IOC Report
SecuriteInfo.com.Win64.MalwareX-gen.9625.14443.exe

loading gif

Files

File Path
Type
Category
Malicious
SecuriteInfo.com.Win64.MalwareX-gen.9625.14443.exe
PE32+ executable (GUI) x86-64, for MS Windows
initial sample
 malicious
C:\Users\user\AppData\Local\Microsoft\WindowsApps\app.ps1
ASCII text, with CRLF line terminators
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\WindowsApps\app.vbs
ASCII text, with CRLF line terminators
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\WindowsApps\winApps.dll
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\iczy5vwk.cmdline
Unicode text, UTF-8 (with BOM) text, with very long lines (350), with no line terminators
dropped
 malicious
C:\Users\user\AppData\Local\Temp\iczy5vwk.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\spoxiyrj.dll
PE32 executable (DLL) (console) Intel 80386 Mono/.Net assembly, for MS Windows
dropped
 malicious
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_SecuriteInfo.com_e3e376607c938e89715eea1c279ea3dcb779c832_5e8777c1_815c6416-1c3f-4bf6-9db7-161d7dd68d33\Report.wer
Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB2E4.tmp.dmp
Mini DuMP crash report, 15 streams, Mon Oct 28 08:45:06 2024, 0x1205a4 type
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB46B.tmp.WERInternalMetadata.xml
XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
dropped
C:\ProgramData\Microsoft\Windows\WER\Temp\WERB49B.tmp.xml
XML 1.0 document, ASCII text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\WindowsApps\app.manifest
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
data
dropped
C:\Users\user\AppData\Local\Temp\CSC30DB8E40DC954A908A17CE354256952F.TMP
MSVC .res
dropped
C:\Users\user\AppData\Local\Temp\CSCD0EB64BB52C94309A29EE6B778E205.TMP
MSVC .res
dropped
C:\Users\user\AppData\Local\Temp\RESC35E.tmp
Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x482, 9 symbols, created Mon Oct 28 10:44:48 2024, 1st section name ".debug$S"
dropped
C:\Users\user\AppData\Local\Temp\RESDA71.tmp
Intel 80386 COFF object file, not stripped, 3 sections, symbol offset=0x482, 9 symbols, created Mon Oct 28 10:44:54 2024, 1st section name ".debug$S"
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_20l5d1go.eci.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4hbdnfi4.qe2.psm1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_k0crx5dw.v3i.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_qgf4ne14.mal.ps1
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\iczy5vwk.0.cs
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\iczy5vwk.out
Unicode text, UTF-8 (with BOM) text, with very long lines (429), with CRLF, CR line terminators
modified
C:\Users\user\AppData\Local\Temp\spoxiyrj.0.cs
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Temp\spoxiyrj.cmdline
Unicode text, UTF-8 (with BOM) text, with very long lines (350), with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\spoxiyrj.out
Unicode text, UTF-8 (with BOM) text, with very long lines (429), with CRLF, CR line terminators
modified
C:\Windows\appcompat\Programs\Amcache.hve
MS Windows registry file, NT/2000 or above
dropped
There are 17 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.9625.14443.exe
"C:\Users\user\Desktop\SecuriteInfo.com.Win64.MalwareX-gen.9625.14443.exe"
 malicious
C:\Windows\System32\wscript.exe
wscript.exe "C:\Users\user\AppData\Local\Microsoft\WindowsApps\app.vbs" "C:\Users\user\AppData\Local\Microsoft\WindowsApps\app.ps1"
 malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -WindowStyle Hidden -ExecutionPolicy Bypass -File "C:\Users\user\AppData\Local\Microsoft\WindowsApps\app.ps1"
 malicious
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\iczy5vwk.cmdline"
 malicious
C:\Windows\explorer.exe
C:\Windows\Explorer.EXE
 malicious
C:\Windows\System32\wscript.exe
wscript.exe "C:\Users\user\AppData\Local\Microsoft\WindowsApps\app.vbs" "C:\Users\user\AppData\Local\Microsoft\WindowsApps\app.ps1"
 malicious
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -WindowStyle Hidden -ExecutionPolicy Bypass -File "C:\Users\user\AppData\Local\Microsoft\WindowsApps\app.ps1"
 malicious
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe
"C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\user\AppData\Local\Temp\spoxiyrj.cmdline"
 malicious
C:\Windows\System32\WerFault.exe
C:\Windows\system32\WerFault.exe -u -p 3500 -s 592
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RESC35E.tmp" "c:\Users\user\AppData\Local\Temp\CSCD0EB64BB52C94309A29EE6B778E205.TMP"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\user\AppData\Local\Temp\RESDA71.tmp" "c:\Users\user\AppData\Local\Temp\CSC30DB8E40DC954A908A17CE354256952F.TMP"
There are 3 hidden processes, click here to show them.

URLs

Name
IP
Malicious
https://word.office.comon
unknown
http://www.autoitscript.com/autoit3/J
unknown
http://pesterbdd.com/images/Pester.png
unknown
http://www.apache.org/licenses/LICENSE-2.0.html
unknown
https://android.notify.windows.com/iOS
unknown
https://powerpoint.office.comcember
unknown
https://activity.windows.com/UserActivity.ReadWrite.CreatedByAppcrobat.exe
unknown
https://api.msn.com/
unknown
https://aka.ms/pscore68
unknown
https://excel.office.com
unknown
http://schemas.micro
unknown
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
unknown
http://crl.v
unknown
https://outlook.com
unknown
https://github.com/Pester/Pester
unknown
https://wns.windows.com/)s
unknown
There are 6 hidden URLs, click here to show them.

Registry

Path
Value
Malicious
\REGISTRY\A\{527ec7c2-5824-c45e-7b76-a2535984d80b}\Root\InventoryApplicationFile\securiteinfo.com|e920a12cbc8f84cc
ProgramId
\REGISTRY\A\{527ec7c2-5824-c45e-7b76-a2535984d80b}\Root\InventoryApplicationFile\securiteinfo.com|e920a12cbc8f84cc
FileId
\REGISTRY\A\{527ec7c2-5824-c45e-7b76-a2535984d80b}\Root\InventoryApplicationFile\securiteinfo.com|e920a12cbc8f84cc
LowerCaseLongPath
\REGISTRY\A\{527ec7c2-5824-c45e-7b76-a2535984d80b}\Root\InventoryApplicationFile\securiteinfo.com|e920a12cbc8f84cc
LongPathHash
\REGISTRY\A\{527ec7c2-5824-c45e-7b76-a2535984d80b}\Root\InventoryApplicationFile\securiteinfo.com|e920a12cbc8f84cc
Name
\REGISTRY\A\{527ec7c2-5824-c45e-7b76-a2535984d80b}\Root\InventoryApplicationFile\securiteinfo.com|e920a12cbc8f84cc
OriginalFileName
\REGISTRY\A\{527ec7c2-5824-c45e-7b76-a2535984d80b}\Root\InventoryApplicationFile\securiteinfo.com|e920a12cbc8f84cc
Publisher
\REGISTRY\A\{527ec7c2-5824-c45e-7b76-a2535984d80b}\Root\InventoryApplicationFile\securiteinfo.com|e920a12cbc8f84cc
Version
\REGISTRY\A\{527ec7c2-5824-c45e-7b76-a2535984d80b}\Root\InventoryApplicationFile\securiteinfo.com|e920a12cbc8f84cc
BinFileVersion
\REGISTRY\A\{527ec7c2-5824-c45e-7b76-a2535984d80b}\Root\InventoryApplicationFile\securiteinfo.com|e920a12cbc8f84cc
BinaryType
\REGISTRY\A\{527ec7c2-5824-c45e-7b76-a2535984d80b}\Root\InventoryApplicationFile\securiteinfo.com|e920a12cbc8f84cc
ProductName
\REGISTRY\A\{527ec7c2-5824-c45e-7b76-a2535984d80b}\Root\InventoryApplicationFile\securiteinfo.com|e920a12cbc8f84cc
ProductVersion
\REGISTRY\A\{527ec7c2-5824-c45e-7b76-a2535984d80b}\Root\InventoryApplicationFile\securiteinfo.com|e920a12cbc8f84cc
LinkDate
\REGISTRY\A\{527ec7c2-5824-c45e-7b76-a2535984d80b}\Root\InventoryApplicationFile\securiteinfo.com|e920a12cbc8f84cc
BinProductVersion
\REGISTRY\A\{527ec7c2-5824-c45e-7b76-a2535984d80b}\Root\InventoryApplicationFile\securiteinfo.com|e920a12cbc8f84cc
AppxPackageFullName
\REGISTRY\A\{527ec7c2-5824-c45e-7b76-a2535984d80b}\Root\InventoryApplicationFile\securiteinfo.com|e920a12cbc8f84cc
AppxPackageRelativeId
\REGISTRY\A\{527ec7c2-5824-c45e-7b76-a2535984d80b}\Root\InventoryApplicationFile\securiteinfo.com|e920a12cbc8f84cc
Size
\REGISTRY\A\{527ec7c2-5824-c45e-7b76-a2535984d80b}\Root\InventoryApplicationFile\securiteinfo.com|e920a12cbc8f84cc
Language
\REGISTRY\A\{527ec7c2-5824-c45e-7b76-a2535984d80b}\Root\InventoryApplicationFile\securiteinfo.com|e920a12cbc8f84cc
Usn
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.csv\OpenWithProgids
Excel.CSV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.doc\OpenWithProgids
Word.Document.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docm\OpenWithProgids
Word.DocumentMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.docx\OpenWithProgids
Word.Document.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dot\OpenWithProgids
Word.Template.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotm\OpenWithProgids
Word.TemplateMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dotx\OpenWithProgids
Word.Template.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.msg\OpenWithProgids
Outlook.File.msg.15
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odp\OpenWithProgids
PowerPoint.OpenDocumentPresentation.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ods\OpenWithProgids
Excel.OpenDocumentSpreadsheet.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.odt\OpenWithProgids
Word.OpenDocumentText.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pot\OpenWithProgids
PowerPoint.Template.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potm\OpenWithProgids
PowerPoint.TemplateMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.potx\OpenWithProgids
PowerPoint.Template.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppam\OpenWithProgids
PowerPoint.Addin.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsm\OpenWithProgids
PowerPoint.SlideShowMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppsx\OpenWithProgids
PowerPoint.SlideShow.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppt\OpenWithProgids
PowerPoint.Show.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptm\OpenWithProgids
PowerPoint.ShowMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pptx\OpenWithProgids
PowerPoint.Show.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rtf\OpenWithProgids
Word.RTF.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldm\OpenWithProgids
PowerPoint.SlideMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sldx\OpenWithProgids
PowerPoint.Slide.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vsto\OpenWithProgids
bootstrap.vsto.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlam\OpenWithProgids
Excel.AddInMacroEnabled
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xls\OpenWithProgids
Excel.Sheet.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsb\OpenWithProgids
Excel.SheetBinaryMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsm\OpenWithProgids
Excel.SheetMacroEnabled.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlsx\OpenWithProgids
Excel.Sheet.12
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xlt\OpenWithProgids
Excel.Template.8
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltm\OpenWithProgids
Excel.TemplateMacroEnabled
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xltx\OpenWithProgids
Excel.Template
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.zip\OpenWithProgids
Unpacker
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
Classes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
~reserved~
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102
CheckSetting
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\OpenWithProgids
WMP11.AssocFile.3G2
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\OpenWithProgids
WMP11.AssocFile.3GP
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aac\OpenWithProgids
WMP11.AssocFile.ADTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\OpenWithProgids
WMP11.AssocFile.AIFF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\OpenWithProgids
WMP11.AssocFile.ASF
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\OpenWithProgids
WMP11.AssocFile.ASX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\OpenWithProgids
WMP11.AssocFile.AU
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au3\OpenWithProgids
AutoIt3Script
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\OpenWithProgids
WMP11.AssocFile.AVI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\OpenWithProgids
Paint.Picture
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cab\OpenWithProgids
CABFolder
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cdxml\OpenWithProgids
Microsoft.PowerShellCmdletDefinitionXML.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.css\OpenWithProgids
CSSfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dds\OpenWithProgids
ddsfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dll\OpenWithProgids
dllfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\OpenWithProgids
emffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids
exefile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flac\OpenWithProgids
WMP11.AssocFile.FLAC
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fon\OpenWithProgids
fonfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\OpenWithProgids
giffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithProgids
htmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\OpenWithProgids
icofile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inf\OpenWithProgids
inffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ini\OpenWithProgids
inifile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\OpenWithProgids
pjpegfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\OpenWithProgids
jpegfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\OpenWithProgids
jpegfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jxr\OpenWithProgids
wdpfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lnk\OpenWithProgids
lnkfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2t\OpenWithProgids
WMP11.AssocFile.M2TS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\OpenWithProgids
WMP11.AssocFile.m3u
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\OpenWithProgids
WMP11.AssocFile.M4A
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\OpenWithProgids
WMP11.AssocFile.MP4
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\OpenWithProgids
mhtmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\OpenWithProgids
WMP11.AssocFile.MIDI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\OpenWithProgids
WMP11.AssocFile.MIDI
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mk3d\OpenWithProgids
WMP11.AssocFile.MK3D
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mka\OpenWithProgids
WMP11.AssocFile.MKA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\OpenWithProgids
WMP11.AssocFile.MKV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\OpenWithProgids
WMP11.AssocFile.MOV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MP2\OpenWithProgids
WMP11.AssocFile.MP3
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\OpenWithProgids
WMP11.AssocFile.MP4
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\OpenWithProgids
WMP11.AssocFile.MPEG
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ocx\OpenWithProgids
ocxfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.otf\OpenWithProgids
otffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithProgids
pngfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1\OpenWithProgids
Microsoft.PowerShellScript.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ps1xml\OpenWithProgids
Microsoft.PowerShellXMLData.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd1\OpenWithProgids
Microsoft.PowerShellData.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psm1\OpenWithProgids
Microsoft.PowerShellModule.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pssc\OpenWithProgids
Microsoft.PowerShellSessionConfiguration.1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\OpenWithProgids
rlefile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.scf\OpenWithProgids
SHCmdFile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.search-ms\OpenWithProgids
SearchFolder
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\OpenWithProgids
shtmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\OpenWithProgids
WMP11.AssocFile.AU
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sys\OpenWithProgids
sysfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\OpenWithProgids
TIFImage.Document
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\OpenWithProgids
TIFImage.Document
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\OpenWithProgids
WMP11.AssocFile.TTS
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\OpenWithProgids
ttcfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\OpenWithProgids
ttffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.txt\OpenWithProgids
txtfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\OpenWithProgids
WMP11.AssocFile.WAV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\OpenWithProgids
WMP11.AssocFile.WAX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wdp\OpenWithProgids
wdpfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\OpenWithProgids
WMP11.AssocFile.WMA
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\OpenWithProgids
wmffile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\OpenWithProgids
WMP11.AssocFile.WMV
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WPL\OpenWithProgids
WMP11.AssocFile.WPL
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\OpenWithProgids
WMP11.AssocFile.WVX
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\OpenWithProgids
xmlfile
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xsl\OpenWithProgids
xslfile
There are 149 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
297B0000
unclassified section
page read and write
 malicious
2ACB0000
unclassified section
page read and write
 malicious
20D39000
unkown
page read and write
 malicious
10E18000
unkown
page read and write
 malicious
10630000
unkown
page execute and read and write
 malicious
10D31000
unkown
page read and write
 malicious
29EB0000
remote allocation
page execute and read and write
 malicious
290B9000
unkown
page read and write
 malicious
2A5BB000
unkown
page read and write
 malicious
10630000
unkown
page execute and read and write
 malicious
7AA0000
unkown
page read and write
91F0000
unkown
page readonly
7FF5D7376000
unkown
page readonly
C93A57E000
stack
page read and write
4AA0000
unkown
page read and write
7FF5D772C000
unkown
page readonly
C5FD000
unkown
page read and write
7FF5D7396000
unkown
page readonly
96FE000
stack
page read and write
C8C4000
unkown
page read and write
7FF5D719C000
unkown
page readonly
C7C6000
unkown
page read and write
7FF5D71E0000
unkown
page readonly
7FF5D74A6000
unkown
page readonly
89C2000
heap
page read and write
7FF5D717C000
unkown
page readonly
7FF5D6FE1000
unkown
page readonly
9D67000
unkown
page read and write
7FF5D7418000
unkown
page readonly
7FF5D7760000
unkown
page readonly
9A76000
unkown
page read and write
C93ABB7000
stack
page read and write
1C22C4F3000
heap
page read and write
7FF5D771A000
unkown
page readonly
E00000
unkown
page readonly
22446DF7000
trusted library allocation
page read and write
7FF5D7407000
unkown
page readonly
77A2000
unkown
page read and write
AA04000
unkown
page read and write
7FF5D7077000
unkown
page readonly
7FF5D7797000
unkown
page readonly
22442100000
heap
page read and write
7FF5D72D7000
unkown
page readonly
4A16000
unkown
page read and write
7FF5D7558000
unkown
page readonly
9E2E000
stack
page read and write
35DC000
unkown
page read and write
103F6000
unkown
page read and write
885A000
unkown
page read and write
212B7000
unkown
page read and write
940C5FD000
stack
page read and write
8A70000
unkown
page read and write
7FF5D7450000
unkown
page readonly
1C22C4F5000
heap
page read and write
9A6A000
unkown
page read and write
A9A0000
unkown
page read and write
761E000
unkown
page read and write
9B0B000
unkown
page read and write
7FF5D7488000
unkown
page readonly
9A98000
unkown
page read and write
75FD000
unkown
page read and write
7B80000
unkown
page readonly
7FF5D69BB000
unkown
page readonly
211CD086000
heap
page read and write
C44F000
stack
page read and write
2EA1000
unkown
page read and write
F23C000
unkown
page read and write
7FF5D762F000
unkown
page readonly
1D078F99000
heap
page read and write
1120000
unkown
page read and write
1250000
unkown
page read and write
4AEA000
unkown
page read and write
224425C0000
heap
page read and write
AA40000
unkown
page read and write
3530000
unkown
page read and write
289B43A8000
trusted library allocation
page read and write
7FF5D7820000
unkown
page readonly
B85A000
stack
page read and write
5479000
unkown
page read and write
7FF5D75F6000
unkown
page readonly
C8E6000
unkown
page read and write
1D078F5A000
heap
page read and write
354C000
unkown
page read and write
7FF5D7280000
unkown
page readonly
1D07A9F0000
direct allocation
page read and write
F225000
unkown
page read and write
1D078F69000
heap
page read and write
7FF8A87B0000
unkown
page readonly
7FF5D6A4B000
unkown
page readonly
7FF5D75F2000
unkown
page readonly
1D07AA70000
direct allocation
page read and write
1C22DE90000
direct allocation
page read and write
1C22C49A000
heap
page read and write
7FF5D7837000
unkown
page readonly
7DD0000
heap
page read and write
7435000
stack
page read and write
4AA0000
unkown
page read and write
A416000
unkown
page read and write
35B3000
unkown
page read and write
C81C000
unkown
page read and write
C7BE000
unkown
page read and write
8C39000
stack
page read and write
7FF5D719C000
unkown
page readonly
9AF9000
unkown
page read and write
A2DD000
unkown
page read and write
A23A000
unkown
page read and write
1D078F63000
heap
page read and write
7654000
unkown
page read and write
7FF5D71BF000
unkown
page readonly
CA68000
unkown
page read and write
99B0000
unkown
page read and write
7FF5D748C000
unkown
page readonly
EF8000
heap
page read and write
C93ADBE000
stack
page read and write
F234000
unkown
page read and write
7FF5D7202000
unkown
page readonly
779E000
unkown
page read and write
7FF5D7404000
unkown
page readonly
2277B226000
heap
page read and write
8A70000
unkown
page read and write
289B0F80000
heap
page read and write
3530000
unkown
page read and write
99B1000
unkown
page read and write
12D0000
unkown
page readonly
7FF5D758D000
unkown
page readonly
1C22C498000
heap
page read and write
1D078F5D000
heap
page read and write
7605000
unkown
page read and write
7FF847680000
unkown
page execute and read and write
86E0000
unkown
page readonly
7FF5D76AF000
unkown
page readonly
1C22F3A0000
direct allocation
page read and write
4AB0000
unkown
page read and write
7FF5D7398000
unkown
page readonly
2277B24D000
heap
page read and write
789D5FF000
stack
page read and write
9A84000
unkown
page read and write
3290000
unkown
page read and write
C800000
unkown
page read and write
35F4000
unkown
page read and write
F24E000
unkown
page read and write
289B0FC5000
heap
page read and write
7FF5D7604000
unkown
page readonly
10474000
unkown
page read and write
7FF5D7075000
unkown
page readonly
7FF5D77C7000
unkown
page readonly
B4D0000
unkown
page readonly
7FF5D76F5000
unkown
page readonly
C93AA7F000
stack
page read and write
A3B6000
unkown
page read and write
7FF5D7425000
unkown
page readonly
C669000
unkown
page read and write
8890000
unkown
page readonly
35D5000
unkown
page read and write
10BAE000
unkown
page execute and read and write
9A94000
unkown
page read and write
AA40000
unkown
page read and write
77A2000
unkown
page read and write
85BE000
stack
page read and write
7FF5D7394000
unkown
page readonly
1D078FA2000
heap
page read and write
1D078F32000
heap
page read and write
10332000
unkown
page read and write
10349000
unkown
page read and write
33B0000
unkown
page readonly
7FF5D73F5000
unkown
page readonly
7611000
unkown
page read and write
BFB8000
stack
page read and write
7FF5D720A000
unkown
page readonly
22440630000
heap
page read and write
7FF5D72BF000
unkown
page readonly
7FF5D75EE000
unkown
page readonly
4A90000
unkown
page read and write
3000000
unkown
page read and write
789D6FB000
stack
page read and write
2277B360000
heap
page read and write
7FF5D7740000
unkown
page readonly
9B0B000
unkown
page read and write
1D079187000
direct allocation
page read and write
C863000
unkown
page read and write
C609000
unkown
page read and write
3626000
unkown
page read and write
7FF5D7292000
unkown
page readonly
C5F4000
unkown
page read and write
7C90000
unkown
page read and write
35FA000
unkown
page read and write
C97D000
unkown
page read and write
7FF5D778A000
unkown
page readonly
7989000
stack
page read and write
A3AC000
unkown
page read and write
8D3C000
stack
page read and write
7FF5D720F000
unkown
page readonly
7FF5D752F000
unkown
page readonly
8D3C000
stack
page read and write
C9E6000
unkown
page read and write
35E4000
unkown
page read and write
AA0A000
unkown
page read and write
55320FF000
stack
page read and write
1D078EE0000
heap
page read and write
BB0D000
stack
page read and write
75E0000
unkown
page read and write
7FF5D7360000
unkown
page readonly
7FF5D6AB6000
unkown
page readonly
35BD000
unkown
page read and write
7FF5D764F000
unkown
page readonly
3073000
unkown
page read and write
10349000
unkown
page read and write
4A44000
unkown
page read and write
B777FE000
stack
page read and write
49FD000
unkown
page read and write
7FF5D741B000
unkown
page readonly
C5FD000
unkown
page read and write
2244075A000
heap
page read and write
C47F000
unkown
page read and write
1240000
unkown
page read and write
7440000
unkown
page read and write
7C90000
unkown
page read and write
4AFA000
unkown
page read and write
289BA7A8000
trusted library allocation
page read and write
1D079200000
heap
page read and write
3290000
unkown
page read and write
33F0000
unkown
page read and write
22440880000
trusted library allocation
page read and write
35CD000
unkown
page read and write
C61B000
unkown
page read and write
9A90000
unkown
page read and write
25465FE000
stack
page read and write
7FF5D7272000
unkown
page readonly
7FF5D77F0000
unkown
page readonly
35C9000
unkown
page read and write
C617000
unkown
page read and write
3070000
unkown
page read and write
886A000
unkown
page read and write
BB10000
heap
page read and write
7FF5D75DF000
unkown
page readonly
9AC3000
unkown
page read and write
86E0000
unkown
page readonly
3070000
unkown
page read and write
853C000
stack
page read and write
7FF5D76D7000
unkown
page readonly
F222000
unkown
page read and write
A264000
unkown
page read and write
E660000
heap
page read and write
4986000
unkown
page read and write
7FF5D71CC000
unkown
page readonly
3400000
unkown
page read and write
7FF5D72FB000
unkown
page readonly
105AE000
stack
page read and write
7FF8A8837000
unkown
page readonly
7FF5D732D000
unkown
page readonly
33B0000
unkown
page readonly
A39C000
unkown
page read and write
7AC0000
unkown
page read and write
C4C6000
unkown
page read and write
C61B000
unkown
page read and write
7FF5D75BF000
unkown
page readonly
49C2000
unkown
page read and write
F13000
heap
page read and write
7FF5D7837000
unkown
page readonly
2277B26F000
heap
page read and write
1C22C4C0000
heap
page read and write
12B0000
unkown
page read and write
B4BD000
stack
page read and write
1C22C4C7000
heap
page read and write
18FC1EB0000
heap
page read and write
1484A820000
heap
page read and write
8CB8000
stack
page read and write
7FF5D745B000
unkown
page readonly
7FF5D74B8000
unkown
page readonly
289B7FA8000
trusted library allocation
page read and write
211CCFB0000
heap
page read and write
1D078F83000
heap
page read and write
7FF5D7202000
unkown
page readonly
7FF5D76DA000
unkown
page readonly
7DF4F2470000
unkown
page readonly
BEA0000
unkown
page readonly
C625000
unkown
page read and write
3293000
unkown
page read and write
7FF5D717C000
unkown
page readonly
7FF5D7669000
unkown
page readonly
1C22C4BF000
heap
page read and write
768E000
unkown
page read and write
1D078F80000
heap
page read and write
8850000
unkown
page read and write
C617000
unkown
page read and write
C0BA000
stack
page read and write
AFBE000
stack
page read and write
7FF5D7752000
unkown
page readonly
CA57000
unkown
page read and write
1C22C4B7000
heap
page read and write
EF8000
heap
page read and write
1D078F4D000
heap
page read and write
C8C4000
unkown
page read and write
7FF5D75E9000
unkown
page readonly
9AB4000
unkown
page read and write
1484A8D0000
heap
page read and write
211CCFF0000
heap
page read and write
8860000
unkown
page read and write
7C70000
unkown
page readonly
5463000
unkown
page read and write
4ADA000
unkown
page read and write
1383000
heap
page read and write
789D4FE000
stack
page read and write
211CD0C7000
heap
page read and write
1C22C468000
heap
page read and write
7DF4F2481000
unkown
page execute read
49FD000
unkown
page read and write
7FF5D7073000
unkown
page readonly
9E2D000
stack
page read and write
8390000
unkown
page read and write
7FF5D72DF000
unkown
page readonly
C7C6000
unkown
page read and write
C9C5000
unkown
page read and write
1C22C4C0000
heap
page read and write
C9A7000
unkown
page read and write
1D078FC7000
heap
page read and write
10374000
unkown
page read and write
7FF5D705D000
unkown
page readonly
A3AA000
unkown
page read and write
7FF5D77E0000
unkown
page readonly
C85F000
unkown
page read and write
A39F000
unkown
page read and write
85BE000
stack
page read and write
9A72000
unkown
page read and write
940C7F9000
stack
page read and write
7FF5D71EA000
unkown
page readonly
7FF5D77CD000
unkown
page readonly
E10000
unkown
page readonly
7FF5D7669000
unkown
page readonly
7609000
unkown
page read and write
B7733B000
stack
page read and write
7FF5D710B000
unkown
page readonly
7460000
unkown
page read and write
7FF5D7450000
unkown
page readonly
289B2BE0000
trusted library allocation
page read and write
1C22C4FE000
heap
page read and write
7FF5D74FA000
unkown
page readonly
1D078F43000
heap
page read and write
A2B5000
unkown
page read and write
417E9FE000
stack
page read and write
C4DC000
unkown
page read and write
1C22F360000
direct allocation
page read and write
C3CA000
stack
page read and write
3293000
unkown
page read and write
1C22C477000
heap
page read and write
98FD000
stack
page read and write
7FF5D7507000
unkown
page readonly
1210000
unkown
page read and write
7FF5D66E8000
unkown
page readonly
C65E000
unkown
page read and write
7C31000
unkown
page read and write
362A000
unkown
page read and write
7631000
unkown
page read and write
7FF5D7703000
unkown
page readonly
7FF5D760B000
unkown
page readonly
7FF5D71C8000
unkown
page readonly
A40E000
unkown
page read and write
7FF8476A6000
unkown
page execute and read and write
1D078F75000
heap
page read and write
7FF77AD37000
unkown
page read and write
289B100E000
heap
page read and write
7FF5D781A000
unkown
page readonly
7FF5D77FD000
unkown
page readonly
77DB000
unkown
page read and write
F234000
unkown
page read and write
7FF5D774C000
unkown
page readonly
3070000
unkown
page read and write
7FF5D77D2000
unkown
page readonly
7691000
unkown
page read and write
9A94000
unkown
page read and write
940C6FE000
stack
page read and write
8860000
unkown
page read and write
35B5000
unkown
page read and write
7DC0000
unkown
page readonly
8380000
unkown
page read and write
C866000
unkown
page read and write
76F8000
unkown
page read and write
C977000
unkown
page read and write
C5E2000
unkown
page read and write
997C000
stack
page read and write
99B0000
unkown
page read and write
7FF5D745B000
unkown
page readonly
5330000
unkown
page write copy
22440660000
heap
page read and write
A251000
unkown
page read and write
C908000
unkown
page read and write
C61D000
unkown
page read and write
A0AA000
stack
page read and write
C8BD000
unkown
page read and write
C1CC000
stack
page read and write
7FF5D743F000
unkown
page readonly
7FF5D7546000
unkown
page readonly
7FF5D7385000
unkown
page readonly
289B0F75000
heap
page read and write
AA04000
unkown
page read and write
C48B000
unkown
page read and write
211CD0A6000
heap
page read and write
CA42000
unkown
page read and write
B950000
unkown
page readonly
779E000
unkown
page read and write
3070000
unkown
page read and write
7FF5D7593000
unkown
page readonly
49BB000
unkown
page read and write
7C80000
unkown
page read and write
A28D000
unkown
page read and write
1C22C4A2000
heap
page read and write
7DF4F2480000
unkown
page readonly
C3CA000
stack
page read and write
211CCFFE000
heap
page read and write
B330000
unkown
page read and write
A3AA000
unkown
page read and write
7FF5CE33D000
unkown
page readonly
A23A000
unkown
page read and write
C472000
unkown
page read and write
99B3000
unkown
page read and write
1160000
unkown
page read and write
9A6A000
unkown
page read and write
C9C2000
unkown
page read and write
9AB2000
unkown
page read and write
1D078FC6000
heap
page read and write
A12F000
stack
page read and write
940C77E000
stack
page read and write
211CD0BA000
heap
page read and write
EF0000
heap
page read and write
7FF5D776D000
unkown
page readonly
A3AA000
unkown
page read and write
7FF5D72E9000
unkown
page readonly
7FF5D76E8000
unkown
page readonly
1360000
unkown
page readonly
7FF5D75BF000
unkown
page readonly
1C22C4F5000
heap
page read and write
224406BE000
heap
page read and write
C806000
unkown
page read and write
88B0000
unkown
page read and write
1D078F83000
heap
page read and write
C5FA000
unkown
page read and write
C73E000
unkown
page read and write
2277B200000
heap
page read and write
35DC000
unkown
page read and write
9A6A000
unkown
page read and write
35D1000
unkown
page read and write
7FF5D75AF000
unkown
page readonly
C4C6000
unkown
page read and write
8B7B000
unkown
page read and write
7FF5D75CB000
unkown
page readonly
7FF5D71E0000
unkown
page readonly
7FF5D6ABD000
unkown
page readonly
A40E000
unkown
page read and write
7FF5D7784000
unkown
page readonly
1281000
unkown
page readonly
20D33000
unkown
page read and write
4AC0000
unkown
page read and write
7DC0000
unkown
page readonly
7FF8A882F000
unkown
page read and write
7FF5D7244000
unkown
page readonly
7FF5D749B000
unkown
page readonly
C9A7000
unkown
page read and write
A408000
unkown
page read and write
1D079180000
direct allocation
page read and write
7FF5D7643000
unkown
page readonly
9AAA000
unkown
page read and write
7FF5D77E9000
unkown
page readonly
35C3000
unkown
page read and write
7FF5D723C000
unkown
page readonly
C47F000
unkown
page read and write
7FF8476E0000
unkown
page execute and read and write
A3B9000
unkown
page read and write
AA40000
unkown
page read and write
C617000
unkown
page read and write
789CEFE000
stack
page read and write
1D078F00000
heap
page read and write
7FF5D77F7000
unkown
page readonly
C46F000
unkown
page read and write
940C4FE000
stack
page read and write
7FF5D77C2000
unkown
page readonly
94F4000
unkown
page read and write
7E58000
stack
page read and write
35FA000
unkown
page read and write
940C67E000
stack
page read and write
9B72000
unkown
page read and write
7FF5D71BF000
unkown
page readonly
7691000
unkown
page read and write
C496000
unkown
page read and write
53E1000
unkown
page read and write
A3AC000
unkown
page read and write
7611000
unkown
page read and write
4A40000
unkown
page read and write
3489000
stack
page read and write
7FF5D72D0000
unkown
page readonly
35B5000
unkown
page read and write
289B1012000
heap
page read and write
8360000
unkown
page read and write
7FF5D7438000
unkown
page readonly
5479000
unkown
page read and write
8C39000
stack
page read and write
35D1000
unkown
page read and write
2277B260000
heap
page read and write
C93A4F3000
stack
page read and write
10474000
unkown
page read and write
9D42000
unkown
page read and write
C472000
unkown
page read and write
CA57000
unkown
page read and write
18FC1EF0000
heap
page read and write
9A84000
unkown
page read and write
1D078F34000
heap
page read and write
7FF5D77E9000
unkown
page readonly
1D078F20000
heap
page read and write
7FF5D7745000
unkown
page readonly
7FF77ACC1000
unkown
page execute read
C663000
unkown
page read and write
33C0000
unkown
page read and write
22442452000
heap
page read and write
C61B000
unkown
page read and write
AA9F000
unkown
page read and write
7FF8475DD000
unkown
page execute and read and write
A408000
unkown
page read and write
289B57A8000
trusted library allocation
page read and write
C93AD3E000
stack
page read and write
1D078F58000
heap
page read and write
7FF5D7230000
unkown
page readonly
9AAA000
unkown
page read and write
211CD09C000
heap
page read and write
7FF5D7703000
unkown
page readonly
FF0000
unkown
page readonly
7FF5D781A000
unkown
page readonly
224427F7000
trusted library allocation
page read and write
25467FE000
stack
page read and write
7FF5D7394000
unkown
page readonly
A28D000
unkown
page read and write
3290000
unkown
page read and write
B0BD000
stack
page read and write
211CEA00000
heap
page read and write
3100000
unkown
page read and write
7FF5D75F6000
unkown
page readonly
211CD07A000
heap
page read and write
9ADB000
unkown
page read and write
289B0F40000
heap
page read and write
7C70000
unkown
page readonly
7FF5D72C8000
unkown
page readonly
7FF5D75CB000
unkown
page readonly
289B0F70000
heap
page read and write
7FF5D77A8000
unkown
page readonly
7DF4F2471000
unkown
page execute read
35CF000
unkown
page read and write
1C22F380000
direct allocation
page read and write
96FE000
stack
page read and write
35BD000
unkown
page read and write
940D5CE000
stack
page read and write
7FF5D745E000
unkown
page readonly
3160000
unkown
page read and write
99C0000
unkown
page read and write
7FF5D7792000
unkown
page readonly
9A96000
unkown
page read and write
22448BF7000
trusted library allocation
page read and write
211CCFF5000
heap
page read and write
7FF5D771A000
unkown
page readonly
997C000
stack
page read and write
25B5CAE0000
heap
page read and write
C7CB000
unkown
page read and write
A0A9000
stack
page read and write
25B5C9C0000
heap
page read and write
1C22C48C000
heap
page read and write
C93A8FD000
stack
page read and write
7FF5D76D5000
unkown
page readonly
A39C000
unkown
page read and write
7FF5D71EF000
unkown
page readonly
2FF9000
stack
page read and write
1C22C50C000
heap
page read and write
7FF5D7458000
unkown
page readonly
7FF5D71E6000
unkown
page readonly
9AA0000
unkown
page read and write
1C22F396000
direct allocation
page read and write
1D07AA30000
direct allocation
page read and write
1484A8D6000
heap
page read and write
22440757000
heap
page read and write
F255000
unkown
page read and write
12B0000
unkown
page read and write
7FF5D7391000
unkown
page readonly
7FF5D716B000
unkown
page readonly
3500000
stack
page read and write
BE70000
unkown
page readonly
7FF8A883B000
unkown
page readonly
8A00000
unkown
page read and write
8390000
unkown
page read and write
768E000
unkown
page read and write
BB10000
heap
page read and write
7618000
unkown
page read and write
7B60000
unkown
page readonly
77A2000
unkown
page read and write
7FF77ACC0000
unkown
page readonly
1D078F83000
heap
page read and write
C450000
unkown
page read and write
A39F000
unkown
page read and write
7FF5D7797000
unkown
page readonly
F1F0000
unkown
page read and write
AFB5FFF000
stack
page read and write
C90E000
unkown
page read and write
7FF77AD3B000
unkown
page readonly
7989000
stack
page read and write
7FF77AD41000
unkown
page readonly
35D5000
unkown
page read and write
A273000
unkown
page read and write
22440870000
heap
page readonly
760F000
unkown
page read and write
1D07AA86000
direct allocation
page read and write
7FF5D774C000
unkown
page readonly
789D0FE000
stack
page read and write
10BAE000
unkown
page execute and read and write
1160000
unkown
page read and write
7FF5D705D000
unkown
page readonly
1C22F300000
direct allocation
page read and write
9579000
stack
page read and write
2277B2A4000
heap
page read and write
11B1000
unkown
page read and write
940C47E000
stack
page read and write
7FF5D7425000
unkown
page readonly
AE1D000
stack
page read and write
2277B237000
heap
page read and write
C9F4000
unkown
page read and write
7637000
unkown
page read and write
417E7F8000
stack
page read and write
7FF5D7682000
unkown
page readonly
18FC1F20000
heap
page read and write
F22E000
unkown
page read and write
7FF5D744E000
unkown
page readonly
A33F000
unkown
page read and write
7CB0000
unkown
page readonly
7FF5D738E000
unkown
page readonly
1D07A9D0000
direct allocation
page read and write
5463000
unkown
page read and write
7FF5D760E000
unkown
page readonly
3070000
unkown
page read and write
8360000
unkown
page read and write
8890000
unkown
page readonly
C5F0000
unkown
page read and write
7FF5D776D000
unkown
page readonly
AAAA000
unkown
page read and write
9AAA000
unkown
page read and write
C24E000
stack
page read and write
BF3D000
stack
page read and write
7FF5D72BD000
unkown
page readonly
927A000
stack
page read and write
BE49000
stack
page read and write
F13000
heap
page read and write
9A98000
unkown
page read and write
7FF5D7455000
unkown
page readonly
7FF5D768B000
unkown
page readonly
8850000
unkown
page read and write
1C22C50C000
heap
page read and write
C7BE000
unkown
page read and write
7460000
unkown
page read and write
35C1000
unkown
page read and write
C977000
unkown
page read and write
BDC0000
unkown
page read and write
35C3000
unkown
page read and write
7FF5D7482000
unkown
page readonly
C78A000
unkown
page read and write
8870000
unkown
page readonly
5531FFE000
stack
page read and write
C916000
unkown
page read and write
7FF5D7589000
unkown
page readonly
224477F7000
trusted library allocation
page read and write
C615000
unkown
page read and write
94AB000
stack
page read and write
33C0000
unkown
page read and write
7FF5D748A000
unkown
page readonly
7FF5D75B8000
unkown
page readonly
224459F7000
trusted library allocation
page read and write
C62D000
unkown
page read and write
C5FA000
unkown
page read and write
1D078F4C000
heap
page read and write
35D1000
unkown
page read and write
BE90000
unkown
page read and write
3626000
unkown
page read and write
1270000
unkown
page read and write
7FF5D7257000
unkown
page readonly
A1AF000
stack
page read and write
A9FD000
unkown
page read and write
7FF5D7691000
unkown
page readonly
7699000
unkown
page read and write
224495F7000
trusted library allocation
page read and write
7FF5D75FF000
unkown
page readonly
7DF4F2460000
unkown
page readonly
112B9FF000
stack
page read and write
C8C4000
unkown
page read and write
7FF5D76CD000
unkown
page readonly
7FF5D7065000
unkown
page readonly
940C57E000
stack
page read and write
B776FE000
stack
page read and write
35DC000
unkown
page read and write
4A12000
unkown
page read and write
12D0000
unkown
page readonly
C5FA000
unkown
page read and write
AA0E000
unkown
page read and write
C035000
stack
page read and write
7609000
unkown
page read and write
1C22DED3000
direct allocation
page read and write
224408A0000
heap
page read and write
7FF5D723F000
unkown
page readonly
9ABD000
unkown
page read and write
A3B9000
unkown
page read and write
7FF5D7262000
unkown
page readonly
7FF5D7643000
unkown
page readonly
7FF8475C4000
unkown
page read and write
1D078F5B000
heap
page read and write
4986000
unkown
page read and write
7FF5D77A4000
unkown
page readonly
7FF5D7745000
unkown
page readonly
F24E000
unkown
page read and write
7FF5D72CE000
unkown
page readonly
7FF5D7705000
unkown
page readonly
7FF5D770A000
unkown
page readonly
9D67000
unkown
page read and write
9A98000
unkown
page read and write
86D0000
unkown
page readonly
7C80000
unkown
page read and write
7693000
unkown
page read and write
1D079140000
direct allocation
page read and write
CA2B000
unkown
page read and write
7FF5D7391000
unkown
page readonly
18FC1EE0000
heap
page read and write
7FF5D770F000
unkown
page readonly
7FF5D7792000
unkown
page readonly
7618000
unkown
page read and write
1C22C4A4000
heap
page read and write
9A8E000
unkown
page read and write
2277B3C5000
heap
page read and write
9A92000
unkown
page read and write
22442105000
heap
page read and write
1D07AAA2000
direct allocation
page read and write
289B2D70000
heap
page read and write
7FF5D76C8000
unkown
page readonly
1D078FC4000
heap
page read and write
7DF4F24A1000
unkown
page execute read
7FF5D77B6000
unkown
page readonly
C899000
unkown
page read and write
7FF5D6BE4000
unkown
page readonly
7DF4F2491000
unkown
page execute read
1C22C4D0000
heap
page read and write
789CCFA000
stack
page read and write
9ABD000
unkown
page read and write
7FF5D7280000
unkown
page readonly
F24E000
unkown
page read and write
7FF8A8831000
unkown
page readonly
18FC1EA0000
heap
page read and write
C46F000
unkown
page read and write
89CA000
heap
page read and write
AA98000
unkown
page read and write
7FF5D75FF000
unkown
page readonly
AFB60FF000
stack
page read and write
94F4000
unkown
page read and write
F255000
unkown
page read and write
3532000
unkown
page read and write
2F7E000
stack
page read and write
7FF5D7485000
unkown
page readonly
8979000
stack
page read and write
49FA000
unkown
page read and write
7FF5D778A000
unkown
page readonly
9A76000
unkown
page read and write
761E000
unkown
page read and write
3500000
stack
page read and write
1484A8DC000
heap
page read and write
B950000
unkown
page readonly
1D078FC6000
heap
page read and write
7FF5D75C1000
unkown
page readonly
7DF4F2480000
unkown
page readonly
7FF5D7236000
unkown
page readonly
7FF5D72E9000
unkown
page readonly
7DF4F23B0000
unkown
page execute and read and write
55318FE000
stack
page read and write
9579000
stack
page read and write
F0C000
heap
page read and write
C460000
unkown
page read and write
CA2F000
unkown
page read and write
7AF1000
unkown
page read and write
7FF5D7593000
unkown
page readonly
7FF5D7267000
unkown
page readonly
1C22C4EC000
heap
page read and write
25B5C8E0000
heap
page read and write
7FF5D75D6000
unkown
page readonly
A3C3000
unkown
page read and write
7FF5D71C8000
unkown
page readonly
C977000
unkown
page read and write
769A000
unkown
page read and write
9A92000
unkown
page read and write
9EB0000
unkown
page readonly
7AA0000
unkown
page read and write
A384000
unkown
page read and write
211CD0D2000
heap
page read and write
C93AB3F000
stack
page read and write
7693000
unkown
page read and write
A251000
unkown
page read and write
2277B25E000
heap
page read and write
49FA000
unkown
page read and write
7FF5D75EE000
unkown
page readonly
8FD9000
stack
page read and write
A33F000
unkown
page read and write
7FF5D748A000
unkown
page readonly
7FF5D7507000
unkown
page readonly
9A9E000
unkown
page read and write
25B5C9E9000
heap
page read and write
A286000
unkown
page read and write
7DF4F2481000
unkown
page execute read
289B2870000
heap
page read and write
10EEE000
unkown
page read and write
1D0791C0000
heap
page read and write
1D0791A0000
direct allocation
page read and write
7FF5D73F5000
unkown
page readonly
8DC5000
stack
page read and write
1D07AA90000
direct allocation
page read and write
9A72000
unkown
page read and write
7FF5D7589000
unkown
page readonly
3290000
unkown
page read and write
7FF5D75B8000
unkown
page readonly
9B41000
unkown
page read and write
7FF5D776F000
unkown
page readonly
1D078F9F000
heap
page read and write
7FF5D6A4B000
unkown
page readonly
3290000
unkown
page read and write
7FF5D76E8000
unkown
page readonly
362D000
unkown
page read and write
7FF5D7700000
unkown
page readonly
1C22C503000
heap
page read and write
7DF4F24A1000
unkown
page execute read
1C22C450000
heap
page read and write
7FF5D71E6000
unkown
page readonly
7631000
unkown
page read and write
1C22C6C0000
heap
page read and write
7FF5D751F000
unkown
page readonly
7FF5D71C4000
unkown
page readonly
9AAC000
unkown
page read and write
7FF5D765F000
unkown
page readonly
9A8C000
unkown
page read and write
C62D000
unkown
page read and write
1D078F5C000
heap
page read and write
8380000
unkown
page read and write
417EBFF000
stack
page read and write
3063000
unkown
page read and write
7FF5D7336000
unkown
page readonly
F238000
unkown
page read and write
9A94000
unkown
page read and write
1350000
unkown
page readonly
2277B237000
heap
page read and write
1D078FAD000
heap
page read and write
7FF5D7236000
unkown
page readonly
7FF5D6BEF000
unkown
page readonly
F224000
unkown
page read and write
C913000
unkown
page read and write
7FF847773000
unkown
page read and write
4A90000
unkown
page read and write
7DBD000
stack
page read and write
3070000
unkown
page read and write
7FF5D732D000
unkown
page readonly
B220000
unkown
page read and write
7FF5D7385000
unkown
page readonly
9A90000
unkown
page read and write
3293000
unkown
page read and write
7DD0000
heap
page read and write
35D3000
unkown
page read and write
9679000
stack
page read and write
35D3000
unkown
page read and write
9B0B000
unkown
page read and write
9A9E000
unkown
page read and write
1C22C483000
heap
page read and write
1C22DED0000
direct allocation
page read and write
B03B000
stack
page read and write
A237000
unkown
page read and write
338C000
stack
page read and write
1C22C489000
heap
page read and write
7FF5D77E3000
unkown
page readonly
7FF5D7694000
unkown
page readonly
289B4DA8000
trusted library allocation
page read and write
3170000
unkown
page read and write
3290000
unkown
page read and write
8FD9000
stack
page read and write
3290000
unkown
page read and write
9AB2000
unkown
page read and write
7FF5D779E000
unkown
page readonly
55321FB000
stack
page read and write
7FF5D72CE000
unkown
page readonly
C5F8000
unkown
page read and write
7FF5D75F2000
unkown
page readonly
C93A97E000
stack
page read and write
B4BD000
stack
page read and write
224406E9000
heap
page read and write
7FF5D71F9000
unkown
page readonly
102F4000
unkown
page read and write
F22D000
unkown
page read and write
7C31000
unkown
page read and write
7FF5D768B000
unkown
page readonly
3280000
unkown
page read and write
3000000
unkown
page read and write
7FF5D7065000
unkown
page readonly
789D3FD000
stack
page read and write
7440000
unkown
page read and write
940C977000
stack
page read and write
7810000
unkown
page read and write
2277B320000
heap
page read and write
E6EE000
stack
page read and write
7FF5D72FB000
unkown
page readonly
7FF5D6BE4000
unkown
page readonly
7CB0000
unkown
page readonly
289B0FD0000
heap
page read and write
9A96000
unkown
page read and write
9AF9000
unkown
page read and write
8880000
unkown
page readonly
7FF5D783B000
unkown
page readonly
7FF5D720F000
unkown
page readonly
940CB7E000
stack
page read and write
3170000
unkown
page read and write
A384000
unkown
page read and write
7FF5D7764000
unkown
page readonly
C642000
unkown
page read and write
4A0E000
unkown
page read and write
843F000
stack
page read and write
7FF5D77EB000
unkown
page readonly
35F4000
unkown
page read and write
2F7F000
stack
page read and write
8380000
unkown
page read and write
8A00000
unkown
page read and write
7FF5D75B3000
unkown
page readonly
CA47000
unkown
page read and write
7FF5D77F0000
unkown
page readonly
B980000
unkown
page readonly
7FF5D6ABD000
unkown
page readonly
1D07AA10000
direct allocation
page read and write
9BB2000
unkown
page read and write
E770000
heap
page execute and read and write
7FF5D779E000
unkown
page readonly
553159A000
stack
page read and write
C642000
unkown
page read and write
7FF5D77A8000
unkown
page readonly
7B20000
unkown
page read and write
EB5000
stack
page read and write
3073000
unkown
page read and write
7FF5D7458000
unkown
page readonly
7FF5D775C000
unkown
page readonly
1C22C4C7000
heap
page read and write
779E000
unkown
page read and write
99C0000
unkown
page read and write
942E000
stack
page read and write
1D078FAF000
heap
page read and write
289B1059000
heap
page read and write
7DF4F2470000
unkown
page readonly
7FF5D7820000
unkown
page readonly
7B20000
unkown
page read and write
C93A5FE000
stack
page read and write
E4B0000
heap
page execute and read and write
22440668000
heap
page read and write
7FF5D766E000
unkown
page readonly
7FF5D743F000
unkown
page readonly
25463F8000
stack
page read and write
B03B000
stack
page read and write
7AE0000
unkown
page read and write
1484AB55000
heap
page read and write
8B7B000
unkown
page read and write
7FF5D7523000
unkown
page readonly
F221000
unkown
page read and write
9A8E000
unkown
page read and write
35D5000
unkown
page read and write
A2D7000
unkown
page read and write
7FF5D752F000
unkown
page readonly
7FF5D74FA000
unkown
page readonly
7FF5D7534000
unkown
page readonly
C93AF3B000
stack
page read and write
7FF5D7488000
unkown
page readonly
7FF5D66E8000
unkown
page readonly
E00000
unkown
page readonly
7FF8A882D000
unkown
page read and write
7FF5D720A000
unkown
page readonly
35C3000
unkown
page read and write
25B5CC80000
heap
page read and write
C496000
unkown
page read and write
7FF5D765F000
unkown
page readonly
7810000
unkown
page read and write
7FF5D71DA000
unkown
page readonly
7D3E000
stack
page read and write
7FF5D71D7000
unkown
page readonly
7DF4F2461000
unkown
page execute read
1033B000
unkown
page read and write
1D078F51000
heap
page read and write
C93A9FE000
stack
page read and write
7FF5D6BDB000
unkown
page readonly
7FF5D7442000
unkown
page readonly
7FF5D7257000
unkown
page readonly
C93AEBF000
stack
page read and write
49A8000
unkown
page read and write
7FF5D7482000
unkown
page readonly
7FF5D7694000
unkown
page readonly
2EC0000
unkown
page readonly
5330000
unkown
page write copy
3140000
unkown
page read and write
7FF5D77B9000
unkown
page readonly
289B89A8000
trusted library allocation
page read and write
289B2E01000
trusted library allocation
page read and write
7FF77AD16000
unkown
page readonly
C806000
unkown
page read and write
7FF5D77DA000
unkown
page readonly
7FF5D75F9000
unkown
page readonly
9BB2000
unkown
page read and write
7FF5D66E3000
unkown
page readonly
10332000
unkown
page read and write
1C22C492000
heap
page read and write
2277B26F000
heap
page read and write
99C0000
unkown
page read and write
C5F0000
unkown
page read and write
BF3D000
stack
page read and write
7FF5D75D6000
unkown
page readonly
C93A87E000
stack
page read and write
AE1D000
stack
page read and write
C65E000
unkown
page read and write
843F000
stack
page read and write
4B00000
unkown
page read and write
1C22C4C7000
heap
page read and write
BE49000
stack
page read and write
8F49000
stack
page read and write
F24F000
unkown
page read and write
BDC0000
unkown
page read and write
5531EFE000
stack
page read and write
2EC0000
unkown
page readonly
7FF5D706E000
unkown
page readonly
7FF5D7722000
unkown
page readonly
7654000
unkown
page read and write
1052B000
stack
page read and write
103B3000
unkown
page read and write
7699000
unkown
page read and write
B559000
stack
page read and write
7FF5D71EF000
unkown
page readonly
C4DC000
unkown
page read and write
767F000
unkown
page read and write
F1F0000
unkown
page read and write
4980000
unkown
page read and write
1350000
unkown
page readonly
4A0E000
unkown
page read and write
77DB000
unkown
page read and write
4A71000
unkown
page read and write
7FF5D728E000
unkown
page readonly
E4C5000
heap
page read and write
9D67000
unkown
page read and write
7FF5D7336000
unkown
page readonly
7FF77AD45000
unkown
page readonly
927B000
stack
page read and write
7FF5D75D9000
unkown
page readonly
1383000
heap
page read and write
7FF5D7795000
unkown
page readonly
7AE0000
unkown
page read and write
224405D0000
heap
page read and write
289B101C000
heap
page read and write
7FF5D74F2000
unkown
page readonly
C609000
unkown
page read and write
AFB5EFC000
stack
page read and write
7FF5D75B3000
unkown
page readonly
7FF5D748C000
unkown
page readonly
11B1000
unkown
page read and write
F221000
unkown
page read and write
7FF5D76CD000
unkown
page readonly
75F8000
unkown
page read and write
9BAC000
unkown
page read and write
22442657000
trusted library allocation
page read and write
20D37000
unkown
page read and write
1C22C48D000
heap
page read and write
C97D000
unkown
page read and write
7FF5D7808000
unkown
page readonly
7FF8A880A000
unkown
page readonly
9A8E000
unkown
page read and write
1C22DEEB000
direct allocation
page read and write
1C22C48C000
heap
page read and write
7FF5D729E000
unkown
page readonly
9ABD000
unkown
page read and write
1484A840000
heap
page read and write
8390000
unkown
page read and write
7FF8475D2000
unkown
page read and write
C800000
unkown
page read and write
4AEA000
unkown
page read and write
1C22C490000
heap
page read and write
7FF8475CD000
unkown
page execute and read and write
7FF5D77CD000
unkown
page readonly
9ADB000
unkown
page read and write
3489000
stack
page read and write
7FF5D738E000
unkown
page readonly
2277B300000
heap
page read and write
1C22C4C7000
heap
page read and write
9AA8000
unkown
page read and write
A39F000
unkown
page read and write
A02E000
stack
page read and write
7DF4F2461000
unkown
page execute read
7FF5D7705000
unkown
page readonly
289B2D20000
heap
page execute and read and write
C61D000
unkown
page read and write
9B2C000
unkown
page read and write
86D0000
unkown
page readonly
C78A000
unkown
page read and write
3073000
unkown
page read and write
89C0000
heap
page read and write
1C22C4A2000
heap
page read and write
7FF847760000
unkown
page read and write
1484C647000
heap
page read and write
224406A4000
heap
page read and write
7FF5D77A4000
unkown
page readonly
1D078FA0000
heap
page read and write
7FF8475C2000
unkown
page read and write
A3B6000
unkown
page read and write
B0E0000
unkown
page readonly
362A000
unkown
page read and write
7FF5D7407000
unkown
page readonly
7FF5D7648000
unkown
page readonly
7FF5D77B6000
unkown
page readonly
7E58000
stack
page read and write
1390000
heap
page read and write
B559000
stack
page read and write
3290000
unkown
page read and write
7FF5D72BD000
unkown
page readonly
1D078F49000
heap
page read and write
224463F7000
trusted library allocation
page read and write
7FF5D744E000
unkown
page readonly
E4C0000
heap
page read and write
7FF5D76F5000
unkown
page readonly
1C22DF30000
direct allocation
page read and write
75E0000
unkown
page read and write
A313000
unkown
page read and write
7FF5CE343000
unkown
page readonly
211CD07B000
heap
page read and write
760B000
unkown
page read and write
940CBFB000
stack
page read and write
7FF5D729E000
unkown
page readonly
7B00000
unkown
page readonly
1D07AA50000
direct allocation
page read and write
7FF5D776F000
unkown
page readonly
A264000
unkown
page read and write
C625000
unkown
page read and write
7FF5D7438000
unkown
page readonly
1C22C4F1000
heap
page read and write
7FF77AD16000
unkown
page readonly
940C1B3000
stack
page read and write
CA3F000
unkown
page read and write
7FF5D75D9000
unkown
page readonly
10374000
unkown
page read and write
A220000
unkown
page read and write
7FF5D7396000
unkown
page readonly
760D000
unkown
page read and write
35C1000
unkown
page read and write
1D078FC6000
heap
page read and write
CA35000
unkown
page read and write
7FF5D7452000
unkown
page readonly
1C22C49D000
heap
page read and write
3630000
unkown
page readonly
1C22F340000
direct allocation
page read and write
2277B3C0000
heap
page read and write
C93ACB8000
stack
page read and write
13A0000
unkown
page readonly
BB0D000
stack
page read and write
AAA8000
unkown
page read and write
9B2C000
unkown
page read and write
A220000
unkown
page read and write
9B2C000
unkown
page read and write
9AB2000
unkown
page read and write
1484A740000
heap
page read and write
289B2C90000
trusted library allocation
page read and write
224406ED000
heap
page read and write
2277B3CE000
heap
page read and write
1C22C630000
heap
page read and write
4ADA000
unkown
page read and write
1D078FA9000
heap
page read and write
35C9000
unkown
page read and write
2277B250000
heap
page read and write
2FF9000
stack
page read and write
A384000
unkown
page read and write
3295000
unkown
page read and write
9AA0000
unkown
page read and write
224481F7000
trusted library allocation
page read and write
7FF77AD3B000
unkown
page readonly
7FF5D7309000
unkown
page readonly
7FF5D77F7000
unkown
page readonly
7FF5D7455000
unkown
page readonly
C8DE000
unkown
page read and write
7DF4F2491000
unkown
page execute read
3160000
unkown
page read and write
C9FA000
unkown
page read and write
C44F000
stack
page read and write
7FF5D7284000
unkown
page readonly
C90D000
unkown
page read and write
7FF5D76D7000
unkown
page readonly
C862000
unkown
page read and write
7FF5D75A6000
unkown
page readonly
7FF5D7418000
unkown
page readonly
84BB000
stack
page read and write
7FF5D7641000
unkown
page readonly
3630000
unkown
page readonly
A3C3000
unkown
page read and write
88B0000
unkown
page read and write
1250000
unkown
page read and write
1484A90E000
heap
page read and write
7FF5D775C000
unkown
page readonly
7FF5D774A000
unkown
page readonly
A233000
unkown
page read and write
7B60000
unkown
page readonly
224408A5000
heap
page read and write
1340000
unkown
page read and write
1D078FB8000
heap
page read and write
C609000
unkown
page read and write
7FF8A882E000
unkown
page write copy
7FF5D7244000
unkown
page readonly
7FF5D7442000
unkown
page readonly
7FF77AD37000
unkown
page write copy
9AAC000
unkown
page read and write
77DB000
unkown
page read and write
7FF5D783B000
unkown
page readonly
C653000
unkown
page read and write
7FF77ACC0000
unkown
page readonly
1395000
heap
page read and write
BE90000
unkown
page read and write
9BB2000
unkown
page read and write
BB9C000
stack
page read and write
22449FF7000
trusted library allocation
page read and write
98FD000
stack
page read and write
49D6000
unkown
page read and write
1D078F4D000
heap
page read and write
1033B000
unkown
page read and write
C0BA000
stack
page read and write
9AB4000
unkown
page read and write
9EB0000
unkown
page readonly
EF0000
heap
page read and write
7FF847670000
unkown
page read and write
7FF5D72C8000
unkown
page readonly
35E4000
unkown
page read and write
289B105C000
heap
page read and write
7FF5D7648000
unkown
page readonly
C615000
unkown
page read and write
9A72000
unkown
page read and write
224445F7000
trusted library allocation
page read and write
1C22DF60000
heap
page read and write
C93B90E000
stack
page read and write
BEA0000
unkown
page readonly
3520000
unkown
page readonly
B85A000
stack
page read and write
224431F7000
trusted library allocation
page read and write
7FF5D77E0000
unkown
page readonly
1380000
heap
page read and write
B8DB000
stack
page read and write
7FF5D702D000
unkown
page readonly
C035000
stack
page read and write
881C000
stack
page read and write
A3AC000
unkown
page read and write
7FF5D75AF000
unkown
page readonly
7FF5D71D7000
unkown
page readonly
7E60000
unkown
page read and write
940C8FC000
stack
page read and write
7FF5D77C2000
unkown
page readonly
7FF5D760B000
unkown
page readonly
211CD086000
heap
page read and write
7E60000
unkown
page read and write
F238000
unkown
page read and write
A1AF000
stack
page read and write
7FF5D75DF000
unkown
page readonly
7FF5D7558000
unkown
page readonly
7FF5D7639000
unkown
page readonly
9A8C000
unkown
page read and write
7FF5D741F000
unkown
page readonly
C1CC000
stack
page read and write
CA57000
unkown
page read and write
B0BD000
stack
page read and write
7FF5D770A000
unkown
page readonly
C483000
unkown
page read and write
7FF5D72D7000
unkown
page readonly
7FF5D6FD8000
unkown
page readonly
7FF77AD45000
unkown
page readonly
1C22C49A000
heap
page read and write
BE70000
unkown
page readonly
1D07AB20000
heap
page read and write
940CA7E000
stack
page read and write
55319FE000
stack
page read and write
8850000
unkown
page read and write
3293000
unkown
page read and write
A9A0000
unkown
page read and write
7FF5D7639000
unkown
page readonly
3110000
unkown
page readonly
F23C000
unkown
page read and write
C93AAF9000
stack
page read and write
1D07919B000
direct allocation
page read and write
1C22DEF0000
direct allocation
page read and write
112B8FC000
stack
page read and write
1D07AAA2000
direct allocation
page read and write
C84A000
unkown
page read and write
7FF5D7740000
unkown
page readonly
767C000
unkown
page read and write
7FF5D744B000
unkown
page readonly
289B0E60000
heap
page read and write
7FF5CE343000
unkown
page readonly
22440840000
trusted library allocation
page read and write
C908000
unkown
page read and write
A416000
unkown
page read and write
35B0000
unkown
page read and write
1D078F4C000
heap
page read and write
7FF5D66E3000
unkown
page readonly
7FF5D72D3000
unkown
page readonly
7FF5D7215000
unkown
page readonly
7FF5D74C3000
unkown
page readonly
49BB000
unkown
page read and write
33F0000
unkown
page read and write
C653000
unkown
page read and write
7FF5D7376000
unkown
page readonly
B220000
unkown
page read and write
7FF5D7534000
unkown
page readonly
BFB8000
stack
page read and write
7FF5D7077000
unkown
page readonly
1C22C4A0000
heap
page read and write
1C22DF10000
direct allocation
page read and write
9AC3000
unkown
page read and write
9A96000
unkown
page read and write
89C2000
heap
page read and write
362A000
unkown
page read and write
289B93A8000
trusted library allocation
page read and write
7FF5D77B9000
unkown
page readonly
9AA0000
unkown
page read and write
1D078F7A000
heap
page read and write
7FF8A87B1000
unkown
page execute read
3280000
unkown
page read and write
1731000
unkown
page readonly
4AFA000
unkown
page read and write
1C22DED7000
direct allocation
page read and write
7AB0000
unkown
page read and write
1C22C509000
heap
page read and write
A313000
unkown
page read and write
7FF5D77DD000
unkown
page readonly
22444FF7000
trusted library allocation
page read and write
35CF000
unkown
page read and write
7435000
stack
page read and write
3100000
unkown
page read and write
A237000
unkown
page read and write
7FF5D74F2000
unkown
page readonly
3290000
unkown
page read and write
7FF5D77DD000
unkown
page readonly
1484AB50000
heap
page read and write
C4BD000
unkown
page read and write
4A16000
unkown
page read and write
9AA8000
unkown
page read and write
A2A2000
unkown
page read and write
7FF5D7284000
unkown
page readonly
CA78000
unkown
page read and write
211CD0A5000
heap
page read and write
35CF000
unkown
page read and write
35B0000
unkown
page read and write
AA01000
unkown
page read and write
789D1FE000
stack
page read and write
354B000
unkown
page read and write
7FF5D71A6000
unkown
page readonly
9A80000
unkown
page read and write
1D078F5D000
heap
page read and write
A3C3000
unkown
page read and write
A273000
unkown
page read and write
7FF5D71AF000
unkown
page readonly
B7DE000
stack
page read and write
7FF5D76DA000
unkown
page readonly
30FB000
stack
page read and write
75F8000
unkown
page read and write
35CD000
unkown
page read and write
7FF8475D0000
unkown
page read and write
AA92000
unkown
page read and write
EB5000
stack
page read and write
F238000
unkown
page read and write
35FA000
unkown
page read and write
9BAC000
unkown
page read and write
75FD000
unkown
page read and write
C24E000
stack
page read and write
8A46000
unkown
page read and write
91F0000
unkown
page readonly
88C0000
unkown
page read and write
7FF5D6BDB000
unkown
page readonly
C97D000
unkown
page read and write
A33F000
unkown
page read and write
289B2FA8000
trusted library allocation
page read and write
49A8000
unkown
page read and write
C5FD000
unkown
page read and write
7686000
unkown
page read and write
7B10000
unkown
page read and write
BB9C000
stack
page read and write
7FF5D774A000
unkown
page readonly
289B0FC0000
heap
page read and write
A12F000
stack
page read and write
7FF77AD41000
unkown
page readonly
88C0000
unkown
page read and write
1D07A9B0000
direct allocation
page read and write
7FF5D777A000
unkown
page readonly
7FF5D6BEF000
unkown
page readonly
1C22C6E0000
heap
page read and write
7FF5D77EB000
unkown
page readonly
211CD09F000
heap
page read and write
1C22C4B7000
heap
page read and write
1340000
unkown
page read and write
9AA8000
unkown
page read and write
7FF847770000
unkown
page read and write
224405C0000
heap
page read and write
7FF5D71EA000
unkown
page readonly
7FF5D7404000
unkown
page readonly
C8AD000
unkown
page read and write
A02E000
stack
page read and write
7FF5D71AF000
unkown
page readonly
7AB0000
unkown
page read and write
768E000
unkown
page read and write
2277B110000
heap
page read and write
35C9000
unkown
page read and write
1C22C4D7000
heap
page read and write
22443BF7000
trusted library allocation
page read and write
7FF5D71C4000
unkown
page readonly
8380000
unkown
page read and write
881C000
stack
page read and write
8380000
unkown
page read and write
C483000
unkown
page read and write
A313000
unkown
page read and write
224405F0000
heap
page read and write
AA92000
unkown
page read and write
A391000
unkown
page read and write
7FF5D7206000
unkown
page readonly
C50F000
unkown
page read and write
7B10000
unkown
page read and write
CA23000
unkown
page read and write
103B3000
unkown
page read and write
7FF5D7546000
unkown
page readonly
18FC1F29000
heap
page read and write
289B1057000
heap
page read and write
1C22C4E1000
heap
page read and write
7FF5D75F9000
unkown
page readonly
2277B257000
heap
page read and write
1281000
unkown
page readonly
7FF5D7398000
unkown
page readonly
7FF5D7591000
unkown
page readonly
C89C000
unkown
page read and write
C4BD000
unkown
page read and write
9A92000
unkown
page read and write
7605000
unkown
page read and write
A391000
unkown
page read and write
E10000
unkown
page readonly
1C22C4FD000
heap
page read and write
1100000
unkown
page read and write
7FF5D760E000
unkown
page readonly
C5F4000
unkown
page read and write
49C2000
unkown
page read and write
3520000
unkown
page readonly
C621000
unkown
page read and write
9B41000
unkown
page read and write
940C1FF000
stack
page read and write
8870000
unkown
page readonly
1C22F398000
direct allocation
page read and write
9ADB000
unkown
page read and write
1D079183000
direct allocation
page read and write
A3B6000
unkown
page read and write
3140000
unkown
page read and write
1395000
heap
page read and write
7AF1000
unkown
page read and write
7FF5D728E000
unkown
page readonly
C5F8000
unkown
page read and write
7FF84761C000
unkown
page execute and read and write
7FF5D7795000
unkown
page readonly
7FF5D7292000
unkown
page readonly
4980000
unkown
page read and write
A391000
unkown
page read and write
9D67000
unkown
page read and write
3120000
unkown
page read and write
1140000
unclassified section
page read and write
C61D000
unkown
page read and write
940C877000
stack
page read and write
7FF5D7262000
unkown
page readonly
7FF5D769E000
unkown
page readonly
7FF5D7215000
unkown
page readonly
A286000
unkown
page read and write
4A40000
unkown
page read and write
1C22F3B2000
direct allocation
page read and write
7FF5D7485000
unkown
page readonly
760D000
unkown
page read and write
A3B9000
unkown
page read and write
211CD0C7000
heap
page read and write
7FF5D72BF000
unkown
page readonly
9A80000
unkown
page read and write
7FF5D7075000
unkown
page readonly
C7CB000
unkown
page read and write
7FF5D7360000
unkown
page readonly
C8EB000
unkown
page read and write
3070000
unkown
page read and write
289B2C00000
trusted library allocation
page read and write
1D078F92000
heap
page read and write
7FF5D69BB000
unkown
page readonly
4AC0000
unkown
page read and write
1D078F81000
heap
page read and write
9A90000
unkown
page read and write
105AD000
stack
page read and write
103FB000
unkown
page read and write
760B000
unkown
page read and write
7FF5D7591000
unkown
page readonly
7FF5D76C8000
unkown
page readonly
3021000
unkown
page read and write
F22D000
unkown
page read and write
362D000
unkown
page read and write
10434000
unkown
page read and write
C460000
unkown
page read and write
B980000
unkown
page readonly
1D078F27000
heap
page read and write
1D07AA88000
direct allocation
page read and write
4A12000
unkown
page read and write
7B80000
unkown
page readonly
C450000
unkown
page read and write
3073000
unkown
page read and write
289B75A8000
trusted library allocation
page read and write
7FF5D749B000
unkown
page readonly
C62D000
unkown
page read and write
C605000
unkown
page read and write
7DF4F2460000
unkown
page readonly
1D078F52000
heap
page read and write
C663000
unkown
page read and write
C48B000
unkown
page read and write
211CD0D3000
heap
page read and write
4B00000
unkown
page read and write
7FF5D72D0000
unkown
page readonly
35E4000
unkown
page read and write
22440890000
heap
page execute and read and write
789CDFE000
stack
page read and write
7686000
unkown
page read and write
C605000
unkown
page read and write
35B3000
unkown
page read and write
C8F0000
unkown
page read and write
224406AA000
heap
page read and write
CA27000
unkown
page read and write
7FF5D74B8000
unkown
page readonly
9A8C000
unkown
page read and write
1484CDD0000
heap
page read and write
C977000
unkown
page read and write
7FF5D7799000
unkown
page readonly
224425D1000
trusted library allocation
page read and write
7FF5D7722000
unkown
page readonly
C81C000
unkown
page read and write
7FF5D747F000
unkown
page readonly
C669000
unkown
page read and write
7693000
unkown
page read and write
1000000
heap
page read and write
1D078F65000
heap
page read and write
7FF5D7799000
unkown
page readonly
7FF5D7523000
unkown
page readonly
7FF77ACC1000
unkown
page execute read
362D000
unkown
page read and write
C5F4000
unkown
page read and write
AA0A000
unkown
page read and write
1300000
unkown
page read and write
211CD0BA000
heap
page read and write
7FF5D71F9000
unkown
page readonly
3110000
unkown
page readonly
35C1000
unkown
page read and write
3021000
unkown
page read and write
1731000
unkown
page readonly
AFBE000
stack
page read and write
7FF5D77E3000
unkown
page readonly
49D6000
unkown
page read and write
7FF5D7289000
unkown
page readonly
289B2C10000
heap
page readonly
7FF5D766E000
unkown
page readonly
211CD0BA000
heap
page read and write
35B3000
unkown
page read and write
7FF5D72D3000
unkown
page readonly
8880000
unkown
page readonly
CA78000
unkown
page read and write
7FF5D72DF000
unkown
page readonly
9A76000
unkown
page read and write
7FF5D7027000
unkown
page readonly
9A80000
unkown
page read and write
7FF5D747F000
unkown
page readonly
A2A2000
unkown
page read and write
7FF5D75E9000
unkown
page readonly
1C22C650000
heap
page read and write
211CD050000
heap
page read and write
C93AC3C000
stack
page read and write
C8F7000
unkown
page read and write
9EAE000
stack
page read and write
7637000
unkown
page read and write
289B9DA8000
trusted library allocation
page read and write
7FF5D7230000
unkown
page readonly
7FF5D7289000
unkown
page readonly
7FF5D723C000
unkown
page readonly
211CD0C7000
heap
page read and write
7FF5D77FD000
unkown
page readonly
103FB000
unkown
page read and write
7FF5D7073000
unkown
page readonly
25B5C9E0000
heap
page read and write
C615000
unkown
page read and write
95FD000
stack
page read and write
8F49000
stack
page read and write
13A0000
unkown
page readonly
7FF5D7808000
unkown
page readonly
7DBD000
stack
page read and write
B0E0000
unkown
page readonly
7FF8475D4000
unkown
page read and write
7FF5D71DA000
unkown
page readonly
1D078ED0000
heap
page read and write
7FF5D769E000
unkown
page readonly
3120000
unkown
page read and write
1390000
heap
page read and write
7FF5D75C1000
unkown
page readonly
2A42E000
remote allocation
page execute and read and write
1C22C49B000
heap
page read and write
1D078F65000
heap
page read and write
7FF5D6AB6000
unkown
page readonly
1C22F320000
direct allocation
page read and write
7FF5D777A000
unkown
page readonly
F1FC000
unkown
page read and write
2277B207000
heap
page read and write
7FF5D7604000
unkown
page readonly
940C9FE000
stack
page read and write
C5F0000
unkown
page read and write
1000000
heap
page read and write
7FF5D7700000
unkown
page readonly
5531CFF000
stack
page read and write
7FF5D77DA000
unkown
page readonly
7FF5D71CC000
unkown
page readonly
AA9F000
unkown
page read and write
C625000
unkown
page read and write
A233000
unkown
page read and write
A9E9000
unkown
page read and write
22440860000
trusted library allocation
page read and write
4A44000
unkown
page read and write
7FF5D7691000
unkown
page readonly
7691000
unkown
page read and write
7D3E000
stack
page read and write
89C0000
heap
page read and write
4A71000
unkown
page read and write
760F000
unkown
page read and write
9A84000
unkown
page read and write
102F4000
unkown
page read and write
E54E000
stack
page read and write
7FF5D764F000
unkown
page readonly
289B39A8000
trusted library allocation
page read and write
76F8000
unkown
page read and write
76F8000
unkown
page read and write
8385000
unkown
page read and write
1D078F62000
heap
page read and write
289B6BA8000
trusted library allocation
page read and write
9D42000
unkown
page read and write
7FF5D710B000
unkown
page readonly
3060000
unkown
page read and write
35CD000
unkown
page read and write
7FF5D758D000
unkown
page readonly
7FF5D7641000
unkown
page readonly
7686000
unkown
page read and write
9679000
stack
page read and write
B4D0000
unkown
page readonly
84BB000
stack
page read and write
7FF5D75A6000
unkown
page readonly
7FF5D7452000
unkown
page readonly
112BAFF000
stack
page read and write
9AB4000
unkown
page read and write
7FF5D76AF000
unkown
page readonly
7FF5D772C000
unkown
page readonly
8DCB000
stack
page read and write
7FF5D716B000
unkown
page readonly
C73E000
unkown
page read and write
A9DF000
unkown
page read and write
A9E9000
unkown
page read and write
FF0000
unkown
page readonly
211CCFA0000
heap
page read and write
9B41000
unkown
page read and write
1270000
unkown
page read and write
AA28000
unkown
page read and write
35B0000
unkown
page read and write
35B5000
unkown
page read and write
10434000
unkown
page read and write
1052B000
stack
page read and write
9AAC000
unkown
page read and write
89CA000
heap
page read and write
1380000
heap
page read and write
A40E000
unkown
page read and write
3400000
unkown
page read and write
224406E7000
heap
page read and write
1C22F3B2000
direct allocation
page read and write
A9DF000
unkown
page read and write
7FF5D706E000
unkown
page readonly
1C22C460000
heap
page read and write
7FF5D77C7000
unkown
page readonly
1484C643000
heap
page read and write
1D078F65000
heap
page read and write
2244069E000
heap
page read and write
211CD0FE000
heap
page read and write
1D078F67000
heap
page read and write
103F6000
unkown
page read and write
7B00000
unkown
page readonly
35BD000
unkown
page read and write
C8F4000
unkown
page read and write
289B2D81000
trusted library allocation
page read and write
7FF5D762F000
unkown
page readonly
9AC3000
unkown
page read and write
7DF4F2471000
unkown
page execute read
35F4000
unkown
page read and write
F0C000
heap
page read and write
3290000
unkown
page read and write
1C22C4A6000
heap
page read and write
7FF5D751F000
unkown
page readonly
7FF5D7682000
unkown
page readonly
7FF5D6FCF000
unkown
page readonly
7FF5D7764000
unkown
page readonly
C621000
unkown
page read and write
7FF5D723F000
unkown
page readonly
2277B256000
heap
page read and write
3626000
unkown
page read and write
C605000
unkown
page read and write
8A46000
unkown
page read and write
7FF5D71A6000
unkown
page readonly
9A9E000
unkown
page read and write
A408000
unkown
page read and write
7FF5D770F000
unkown
page readonly
211CCFD0000
heap
page read and write
B8DB000
stack
page read and write
C908000
unkown
page read and write
A39C000
unkown
page read and write
A2D7000
unkown
page read and write
20D31000
unkown
page read and write
7FF5D7309000
unkown
page readonly
1D078FBD000
heap
page read and write
9D42000
unkown
page read and write
7FF5D76D5000
unkown
page readonly
C5F8000
unkown
page read and write
A416000
unkown
page read and write
AA01000
unkown
page read and write
1360000
unkown
page readonly
7FF5D74A6000
unkown
page readonly
7FF5D7752000
unkown
page readonly
4AB0000
unkown
page read and write
8980000
unkown
page read and write
5531BFE000
stack
page read and write
7FF5D7267000
unkown
page readonly
B330000
unkown
page read and write
8CB8000
stack
page read and write
1C22C4B2000
heap
page read and write
7FF5D7760000
unkown
page readonly
289B61A8000
trusted library allocation
page read and write
2277B26F000
heap
page read and write
F234000
unkown
page read and write
7FF5CE33D000
unkown
page readonly
C9E6000
unkown
page read and write
9AF9000
unkown
page read and write
A2B5000
unkown
page read and write
AAA8000
unkown
page read and write
C621000
unkown
page read and write
53E1000
unkown
page read and write
3070000
unkown
page read and write
7FF5D74C3000
unkown
page readonly
7AC0000
unkown
page read and write
289B102E000
heap
page read and write
9FAF000
stack
page read and write
F23C000
unkown
page read and write
7FF5D7784000
unkown
page readonly
7FF5D7272000
unkown
page readonly
7FF8475C3000
unkown
page execute and read and write
35D3000
unkown
page read and write
9FAF000
stack
page read and write
9BAC000
unkown
page read and write
A9FD000
unkown
page read and write
7FF5D77D2000
unkown
page readonly
There are 1742 hidden memdumps, click here to show them.