unkown
page readonly
788F000
stack
page read and write
13DB000
heap
page read and write
26E4000
direct allocation
page read and write
7B4287E000
stack
page read and write
2504000
direct allocation
page read and write
61E00000
direct allocation
page execute and read and write
10001000
unkown
page execute read
27AA000
direct allocation
page read and write
2C81000
trusted library allocation
page read and write
2C40000
trusted library allocation
page read and write
6B0000
unkown
page readonly
223D8000
direct allocation
page execute read
155E000
stack
page read and write
53AF000
stack
page read and write
20D8000
direct allocation
page read and write
A90000
remote allocation
page read and write
18BE000
stack
page read and write
2A88000
direct allocation
page read and write
199CE331000
trusted library allocation
page read and write
1567000
trusted library allocation
page execute and read and write
199C9602000
heap
page read and write
4C97000
trusted library allocation
page read and write
89C000
stack
page read and write
60FE000
stack
page read and write
68BEE000
unkown
page read and write
17D5000
unkown
page readonly
4805000
trusted library allocation
page read and write
4801000
trusted library allocation
page read and write
550E000
stack
page read and write
148E000
stack
page read and write
24D2000
direct allocation
page read and write
1060000
trusted library allocation
page read and write
4DB000
unkown
page readonly
785E000
stack
page read and write
2DBD000
stack
page read and write
401000
unkown
page execute read
229DD000
stack
page read and write
5430000
trusted library allocation
page read and write
1C2AC000
stack
page read and write
199CE4CB000
heap
page read and write
E9E000
unkown
page readonly
1390000
heap
page read and write
4CF1000
heap
page read and write
2F83000
trusted library allocation
page read and write
1AC3000
trusted library allocation
page execute and read and write
1814000
direct allocation
page read and write
1730000
heap
page read and write
29A93000
heap
page read and write
51FD000
trusted library allocation
page read and write
2482000
direct allocation
page read and write
2EB0000
heap
page read and write
1D45000
heap
page read and write
2CFC000
heap
page read and write
6275000
trusted library allocation
page read and write
1207000
heap
page read and write
363E000
stack
page read and write
10A0000
trusted library allocation
page read and write
5150000
heap
page read and write
141968000
unkown
page readonly
68BF0000
unkown
page read and write
79A0000
trusted library allocation
page read and write
5340000
trusted library allocation
page execute and read and write
10ED000
heap
page read and write
50E0000
trusted library allocation
page execute and read and write
1D8EC000
heap
page read and write
2874000
direct allocation
page read and write
171B000
trusted library allocation
page execute and read and write
24EE000
direct allocation
page read and write
29C06000
heap
page read and write
135F000
stack
page read and write
11F1000
heap
page read and write
1D40000
heap
page read and write
199CE330000
trusted library allocation
page read and write
F45000
heap
page read and write
4D9B000
trusted library allocation
page read and write
A50000
heap
page read and write
19C7000
heap
page read and write
21AFF000
stack
page read and write
199C8E8D000
heap
page read and write
170A000
trusted library allocation
page execute and read and write
24EBDB02000
heap
page read and write
61ECC000
direct allocation
page read and write
E4A000
unkown
page readonly
199CE400000
heap
page read and write
4A53000
heap
page read and write
1812000
direct allocation
page read and write
53AE000
stack
page read and write
16CA000
unkown
page write copy
5BEE000
stack
page read and write
5FED000
stack
page read and write
2370000
trusted library allocation
page execute and read and write
7B4172B000
stack
page read and write
63E000
remote allocation
page execute and read and write
57E000
remote allocation
page execute and read and write
1314000
unkown
page readonly
74F000
stack
page read and write
199C9F30000
trusted library section
page readonly
35B7000
heap
page read and write
22B1000
trusted library allocation
page read and write
1D904000
heap
page read and write
1073000
trusted library allocation
page read and write
400000
remote allocation
page execute and read and write
689ED000
unkown
page readonly
1B120000
heap
page read and write
2788000
direct allocation
page read and write
4CF1000
heap
page read and write
401000
unkown
page execute read
4A7000
remote allocation
page execute and read and write
32B1000
trusted library allocation
page read and write
4D7E000
stack
page read and write
2F81000
trusted library allocation
page read and write
91F000
stack
page read and write
310D000
stack
page read and write
2F13000
trusted library allocation
page read and write
1EC5AB24000
heap
page read and write
1210000
trusted library allocation
page read and write
1561000
heap
page read and write
1030000
heap
page read and write
1010000
heap
page read and write
4CF1000
heap
page read and write
1127000
trusted library allocation
page execute and read and write
52A0000
heap
page read and write
7B42D7E000
stack
page read and write
14EA000
heap
page read and write
327E000
stack
page read and write
2F45000
trusted library allocation
page read and write
20D0000
trusted library allocation
page read and write
BA9000
stack
page read and write
5F9000
heap
page read and write
2714000
direct allocation
page read and write
29C03000
heap
page read and write
59B8000
direct allocation
page read and write
199C8E74000
heap
page read and write
199CE6C0000
remote allocation
page read and write
57C5000
heap
page read and write
199CE360000
trusted library allocation
page read and write
199C971A000
heap
page read and write
18BC000
direct allocation
page read and write
3A3E000
stack
page read and write
2C0A000
trusted library allocation
page read and write
7FED000
stack
page read and write
7B42E7E000
stack
page read and write
140CE8000
unkown
page execute read
1CD0000
heap
page read and write
49A000
unkown
page write copy
1212000
heap
page read and write
12B0000
heap
page read and write
C0D000
unkown
page execute and read and write
1EC5AAD7000
heap
page read and write
79F000
stack
page read and write
1D8D6000
heap
page read and write
6270000
trusted library allocation
page read and write
13B0000
direct allocation
page read and write
4CF1000
heap
page read and write
249A000
direct allocation
page read and write
2F79000
trusted library allocation
page read and write
539E000
stack
page read and write
5220000
heap
page execute and read and write
76E000
stack
page read and write
24F6000
direct allocation
page read and write
499000
unkown
page read and write
1130000
trusted library allocation
page read and write
2C2F000
trusted library allocation
page read and write
3502000
heap
page read and write
2420000
direct allocation
page read and write
1900000
direct allocation
page read and write
124F000
heap
page read and write
1EC5AAD6000
heap
page read and write
10002000
unkown
page readonly
5E0000
heap
page read and write
ABD000
unkown
page readonly
1D8F9000
heap
page read and write
2FC6000
trusted library allocation
page read and write
62BB000
trusted library allocation
page read and write
244E000
direct allocation
page read and write
855000
heap
page read and write
71A000
heap
page read and write
2038000
direct allocation
page read and write
224FF000
stack
page read and write
1321000
unkown
page readonly
18C1000
trusted library allocation
page read and write
630E000
trusted library allocation
page read and write
70F8000
trusted library allocation
page read and write
225E000
stack
page read and write
9E0000
unkown
page readonly
2A5A000
heap
page read and write
28AE000
stack
page read and write
1D904000
heap
page read and write
199C9615000
heap
page read and write
2020000
direct allocation
page read and write
68BF0000
unkown
page read and write
102DF000
stack
page read and write
51F6000
trusted library allocation
page read and write
2536000
direct allocation
page read and write
2404000
direct allocation
page read and write
4CF1000
heap
page read and write
5E6A000
trusted library allocation
page read and write
1862000
direct allocation
page read and write
420000
heap
page read and write
E90000
heap
page read and write
1C06D000
heap
page read and write
1A30000
heap
page read and write
199CE41F000
heap
page read and write
1D8EA000
heap
page read and write
4CE0000
direct allocation
page read and write
2B20000
direct allocation
page read and write
1250000
heap
page read and write
1730000
heap
page read and write
400000
unkown
page execute and read and write
1EF0000
direct allocation
page read and write
2EFC000
trusted library allocation
page read and write
4E7000
unkown
page readonly
20E8000
direct allocation
page read and write
689FE000
unkown
page read and write
7410000
heap
page read and write
4CF1000
heap
page read and write
2C22000
trusted library allocation
page read and write
2D0E000
stack
page read and write
689ED000
unkown
page readonly
58E0000
direct allocation
page read and write
58C0000
trusted library section
page read and write
2C40000
heap
page execute and read and write
770000
trusted library allocation
page execute and read and write
3DCE000
heap
page read and write
24EBD8E0000
heap
page read and write
1EB000
stack
page read and write
2D65000
trusted library allocation
page read and write
9B0000
unkown
page readonly
137B000
heap
page read and write
1D80000
direct allocation
page read and write
1090000
trusted library allocation
page read and write
377E000
stack
page read and write
4CF1000
heap
page read and write
1063000
trusted library allocation
page execute and read and write
12A0000
trusted library allocation
page execute and read and write
57B0000
heap
page read and write
1C8F000
stack
page read and write
2CC3000
trusted library allocation
page read and write
18E4000
trusted library allocation
page read and write
1B60000
heap
page read and write
6860000
trusted library allocation
page read and write
5360000
heap
page read and write
9E3000
stack
page read and write
CBE000
unkown
page read and write
1D4CF000
stack
page read and write
5710000
heap
page read and write
2F32000
trusted library allocation
page read and write
5440000
heap
page read and write
FC0000
heap
page read and write
2445000
trusted library allocation
page execute and read and write
1140000
trusted library allocation
page read and write
13B8000
heap
page read and write
ACD000
trusted library allocation
page execute and read and write
5E4000
trusted library allocation
page read and write
2F30000
trusted library allocation
page read and write
176E000
stack
page read and write
1560000
trusted library allocation
page read and write
1C673000
heap
page read and write
4D3F000
stack
page read and write
AD2000
trusted library allocation
page read and write
2DA2000
heap
page read and write
2130000
trusted library allocation
page read and write
1230000
trusted library allocation
page read and write
6390000
trusted library allocation
page read and write
187A000
direct allocation
page read and write
7B41EFE000
stack
page read and write
4C65000
trusted library allocation
page read and write
F36000
unkown
page execute and read and write
4CE0000
direct allocation
page read and write
5140000
trusted library allocation
page read and write
1B225000
heap
page read and write
1D8F1000
heap
page read and write
17B0000
heap
page read and write
8C9B000
heap
page read and write
2533000
direct allocation
page read and write
52A000
stack
page read and write
780000
trusted library allocation
page read and write
18AE000
stack
page read and write
529E000
stack
page read and write
3632000
trusted library allocation
page read and write
1780000
heap
page execute and read and write
2E33000
heap
page read and write
4CF1000
heap
page read and write
7B427FE000
unkown
page readonly
EF0000
heap
page read and write
62F0000
trusted library allocation
page read and write
1C0BE000
heap
page read and write
65B0000
trusted library allocation
page execute and read and write
1D8FE000
heap
page read and write
1A5CF000
stack
page read and write
533E000
stack
page read and write
4DC2000
trusted library allocation
page read and write
407E000
stack
page read and write
325E000
stack
page read and write
279C000
direct allocation
page read and write
2BF0000
trusted library allocation
page execute and read and write
4F6F000
stack
page read and write
199CE50A000
heap
page read and write
100E000
stack
page read and write
199CE502000
heap
page read and write
5C9000
heap
page read and write
846E000
stack
page read and write
1138000
trusted library allocation
page read and write
16CB000
stack
page read and write
400000
unkown
page readonly
5AD5000
direct allocation
page read and write
27CE000
direct allocation
page read and write
61A0000
trusted library allocation
page execute and read and write
26A8000
direct allocation
page read and write
157C000
heap
page read and write
DBD000
stack
page read and write
2C43000
trusted library allocation
page read and write
1D24F000
stack
page read and write
58E0000
heap
page read and write
1EC5AD00000
heap
page read and write
236F000
stack
page read and write
4F4E000
stack
page read and write
4CF1000
heap
page read and write
251C000
direct allocation
page read and write
2438000
direct allocation
page read and write
CDF000
unkown
page write copy
3DBF000
stack
page read and write
161C000
heap
page read and write
18D2000
direct allocation
page read and write
FBA000
unkown
page readonly
177D000
unkown
page readonly
443E000
stack
page read and write
373F000
trusted library allocation
page read and write
2E51000
trusted library allocation
page read and write
1D8FB000
heap
page read and write
12000
unkown
page readonly
1050000
trusted library allocation
page read and write
18F0000
heap
page read and write
5670000
trusted library allocation
page read and write
5F6000
unkown
page execute and write copy
1321000
unkown
page readonly
1AF6E000
stack
page read and write
199CE461000
heap
page read and write
3D85000
heap
page read and write
2BBF000
stack
page read and write
46A000
remote allocation
page execute and read and write
4CF1000
heap
page read and write
71CE000
stack
page read and write
2D61000
trusted library allocation
page read and write
7110000
trusted library allocation
page execute and read and write
401000
unkown
page execute read
1310000
heap
page read and write
1D8FB000
heap
page read and write
20E4000
trusted library allocation
page read and write
3310000
heap
page read and write
3E51000
trusted library allocation
page read and write
1DFA000
heap
page read and write
2F9D000
trusted library allocation
page read and write
2446000
trusted library allocation
page read and write
4265000
trusted library allocation
page read and write
5ACB000
direct allocation
page read and write
24A6000
direct allocation
page read and write
1DA0E000
stack
page read and write
1FB000
stack
page read and write
2D11000
heap
page read and write
1BF0000
heap
page read and write
EDE000
stack
page read and write
A62000
unkown
page readonly
199CE670000
trusted library allocation
page read and write
1898000
direct allocation
page read and write
2C95000
trusted library allocation
page read and write
1D904000
heap
page read and write
34FD000
heap
page read and write
96E000
stack
page read and write
AFC000
stack
page read and write
3096000
trusted library allocation
page read and write
17AD000
stack
page read and write
E95000
heap
page read and write
764E000
stack
page read and write
AF3000
unkown
page execute and read and write
4EC0000
heap
page read and write
65E000
heap
page read and write
2E69000
trusted library allocation
page read and write
2D50000
heap
page read and write
6F17000
heap
page read and write
1DDE000
stack
page read and write
126C000
heap
page read and write
1D912000
heap
page read and write
2F60000
trusted library allocation
page read and write
350E000
heap
page read and write
2C90000
heap
page execute and read and write
1256000
heap
page read and write
1818000
direct allocation
page read and write
2B2E000
stack
page read and write
1894000
direct allocation
page read and write
1D904000
heap
page read and write
2790000
direct allocation
page read and write
14F4F000
stack
page read and write
1B0AF000
stack
page read and write
FC1E2FE000
unkown
page readonly
19B0000
heap
page read and write
D05000
unkown
page readonly
122F000
heap
page read and write
68970000
unkown
page readonly
4CF1000
heap
page read and write
4CF1000
heap
page read and write
33E5000
trusted library allocation
page execute and read and write
24A0000
heap
page read and write
2FB1000
trusted library allocation
page read and write
199CE3F0000
trusted library allocation
page read and write
140CAB000
unkown
page readonly
1124000
heap
page read and write
9B1000
unkown
page execute read
B20000
remote allocation
page read and write
68971000
unkown
page execute read
268C000
direct allocation
page read and write
15CE000
stack
page read and write
32000
unkown
page readonly
AA0000
heap
page read and write
1884000
direct allocation
page read and write
122D000
stack
page read and write
5290000
trusted library allocation
page execute and read and write
2299D000
direct allocation
page read and write
1EC5AD13000
heap
page read and write
134D000
unkown
page readonly
4CF1000
heap
page read and write
2796000
direct allocation
page read and write
16D0000
trusted library allocation
page read and write
4CE0000
direct allocation
page read and write
624E000
stack
page read and write
1B10000
trusted library allocation
page read and write
520F000
heap
page read and write
A8F000
unkown
page readonly
FC1E1FC000
stack
page read and write
EF6000
stack
page read and write
199CE320000
trusted library allocation
page read and write
1203000
trusted library allocation
page execute and read and write
199C8E96000
heap
page read and write
109A000
heap
page read and write
5F10000
heap
page read and write
2BA4000
trusted library allocation
page read and write
6B1000
unkown
page execute read
5310000
direct allocation
page execute and read and write
5AD3000
direct allocation
page read and write
7210000
trusted library allocation
page read and write
5D5E000
stack
page read and write
4CF1000
heap
page read and write
3D98000
heap
page read and write
3D79000
trusted library allocation
page read and write
1385000
trusted library allocation
page read and write
9CA000
heap
page read and write
64C000
heap
page read and write
401000
unkown
page execute read
7B431F9000
stack
page read and write
2D6F000
stack
page read and write
68A8000
trusted library allocation
page read and write
33AF000
stack
page read and write
1D904000
heap
page read and write
5D2E000
stack
page read and write
1140000
heap
page read and write
24B0000
direct allocation
page read and write
467F000
stack
page read and write
18A8000
direct allocation
page read and write
29BFB000
heap
page read and write
46BE000
stack
page read and write
4835000
heap
page read and write
1EC5AD02000
heap
page read and write
37F0000
heap
page execute and read and write
27B8000
direct allocation
page read and write
3752000
trusted library allocation
page read and write
53C2000
trusted library allocation
page read and write
2D8C000
heap
page read and write
1289D000
stack
page read and write
18CC000
direct allocation
page read and write
28E4000
trusted library allocation
page read and write
2C7E000
trusted library allocation
page read and write
199C8EFF000
heap
page read and write
DB2000
trusted library allocation
page read and write
520C000
heap
page read and write
FA1000
heap
page read and write
560000
direct allocation
page execute and read and write
2260000
direct allocation
page read and write
2B71000
trusted library allocation
page read and write
2FC8000
trusted library allocation
page read and write
199C971A000
heap
page read and write
DF0000
heap
page read and write
199C8E7D000
heap
page read and write
2E02000
heap
page read and write
DC0000
heap
page read and write
308E000
stack
page read and write
4DAE000
trusted library allocation
page read and write
2E0C000
trusted library allocation
page read and write
24DC000
direct allocation
page read and write
2ED3000
trusted library allocation
page read and write
F6E000
stack
page read and write
27C4000
direct allocation
page read and write
31D0000
heap
page execute and read and write
2C16000
trusted library allocation
page read and write
4D1000
remote allocation
page execute and read and write
7B41DFE000
unkown
page readonly
6530000
trusted library allocation
page read and write
30CA000
heap
page read and write
463000
remote allocation
page execute and read and write
1767000
unkown
page read and write
12E1000
unkown
page readonly
1EC5AADA000
heap
page read and write
1D3CE000
stack
page read and write
4CBF000
stack
page read and write
18F4000
direct allocation
page read and write
111E000
stack
page read and write
2408000
direct allocation
page read and write
1928000
direct allocation
page read and write
5376000
heap
page read and write
1110000
heap
page read and write
22ADF000
stack
page read and write
2F7D000
trusted library allocation
page read and write
2EF4000
trusted library allocation
page read and write
6300000
trusted library allocation
page read and write
4CF1000
heap
page read and write
4CE0000
direct allocation
page read and write
1150000
trusted library allocation
page read and write
760E000
stack
page read and write
4CE0000
direct allocation
page read and write
689FE000
unkown
page read and write
3211000
trusted library allocation
page read and write
493E000
stack
page read and write
68BEE000
unkown
page read and write
1045000
heap
page read and write
47CD000
stack
page read and write
56B000
remote allocation
page execute and read and write
241E000
direct allocation
page read and write
3D0F000
heap
page read and write
4830000
heap
page read and write
5780000
trusted library allocation
page read and write
61ED3000
direct allocation
page read and write
1D91A000
heap
page read and write
E2C000
unkown
page execute and read and write
31B0000
trusted library allocation
page read and write
E3B000
stack
page read and write
8A0000
heap
page read and write
24EBDA40000
heap
page read and write
12A0000
direct allocation
page read and write
1014000
trusted library allocation
page read and write
1C5AC000
heap
page read and write
22612000
direct allocation
page read and write
5C5E000
stack
page read and write
4C4F000
stack
page read and write
24B6000
direct allocation
page read and write
15C1000
heap
page read and write
7032000
trusted library allocation
page read and write
240C000
direct allocation
page read and write
1D74C000
stack
page read and write
46AE000
stack
page read and write
7B420FB000
stack
page read and write
4CF1000
heap
page read and write
CAA000
unkown
page read and write
362E000
stack
page read and write
1120000
heap
page read and write
E20000
heap
page read and write
11A0000
heap
page read and write
967000
stack
page read and write
2CA2000
trusted library allocation
page read and write
2117000
trusted library allocation
page execute and read and write
1D00E000
stack
page read and write
4CF1000
heap
page read and write
B59000
stack
page read and write
1EC5AA13000
unkown
page read and write
1892000
direct allocation
page read and write
33DE000
stack
page read and write
810000
heap
page read and write
2298D000
direct allocation
page read and write
5B98000
trusted library allocation
page read and write
379D000
heap
page read and write
5DEE000
stack
page read and write
There are 2540 hidden memdumps, click here to show them.