Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
PAID CA2686+CA2687+CA2688.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\meshuggenah\subpredicate.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\subpredicate.vbs
|
data
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\pyogenesis
|
data
|
dropped
|
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\PAID CA2686+CA2687+CA2688.exe
|
"C:\Users\user\Desktop\PAID CA2686+CA2687+CA2688.exe"
|
|
|
|
C:\Users\user\AppData\Local\meshuggenah\subpredicate.exe
|
"C:\Users\user\Desktop\PAID CA2686+CA2687+CA2688.exe"
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
"C:\Users\user\Desktop\PAID CA2686+CA2687+CA2688.exe"
|
|
|
|
C:\Windows\explorer.exe
|
C:\Windows\Explorer.EXE
|
|
|
|
C:\Windows\SysWOW64\systray.exe
|
"C:\Windows\SysWOW64\systray.exe"
|
|
|
|
C:\Windows\System32\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\subpredicate.vbs"
|
|
|
|
C:\Users\user\AppData\Local\meshuggenah\subpredicate.exe
|
"C:\Users\user\AppData\Local\meshuggenah\subpredicate.exe"
|
|
|
|
C:\Windows\SysWOW64\svchost.exe
|
"C:\Users\user\AppData\Local\meshuggenah\subpredicate.exe"
|
|
|
|
C:\Windows\SysWOW64\msdt.exe
|
"C:\Windows\SysWOW64\msdt.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
/c del "C:\Windows\SysWOW64\svchost.exe"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\SysWOW64\autoconv.exe
|
"C:\Windows\SysWOW64\autoconv.exe"
|
||
|
C:\Windows\SysWOW64\autoconv.exe
|
"C:\Windows\SysWOW64\autoconv.exe"
|
||
|
C:\Windows\SysWOW64\autoconv.exe
|
"C:\Windows\SysWOW64\autoconv.exe"
|
There are 4 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.f6b-crxy.top/cu29/
|
|
||
|
https://aka.ms/odirmr
|
unknown
|
||
|
http://www.olandopaintingllc.online/cu29/
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13f2DV
|
unknown
|
||
|
http://www.3589.photo/cu29/
|
unknown
|
||
|
https://api.msn.com:443/v1/news/Feed/Windows?
|
unknown
|
||
|
http://www.achhonglan.shop
|
unknown
|
||
|
http://www.yzq0n.top
|
unknown
|
||
|
https://excel.office.com
|
unknown
|
||
|
https://www.msn.com/en-us/news/us/a-nationwide-emergency-alert-will-be-sent-to-all-u-s-cellphones-we
|
unknown
|
||
|
http://www.rugsrx.shop/cu29/
|
unknown
|
||
|
https://simpleflying.com/how-do-you-become-an-air-traffic-controller/
|
unknown
|
||
|
http://www.68716329.xyzReferer:
|
unknown
|
||
|
http://www.ealthironcladguarantee.shop
|
unknown
|
||
|
http://www.817715.rest/cu29/
|
unknown
|
||
|
http://www.ovatonica.net
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gTUY
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gHZu-dark
|
unknown
|
||
|
http://www.65fhgejd3.xyz/cu29/
|
unknown
|
||
|
http://www.ovatonica.net/cu29/
|
unknown
|
||
|
https://activity.windows.com/UserActivity.ReadWrite.CreatedByAppcrobat.exe
|
unknown
|
||
|
http://www.ependableequipment.online
|
unknown
|
||
|
http://www.ovatonica.netReferer:
|
unknown
|
||
|
https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Condition/AAehR3S.svg
|
unknown
|
||
|
http://www.eb777.club/cu29/www.ealthironcladguarantee.shop
|
unknown
|
||
|
http://www.autoitscript.com/autoit3/J
|
unknown
|
||
|
https://wns.windows.com/L
|
unknown
|
||
|
http://www.65fhgejd3.xyz/cu29/www.yzq0n.top
|
unknown
|
||
|
https://word.office.com
|
unknown
|
||
|
http://www.ependableequipment.online/cu29/www.qidr.shop
|
unknown
|
||
|
http://www.olandopaintingllc.online
|
unknown
|
||
|
https://assets.msn.com/weathermapdata/1/static/finance/1stparty/FinanceTaskbarIcons/Finance_Earnings
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gHZu
|
unknown
|
||
|
http://www.qidr.shop/cu29/
|
unknown
|
||
|
https://www.msn.com/en-us/weather/topstories/us-weather-super-el-nino-to-bring-more-flooding-and-win
|
unknown
|
||
|
http://www.3589.photo
|
unknown
|
||
|
https://windows.msn.com:443/shell?osLocale=en-GB&chosenMarketReason=ImplicitNew
|
unknown
|
||
|
http://www.upremehomes.shop/cu29/www.817715.rest
|
unknown
|
||
|
http://www.upremehomes.shopReferer:
|
unknown
|
||
|
https://www.msn.com/en-us/news/politics/clarence-thomas-in-spotlight-as-supreme-court-delivers-blow-
|
unknown
|
||
|
http://www.65fhgejd3.xyzReferer:
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMeu
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gTUY-dark
|
unknown
|
||
|
https://www.rd.com/list/polite-habits-campers-dislike/
|
unknown
|
||
|
http://www.olandopaintingllc.onlineReferer:
|
unknown
|
||
|
https://android.notify.windows.com/iOS
|
unknown
|
||
|
http://www.ealthironcladguarantee.shop/cu29/www.65fhgejd3.xyz
|
unknown
|
||
|
https://img.s-msn.com/tenant/amp/entityid/AAbC0oi.img
|
unknown
|
||
|
https://outlook.com_
|
unknown
|
||
|
http://www.f6b-crxy.top/cu29/
|
unknown
|
||
|
https://www.rd.com/newsletter/?int_source=direct&int_medium=rd.com&int_campaign=nlrda_20221001_toppe
|
unknown
|
||
|
https://www.msn.com/en-us/news/world/agostini-krausz-and-l-huillier-win-physics-nobel-for-looking-at
|
unknown
|
||
|
http://www.srtio.xyz
|
unknown
|
||
|
http://www.upremehomes.shop/cu29/
|
unknown
|
||
|
http://www.68716329.xyz/cu29/www.rugsrx.shop
|
unknown
|
||
|
http://www.ealthironcladguarantee.shopReferer:
|
unknown
|
||
|
https://www.msn.com/en-us/news/us/when-does-daylight-saving-time-end-2023-here-s-when-to-set-your-cl
|
unknown
|
||
|
https://powerpoint.office.comcember
|
unknown
|
||
|
http://www.f6b-crxy.top
|
unknown
|
||
|
https://www.msn.com/en-us/money/personalfinance/no-wonder-the-american-public-is-confused-if-you-re-
|
unknown
|
||
|
http://www.upremehomes.shop
|
unknown
|
||
|
http://www.ependableequipment.online/cu29/
|
unknown
|
||
|
http://www.srtio.xyz/cu29/www.upremehomes.shop
|
unknown
|
||
|
http://schemas.micro
|
unknown
|
||
|
http://www.eb777.club
|
unknown
|
||
|
http://www.817715.rest
|
unknown
|
||
|
http://www.ependableequipment.onlineReferer:
|
unknown
|
||
|
http://www.3589.photo/cu29/www.eb777.club
|
unknown
|
||
|
http://www.68716329.xyz/cu29/
|
unknown
|
||
|
http://www.817715.restReferer:
|
unknown
|
||
|
https://windows.msn.com:443/shellv2?osLocale=en-GB&chosenMarketReason=ImplicitNew
|
unknown
|
||
|
http://www.65fhgejd3.xyz
|
unknown
|
||
|
https://www.msn.com/en-us/lifestyle/travel/i-ve-worked-at-a-campsite-for-5-years-these-are-the-15-mi
|
unknown
|
||
|
https://api.msn.com/q
|
unknown
|
||
|
http://www.f6b-crxy.top/cu29/www.3589.photo
|
unknown
|
||
|
http://www.rugsrx.shop
|
unknown
|
||
|
https://api.msn.com/v1/news/Feed/Windows?activityId=0CC40BF291614022B7DF6E2143E8A6AF&timeOut=5000&oc
|
unknown
|
||
|
https://www.msn.com/en-us/lifestyle/lifestyle-buzz/biden-makes-decision-that-will-impact-more-than-1
|
unknown
|
||
|
http://www.achhonglan.shop/cu29/
|
unknown
|
||
|
https://assets.msn.com/staticsb/statics/latest/traffic/Notification/desktop/svg/RoadHazard.svg
|
unknown
|
||
|
https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMeu-dark
|
unknown
|
||
|
https://www.msn.com/en-us/money/personalfinance/13-states-that-don-t-tax-your-retirement-income/ar-A
|
unknown
|
||
|
http://www.68716329.xyz
|
unknown
|
||
|
http://www.eb777.club/cu29/
|
unknown
|
||
|
http://www.qidr.shopReferer:
|
unknown
|
||
|
http://www.achhonglan.shopReferer:
|
unknown
|
||
|
http://www.rugsrx.shop/cu29/www.srtio.xyz
|
unknown
|
||
|
http://www.rugsrx.shopReferer:
|
unknown
|
||
|
http://www.eb777.clubReferer:
|
unknown
|
||
|
http://www.f6b-crxy.topReferer:
|
unknown
|
||
|
http://www.ovatonica.net/cu29/www.achhonglan.shop
|
unknown
|
||
|
https://www.msn.com/en-us/news/topic/breast%20cancer%20awareness%20month?ocid=winp1headerevent
|
unknown
|
||
|
http://www.yzq0n.topReferer:
|
unknown
|
||
|
http://www.3589.photoReferer:
|
unknown
|
||
|
http://www.ealthironcladguarantee.shop/cu29/
|
unknown
|
||
|
http://www.qidr.shop/cu29/www.ovatonica.net
|
unknown
|
||
|
http://www.srtio.xyzReferer:
|
unknown
|
||
|
https://aka.ms/Vh5j3k
|
unknown
|
||
|
https://api.msn.com/v1/news/Feed/Windows?&
|
unknown
|
||
|
https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Teaser/humidity.svg
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
www.eb777.club
|
unknown
|
|
|
|
www.ependableequipment.online
|
unknown
|
|
|
|
www.ovatonica.net
|
unknown
|
|
|
|
www.f6b-crxy.top
|
unknown
|
|
|
|
www.olandopaintingllc.online
|
unknown
|
|
|
|
www.65fhgejd3.xyz
|
unknown
|
|
|
|
www.qidr.shop
|
unknown
|
|
|
|
www.ealthironcladguarantee.shop
|
unknown
|
|
|
|
www.3589.photo
|
unknown
|
|
|
|
www.achhonglan.shop
|
unknown
|
|
|
|
www.68716329.xyz
|
unknown
|
|
|
|
www.yzq0n.top
|
unknown
|
|
There are 2 hidden domains, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
unknown
|
Classes
|
|
|
|
unknown
|
~reserved~
|
|
|
|
unknown
|
Classes
|
|
|
|
unknown
|
~reserved~
|
|
|
|
unknown
|
Classes
|
|
|
|
unknown
|
~reserved~
|
|
|
|
unknown
|
Classes
|
|
|
|
unknown
|
~reserved~
|
|
|
|
unknown
|
Classes
|
|
|
|
unknown
|
~reserved~
|
|
|
|
unknown
|
Classes
|
|
|
|
unknown
|
~reserved~
|
|
|
|
unknown
|
Classes
|
|
|
|
unknown
|
~reserved~
|
|
|
|
unknown
|
Unpacker
|
|
|
|
unknown
|
Classes
|
|
|
|
unknown
|
~reserved~
|
|
|
|
unknown
|
Classes
|
|
|
|
unknown
|
~reserved~
|
|
|
|
unknown
|
Classes
|
|
|
|
unknown
|
~reserved~
|
|
|
|
unknown
|
Classes
|
|
|
|
unknown
|
~reserved~
|
|
|
|
unknown
|
Classes
|
|
|
|
unknown
|
~reserved~
|
|
|
|
unknown
|
LastUpdate
|
|
|
|
unknown
|
SlowContextMenuEntries
|
|
|
|
unknown
|
SlowContextMenuEntries
|
|
|
|
unknown
|
SlowContextMenuEntries
|
|
|
|
unknown
|
LastUpdate
|
|
|
|
unknown
|
SlowContextMenuEntries
|
|
|
|
unknown
|
SlowContextMenuEntries
|
|
|
|
unknown
|
SlowContextMenuEntries
|
|
|
|
unknown
|
LastUpdate
|
|
|
|
unknown
|
SlowContextMenuEntries
|
|
|
|
unknown
|
LastUpdate
|
|
|
|
unknown
|
SlowContextMenuEntries
|
|
|
|
unknown
|
SlowContextMenuEntries
|
|
|
|
unknown
|
LastUpdate
|
|
|
|
unknown
|
LastUpdate
|
|
|
|
unknown
|
LastUpdate
|
|
|
|
unknown
|
LastUpdate
|
|
|
|
unknown
|
SlowContextMenuEntries
|
|
|
|
unknown
|
SlowContextMenuEntries
|
|
|
|
unknown
|
LastUpdate
|
|
|
|
unknown
|
WMP11.AssocFile.3G2
|
|
|
|
unknown
|
WMP11.AssocFile.3GP
|
|
|
|
unknown
|
WMP11.AssocFile.3G2
|
|
|
|
unknown
|
WMP11.AssocFile.3GP
|
|
|
|
unknown
|
WMP11.AssocFile.ADTS
|
|
|
|
unknown
|
WMP11.AssocFile.ADTS
|
|
|
|
unknown
|
WMP11.AssocFile.AIFF
|
|
|
|
unknown
|
WMP11.AssocFile.AIFF
|
|
|
|
unknown
|
WMP11.AssocFile.ASF
|
|
|
|
unknown
|
WMP11.AssocFile.ASX
|
|
|
|
unknown
|
WMP11.AssocFile.AU
|
|
|
|
unknown
|
AutoIt3Script
|
|
|
|
unknown
|
WMP11.AssocFile.AVI
|
|
|
|
unknown
|
Paint.Picture
|
|
|
|
unknown
|
CABFolder
|
|
|
|
unknown
|
Microsoft.PowerShellCmdletDefinitionXML.1
|
|
|
|
unknown
|
CSSfile
|
|
|
|
unknown
|
Excel.CSV
|
|
|
|
unknown
|
ddsfile
|
|
|
|
unknown
|
Paint.Picture
|
|
|
|
unknown
|
dllfile
|
|
|
|
unknown
|
Word.Document.8
|
|
|
|
unknown
|
Word.DocumentMacroEnabled.12
|
|
|
|
unknown
|
Word.Document.12
|
|
|
|
unknown
|
Word.Template.8
|
|
|
|
unknown
|
Word.TemplateMacroEnabled.12
|
|
|
|
unknown
|
Word.Template.12
|
|
|
|
unknown
|
emffile
|
|
|
|
unknown
|
exefile
|
|
|
|
unknown
|
WMP11.AssocFile.FLAC
|
|
|
|
unknown
|
fonfile
|
|
|
|
unknown
|
giffile
|
|
|
|
unknown
|
htmlfile
|
|
|
|
unknown
|
icofile
|
|
|
|
unknown
|
inffile
|
|
|
|
unknown
|
inifile
|
|
|
|
unknown
|
pjpegfile
|
|
|
|
unknown
|
jpegfile
|
|
|
|
unknown
|
wdpfile
|
|
|
|
unknown
|
lnkfile
|
|
|
|
unknown
|
WMP11.AssocFile.MPEG
|
|
|
|
unknown
|
WMP11.AssocFile.M2TS
|
|
|
|
unknown
|
WMP11.AssocFile.MPEG
|
|
|
|
unknown
|
WMP11.AssocFile.m3u
|
|
|
|
unknown
|
WMP11.AssocFile.M4A
|
|
|
|
unknown
|
WMP11.AssocFile.MP4
|
|
|
|
unknown
|
mhtmlfile
|
|
|
|
unknown
|
mhtmlfile
|
|
|
|
unknown
|
WMP11.AssocFile.MIDI
|
|
|
|
unknown
|
WMP11.AssocFile.MK3D
|
|
|
|
unknown
|
WMP11.AssocFile.MKA
|
|
|
|
unknown
|
WMP11.AssocFile.MKV
|
|
|
|
unknown
|
WMP11.AssocFile.MOV
|
|
|
|
unknown
|
WMP11.AssocFile.MP3
|
|
|
|
unknown
|
WMP11.AssocFile.MPEG
|
|
|
|
unknown
|
WMP11.AssocFile.MP3
|
|
|
|
unknown
|
WMP11.AssocFile.MP4
|
|
|
|
unknown
|
WMP11.AssocFile.MPEG
|
|
|
|
unknown
|
WMP11.AssocFile.MPEG
|
|
|
|
unknown
|
Outlook.File.msg.15
|
|
|
|
unknown
|
WMP11.AssocFile.M2TS
|
|
|
|
unknown
|
ocxfile
|
|
|
|
unknown
|
PowerPoint.OpenDocumentPresentation.12
|
|
|
|
unknown
|
Excel.OpenDocumentSpreadsheet.12
|
|
|
|
unknown
|
Word.OpenDocumentText.12
|
|
|
|
unknown
|
otffile
|
|
|
|
unknown
|
pngfile
|
|
|
|
unknown
|
PowerPoint.Template.8
|
|
|
|
unknown
|
PowerPoint.TemplateMacroEnabled.12
|
|
|
|
unknown
|
PowerPoint.Template.12
|
|
|
|
unknown
|
PowerPoint.Addin.12
|
|
|
|
unknown
|
PowerPoint.SlideShowMacroEnabled.12
|
|
|
|
unknown
|
PowerPoint.SlideShow.12
|
|
|
|
unknown
|
PowerPoint.Show.8
|
|
|
|
unknown
|
PowerPoint.ShowMacroEnabled.12
|
|
|
|
unknown
|
PowerPoint.Show.12
|
|
|
|
unknown
|
Microsoft.PowerShellScript.1
|
|
|
|
unknown
|
Microsoft.PowerShellXMLData.1
|
|
|
|
unknown
|
Microsoft.PowerShellData.1
|
|
|
|
unknown
|
Microsoft.PowerShellModule.1
|
|
|
|
unknown
|
Microsoft.PowerShellSessionConfiguration.1
|
|
|
|
unknown
|
rlefile
|
|
|
|
unknown
|
WMP11.AssocFile.MIDI
|
|
|
|
unknown
|
Word.RTF.8
|
|
|
|
unknown
|
SHCmdFile
|
|
|
|
unknown
|
SearchFolder
|
|
|
|
unknown
|
shtmlfile
|
|
|
|
unknown
|
PowerPoint.SlideMacroEnabled.12
|
|
|
|
unknown
|
PowerPoint.Slide.12
|
|
|
|
unknown
|
WMP11.AssocFile.AU
|
|
|
|
unknown
|
sysfile
|
|
|
|
unknown
|
TIFImage.Document
|
|
|
|
unknown
|
TIFImage.Document
|
|
|
|
unknown
|
WMP11.AssocFile.TTS
|
|
|
|
unknown
|
ttcfile
|
|
|
|
unknown
|
ttffile
|
|
|
|
unknown
|
WMP11.AssocFile.TTS
|
|
|
|
unknown
|
txtfile
|
|
|
|
unknown
|
bootstrap.vsto.1
|
|
|
|
unknown
|
WMP11.AssocFile.WAV
|
|
|
|
unknown
|
WMP11.AssocFile.WAX
|
|
|
|
unknown
|
wdpfile
|
|
|
|
unknown
|
WMP11.AssocFile.ASF
|
|
|
|
unknown
|
WMP11.AssocFile.WMA
|
|
|
|
unknown
|
wmffile
|
|
|
|
unknown
|
WMP11.AssocFile.WMV
|
|
|
|
unknown
|
WMP11.AssocFile.ASX
|
|
|
|
unknown
|
WMP11.AssocFile.WPL
|
|
|
|
unknown
|
WMP11.AssocFile.WVX
|
|
|
|
unknown
|
Excel.AddInMacroEnabled
|
|
|
|
unknown
|
Excel.Sheet.8
|
|
|
|
unknown
|
Excel.SheetBinaryMacroEnabled.12
|
|
|
|
unknown
|
Excel.SheetMacroEnabled.12
|
|
|
|
unknown
|
Excel.Sheet.12
|
|
|
|
unknown
|
Excel.Template.8
|
|
|
|
unknown
|
Excel.TemplateMacroEnabled
|
|
|
|
unknown
|
Excel.Template
|
|
|
|
unknown
|
xmlfile
|
|
|
|
unknown
|
xslfile
|
|
|
|
unknown
|
LastUpdate
|
|
|
|
unknown
|
SlowContextMenuEntries
|
|
|
|
unknown
|
SlowContextMenuEntries
|
|
|
|
unknown
|
LastUpdate
|
|
|
|
unknown
|
SlowContextMenuEntries
|
|
|
|
unknown
|
SlowContextMenuEntries
|
|
|
|
unknown
|
LastUpdate
|
|
|
|
unknown
|
LastUpdate
|
|
|
|
unknown
|
LastUpdate
|
|
|
|
unknown
|
LastUpdate
|
|
|
|
unknown
|
LastUpdate
|
|
|
|
unknown
|
LastUpdate
|
|
|
|
unknown
|
LastUpdate
|
|
|
|
unknown
|
LastUpdate
|
|
|
|
unknown
|
LastUpdate
|
|
|
|
unknown
|
LastUpdate
|
|
|
|
unknown
|
LastUpdate
|
|
|
|
unknown
|
LastUpdate
|
|
|
|
unknown
|
LastUpdate
|
|
|
|
unknown
|
SlowContextMenuEntries
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
Zvpebfbsg.Jvaqbjf.Furyy.EhaQvnybt
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vbs\OpenWithProgids
|
VBSFile
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\MuiCache\24\417C44EB
|
@C:\Windows\System32\wshext.dll,-4511
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
{1NP14R77-02R7-4R5Q-O744-2RO1NR5198O7}\JFpevcg.rkr
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
|
a
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
|
MRUList
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vbs\OpenWithList
|
a
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vbs\OpenWithList
|
MRUList
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
Classes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Discardable\PostSetup\ShellNew
|
~reserved~
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
HRZR_PGYFRFFVBA
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
Zvpebfbsg.Jvaqbjf.Furyy.EhaQvnybt
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
HRZR_PGYFRFFVBA
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer
|
SlowContextMenuEntries
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
|
HRZR_PGYFRFFVBA
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Security and Maintenance\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102
|
CheckSetting
|
There are 215 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2CA0000
|
direct allocation
|
page read and write
|
|
|
|
3A40000
|
unclassified section
|
page execute and read and write
|
|
|
|
4BF0000
|
trusted library allocation
|
page read and write
|
|
|
|
3840000
|
unclassified section
|
page execute and read and write
|
|
|
|
3B00000
|
direct allocation
|
page read and write
|
|
|
|
31C0000
|
unclassified section
|
page execute and read and write
|
|
|
|
3870000
|
unclassified section
|
page execute and read and write
|
|
|
|
2830000
|
system
|
page execute and read and write
|
|
|
|
31B0000
|
unclassified section
|
page execute and read and write
|
|
|
|
2D80000
|
system
|
page execute and read and write
|
|
|
|
400000
|
system
|
page execute and read and write
|
|
|
|
400000
|
system
|
page execute and read and write
|
|
|
|
8860000
|
unkown
|
page read and write
|
||
|
4F10000
|
trusted library allocation
|
page read and write
|
||
|
7D53000
|
unkown
|
page read and write
|
||
|
A19F000
|
stack
|
page read and write
|
||
|
FDE4000
|
unkown
|
page read and write
|
||
|
7FF5EDA11000
|
unkown
|
page readonly
|
||
|
7FF5EDA0B000
|
unkown
|
page readonly
|
||
|
AB60000
|
unkown
|
page read and write
|
||
|
318D000
|
stack
|
page read and write
|
||
|
A50B000
|
unkown
|
page read and write
|
||
|
4D60000
|
trusted library allocation
|
page read and write
|
||
|
8B60000
|
unkown
|
page readonly
|
||
|
4C20000
|
trusted library allocation
|
page execute and read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
44F1000
|
heap
|
page read and write
|
||
|
4659000
|
direct allocation
|
page read and write
|
||
|
31E4000
|
heap
|
page read and write
|
||
|
289B000
|
heap
|
page read and write
|
||
|
A39B000
|
unkown
|
page read and write
|
||
|
7FF5ED534000
|
unkown
|
page readonly
|
||
|
465D000
|
direct allocation
|
page read and write
|
||
|
118AA000
|
system
|
page execute and read and write
|
||
|
1095000
|
stack
|
page read and write
|
||
|
7FF5ED679000
|
unkown
|
page readonly
|
||
|
7867000
|
unkown
|
page read and write
|
||
|
AA8000
|
heap
|
page read and write
|
||
|
7695000
|
stack
|
page read and write
|
||
|
7FF5ED9ED000
|
unkown
|
page readonly
|
||
|
C6CF000
|
unkown
|
page read and write
|
||
|
BDA0000
|
unkown
|
page readonly
|
||
|
B140000
|
unkown
|
page readonly
|
||
|
7FF5ED9CA000
|
unkown
|
page readonly
|
||
|
B60000
|
heap
|
page read and write
|
||
|
B6A0000
|
heap
|
page read and write
|
||
|
7FF5ED956000
|
unkown
|
page readonly
|
||
|
3CD1000
|
direct allocation
|
page execute and read and write
|
||
|
46CE000
|
direct allocation
|
page read and write
|
||
|
B6A0000
|
heap
|
page read and write
|
||
|
22532F93000
|
heap
|
page read and write
|
||
|
4BDC000
|
unkown
|
page read and write
|
||
|
5292000
|
direct allocation
|
page execute and read and write
|
||
|
78A0000
|
unkown
|
page read and write
|
||
|
7FF5ED93B000
|
unkown
|
page readonly
|
||
|
7FF5ED755000
|
unkown
|
page readonly
|
||
|
C52C000
|
unkown
|
page read and write
|
||
|
3417000
|
heap
|
page read and write
|
||
|
3FCD000
|
heap
|
page read and write
|
||
|
9871000
|
unkown
|
page read and write
|
||
|
CA63000
|
unkown
|
page read and write
|
||
|
7695000
|
stack
|
page read and write
|
||
|
4AE0000
|
heap
|
page read and write
|
||
|
7FF5ED337000
|
unkown
|
page readonly
|
||
|
C9DE000
|
unkown
|
page read and write
|
||
|
A21E000
|
stack
|
page read and write
|
||
|
7863000
|
unkown
|
page read and write
|
||
|
C6E3000
|
unkown
|
page read and write
|
||
|
7FF5ED445000
|
unkown
|
page readonly
|
||
|
9A5B000
|
unkown
|
page read and write
|
||
|
96E000
|
stack
|
page read and write
|
||
|
9873000
|
unkown
|
page read and write
|
||
|
7FF5ED4FD000
|
unkown
|
page readonly
|
||
|
A3D4000
|
unkown
|
page read and write
|
||
|
C893000
|
unkown
|
page read and write
|
||
|
3800000
|
unkown
|
page readonly
|
||
|
7FF5ED39E000
|
unkown
|
page readonly
|
||
|
786B000
|
unkown
|
page read and write
|
||
|
35D0000
|
unkown
|
page read and write
|
||
|
3A29000
|
heap
|
page read and write
|
||
|
7FF5ED9A6000
|
unkown
|
page readonly
|
||
|
7FF5ED7E0000
|
unkown
|
page readonly
|
||
|
31FE000
|
stack
|
page read and write
|
||
|
3213000
|
heap
|
page read and write
|
||
|
E91C000
|
stack
|
page read and write
|
||
|
7FF5ED62F000
|
unkown
|
page readonly
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
C544000
|
unkown
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
3390000
|
heap
|
page read and write
|
||
|
923E000
|
stack
|
page read and write
|
||
|
9FE000
|
stack
|
page read and write
|
||
|
8D37000
|
unkown
|
page read and write
|
||
|
4B56000
|
unkown
|
page read and write
|
||
|
BDA0000
|
unkown
|
page readonly
|
||
|
3F67000
|
heap
|
page read and write
|
||
|
7FF5ED52F000
|
unkown
|
page readonly
|
||
|
A7A000
|
heap
|
page read and write
|
||
|
2A40000
|
heap
|
page read and write
|
||
|
C9FF000
|
unkown
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
7FF5ED87D000
|
unkown
|
page readonly
|
||
|
7F2E000
|
stack
|
page read and write
|
||
|
A433000
|
unkown
|
page read and write
|
||
|
B640000
|
unkown
|
page read and write
|
||
|
482000
|
unkown
|
page readonly
|
||
|
7FF5ED803000
|
unkown
|
page readonly
|
||
|
1210000
|
unkown
|
page readonly
|
||
|
3823000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
C6D8000
|
unkown
|
page read and write
|
||
|
FDD1000
|
unkown
|
page read and write
|
||
|
2A44000
|
heap
|
page read and write
|
||
|
C700000
|
unkown
|
page read and write
|
||
|
4769000
|
direct allocation
|
page read and write
|
||
|
9885000
|
unkown
|
page read and write
|
||
|
7DF4F3030000
|
unkown
|
page readonly
|
||
|
4C34000
|
unkown
|
page read and write
|
||
|
C10A000
|
stack
|
page read and write
|
||
|
7FF5EDA31000
|
unkown
|
page readonly
|
||
|
7FF5ED7DB000
|
unkown
|
page readonly
|
||
|
63000
|
system
|
page execute and read and write
|
||
|
AADB000
|
unkown
|
page read and write
|
||
|
3E01000
|
heap
|
page read and write
|
||
|
9660000
|
unkown
|
page read and write
|
||
|
7FF5ED800000
|
unkown
|
page readonly
|
||
|
7847000
|
unkown
|
page read and write
|
||
|
9871000
|
unkown
|
page read and write
|
||
|
3800000
|
unkown
|
page readonly
|
||
|
4580000
|
direct allocation
|
page read and write
|
||
|
7FF5ED7E0000
|
unkown
|
page readonly
|
||
|
4D60000
|
trusted library allocation
|
page read and write
|
||
|
FF10000
|
heap
|
page read and write
|
||
|
3C29000
|
direct allocation
|
page execute and read and write
|
||
|
7FF5EDA53000
|
unkown
|
page readonly
|
||
|
289B000
|
heap
|
page read and write
|
||
|
5221000
|
direct allocation
|
page execute and read and write
|
||
|
8D37000
|
unkown
|
page read and write
|
||
|
987B000
|
unkown
|
page read and write
|
||
|
4181000
|
heap
|
page read and write
|
||
|
A29E000
|
stack
|
page read and write
|
||
|
11741000
|
system
|
page execute and read and write
|
||
|
7FF5ED937000
|
unkown
|
page readonly
|
||
|
7FF5ED41C000
|
unkown
|
page readonly
|
||
|
CA9B000
|
unkown
|
page read and write
|
||
|
4BE0000
|
heap
|
page read and write
|
||
|
B2F8000
|
unkown
|
page read and write
|
||
|
22532F91000
|
heap
|
page read and write
|
||
|
33B9000
|
stack
|
page read and write
|
||
|
B2E6000
|
unkown
|
page read and write
|
||
|
37D2000
|
unkown
|
page read and write
|
||
|
8710000
|
unkown
|
page readonly
|
||
|
B90000
|
heap
|
page read and write
|
||
|
3B00000
|
direct allocation
|
page execute and read and write
|
||
|
7FF5ED295000
|
unkown
|
page readonly
|
||
|
1230000
|
unkown
|
page read and write
|
||
|
A3E000
|
stack
|
page read and write
|
||
|
3E92000
|
heap
|
page read and write
|
||
|
A491000
|
unkown
|
page read and write
|
||
|
AAF6000
|
unkown
|
page read and write
|
||
|
CBA0000
|
unkown
|
page read and write
|
||
|
A433000
|
unkown
|
page read and write
|
||
|
7FF5ED5C1000
|
unkown
|
page readonly
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
FDA0000
|
unkown
|
page read and write
|
||
|
B30A000
|
unkown
|
page read and write
|
||
|
7FF5ED3CE000
|
unkown
|
page readonly
|
||
|
4CC0000
|
unkown
|
page read and write
|
||
|
3213000
|
heap
|
page read and write
|
||
|
2ED0000
|
heap
|
page read and write
|
||
|
1200000
|
unkown
|
page readonly
|
||
|
FDDD000
|
unkown
|
page read and write
|
||
|
379E000
|
unkown
|
page read and write
|
||
|
9F1E000
|
stack
|
page read and write
|
||
|
9877000
|
unkown
|
page read and write
|
||
|
476D000
|
direct allocation
|
page read and write
|
||
|
785F000
|
unkown
|
page read and write
|
||
|
7FF5ED695000
|
unkown
|
page readonly
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
46D1000
|
heap
|
page read and write
|
||
|
89F000
|
stack
|
page read and write
|
||
|
C54A000
|
unkown
|
page read and write
|
||
|
31E4000
|
heap
|
page read and write
|
||
|
3F66000
|
heap
|
page execute and read and write
|
||
|
47DE000
|
direct allocation
|
page read and write
|
||
|
7FF5ED3A7000
|
unkown
|
page readonly
|
||
|
A494000
|
unkown
|
page read and write
|
||
|
3756000
|
unkown
|
page read and write
|
||
|
3417000
|
heap
|
page read and write
|
||
|
3FD4000
|
heap
|
page read and write
|
||
|
A4AE000
|
unkown
|
page read and write
|
||
|
FF1A000
|
heap
|
page read and write
|
||
|
7FF5ED7C4000
|
unkown
|
page readonly
|
||
|
31E4000
|
heap
|
page read and write
|
||
|
3A6F000
|
stack
|
page read and write
|
||
|
3F50000
|
unclassified section
|
page execute and read and write
|
||
|
4640000
|
direct allocation
|
page read and write
|
||
|
3C2D000
|
direct allocation
|
page execute and read and write
|
||
|
BAF9000
|
stack
|
page read and write
|
||
|
7B80000
|
unkown
|
page read and write
|
||
|
9885000
|
unkown
|
page read and write
|
||
|
7FF5ED9F2000
|
unkown
|
page readonly
|
||
|
37A8000
|
unkown
|
page read and write
|
||
|
9798000
|
unkown
|
page read and write
|
||
|
A4B8000
|
unkown
|
page read and write
|
||
|
9881000
|
unkown
|
page read and write
|
||
|
CB80000
|
unkown
|
page read and write
|
||
|
C6C1000
|
unkown
|
page read and write
|
||
|
3902000
|
unclassified section
|
page execute and read and write
|
||
|
30F0000
|
heap
|
page read and write
|
||
|
C6BF000
|
unkown
|
page read and write
|
||
|
7FF5ED7CF000
|
unkown
|
page readonly
|
||
|
7FF5ED7C4000
|
unkown
|
page readonly
|
||
|
7863000
|
unkown
|
page read and write
|
||
|
7FF5ED503000
|
unkown
|
page readonly
|
||
|
7D00000
|
unkown
|
page readonly
|
||
|
4B90000
|
unkown
|
page read and write
|
||
|
AB5E000
|
unkown
|
page read and write
|
||
|
A4AE000
|
unkown
|
page read and write
|
||
|
C92D000
|
unkown
|
page read and write
|
||
|
C52C000
|
unkown
|
page read and write
|
||
|
9873000
|
unkown
|
page read and write
|
||
|
7FF5ED76D000
|
unkown
|
page readonly
|
||
|
A323000
|
unkown
|
page read and write
|
||
|
896B000
|
stack
|
page read and write
|
||
|
7D40000
|
unkown
|
page read and write
|
||
|
3D46000
|
heap
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
7FF5ED426000
|
unkown
|
page readonly
|
||
|
CACA000
|
unkown
|
page read and write
|
||
|
4769000
|
direct allocation
|
page read and write
|
||
|
C512000
|
unkown
|
page read and write
|
||
|
399E000
|
heap
|
page read and write
|
||
|
CAE7000
|
unkown
|
page read and write
|
||
|
B650000
|
unkown
|
page read and write
|
||
|
AB4C000
|
unkown
|
page read and write
|
||
|
CAE0000
|
unkown
|
page read and write
|
||
|
22532F8C000
|
heap
|
page read and write
|
||
|
920000
|
heap
|
page read and write
|
||
|
AB4C000
|
unkown
|
page read and write
|
||
|
7FF5ED980000
|
unkown
|
page readonly
|
||
|
7FF5ED4B0000
|
unkown
|
page readonly
|
||
|
C811000
|
unkown
|
page read and write
|
||
|
CA08000
|
unkown
|
page read and write
|
||
|
97D4000
|
unkown
|
page read and write
|
||
|
7884000
|
unkown
|
page read and write
|
||
|
E99A000
|
stack
|
page read and write
|
||
|
49B0000
|
heap
|
page read and write
|
||
|
2E53000
|
direct allocation
|
page read and write
|
||
|
36D3000
|
stack
|
page read and write
|
||
|
7C90000
|
unkown
|
page read and write
|
||
|
7FF5ED556000
|
unkown
|
page readonly
|
||
|
B6A000
|
heap
|
page read and write
|
||
|
7FF5ED1BC000
|
unkown
|
page readonly
|
||
|
7FF5ED43A000
|
unkown
|
page readonly
|
||
|
B5AE000
|
stack
|
page read and write
|
||
|
507D000
|
direct allocation
|
page execute and read and write
|
||
|
B2FC000
|
unkown
|
page read and write
|
||
|
7FF5ED3D6000
|
unkown
|
page readonly
|
||
|
3D1D000
|
heap
|
page read and write
|
||
|
7FF5ED68F000
|
unkown
|
page readonly
|
||
|
9875000
|
unkown
|
page read and write
|
||
|
2E53000
|
direct allocation
|
page read and write
|
||
|
9798000
|
unkown
|
page read and write
|
||
|
BD1D000
|
stack
|
page read and write
|
||
|
AB09000
|
unkown
|
page read and write
|
||
|
CA7C000
|
unkown
|
page read and write
|
||
|
B10000
|
direct allocation
|
page read and write
|
||
|
4B50000
|
unkown
|
page read and write
|
||
|
C50A000
|
unkown
|
page read and write
|
||
|
7FF5ED507000
|
unkown
|
page readonly
|
||
|
C9AE000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
B8B0000
|
unkown
|
page read and write
|
||
|
7FF5ED26E000
|
unkown
|
page readonly
|
||
|
7FF5ED65C000
|
unkown
|
page readonly
|
||
|
3200000
|
heap
|
page read and write
|
||
|
A391000
|
unkown
|
page read and write
|
||
|
7FF5ED8B4000
|
unkown
|
page readonly
|
||
|
7FF5ED942000
|
unkown
|
page readonly
|
||
|
97D4000
|
unkown
|
page read and write
|
||
|
4640000
|
direct allocation
|
page read and write
|
||
|
AF8D000
|
stack
|
page read and write
|
||
|
3758000
|
unkown
|
page read and write
|
||
|
CA20000
|
unkown
|
page read and write
|
||
|
3CF6000
|
heap
|
page read and write
|
||
|
9893000
|
unkown
|
page read and write
|
||
|
CB6E000
|
unkown
|
page read and write
|
||
|
7FF5ED476000
|
unkown
|
page readonly
|
||
|
7FF5ED6A5000
|
unkown
|
page readonly
|
||
|
3213000
|
heap
|
page read and write
|
||
|
8DA0000
|
unkown
|
page read and write
|
||
|
44F0000
|
heap
|
page read and write
|
||
|
7FF5ED980000
|
unkown
|
page readonly
|
||
|
AA90000
|
unkown
|
page read and write
|
||
|
2D30000
|
direct allocation
|
page read and write
|
||
|
A19F000
|
stack
|
page read and write
|
||
|
7FF5ED7F1000
|
unkown
|
page readonly
|
||
|
7FF5ED2A9000
|
unkown
|
page readonly
|
||
|
87BE000
|
stack
|
page read and write
|
||
|
C544000
|
unkown
|
page read and write
|
||
|
C50A000
|
unkown
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
4B78000
|
unkown
|
page read and write
|
||
|
4BE3000
|
unkown
|
page read and write
|
||
|
7FF5ED9B8000
|
unkown
|
page readonly
|
||
|
5590000
|
unkown
|
page write copy
|
||
|
9A10000
|
unkown
|
page read and write
|
||
|
AF8D000
|
stack
|
page read and write
|
||
|
383F000
|
stack
|
page read and write
|
||
|
3FE7000
|
heap
|
page read and write
|
||
|
A7E000
|
heap
|
page read and write
|
||
|
5079000
|
direct allocation
|
page execute and read and write
|
||
|
4048000
|
heap
|
page read and write
|
||
|
7DF4F3041000
|
unkown
|
page execute read
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
3202000
|
heap
|
page read and write
|
||
|
31E4000
|
heap
|
page read and write
|
||
|
4CD0000
|
unkown
|
page read and write
|
||
|
A32A000
|
unkown
|
page read and write
|
||
|
7DF4F3031000
|
unkown
|
page execute read
|
||
|
9B10000
|
heap
|
page read and write
|
||
|
4A7000
|
unkown
|
page read and write
|
||
|
3797000
|
unkown
|
page read and write
|
||
|
7FF5ED800000
|
unkown
|
page readonly
|
||
|
7FF5ED93E000
|
unkown
|
page readonly
|
||
|
9875000
|
unkown
|
page read and write
|
||
|
79D3000
|
unkown
|
page read and write
|
||
|
7FF5ED68F000
|
unkown
|
page readonly
|
||
|
BD1D000
|
stack
|
page read and write
|
||
|
7E60000
|
unkown
|
page read and write
|
||
|
7867000
|
unkown
|
page read and write
|
||
|
BDBF4FE000
|
stack
|
page read and write
|
||
|
7FF5ED43A000
|
unkown
|
page readonly
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
7979000
|
unkown
|
page read and write
|
||
|
7FF5ED3EA000
|
unkown
|
page readonly
|
||
|
7900000
|
unkown
|
page read and write
|
||
|
FDE4000
|
unkown
|
page read and write
|
||
|
7FF5ED4C2000
|
unkown
|
page readonly
|
||
|
4DA1000
|
heap
|
page read and write
|
||
|
303F000
|
heap
|
page read and write
|
||
|
A4AB000
|
unkown
|
page read and write
|
||
|
3795000
|
unkown
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
3E9E000
|
heap
|
page read and write
|
||
|
7FF5ED9D2000
|
unkown
|
page readonly
|
||
|
40C7000
|
heap
|
page execute and read and write
|
||
|
7FF5ED814000
|
unkown
|
page readonly
|
||
|
4BC9000
|
unkown
|
page read and write
|
||
|
4E1E000
|
stack
|
page read and write
|
||
|
7E60000
|
unkown
|
page read and write
|
||
|
9885000
|
unkown
|
page read and write
|
||
|
4C1E000
|
unkown
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED9BE000
|
unkown
|
page readonly
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED1CC000
|
unkown
|
page readonly
|
||
|
7FF5ED990000
|
unkown
|
page readonly
|
||
|
C54A000
|
unkown
|
page read and write
|
||
|
7FF5ED342000
|
unkown
|
page readonly
|
||
|
3DF8000
|
heap
|
page read and write
|
||
|
44A0000
|
direct allocation
|
page read and write
|
||
|
7FF5ED867000
|
unkown
|
page readonly
|
||
|
C92D000
|
unkown
|
page read and write
|
||
|
9E6C000
|
stack
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
CB13000
|
unkown
|
page read and write
|
||
|
3C41000
|
heap
|
page read and write
|
||
|
98E0000
|
unkown
|
page read and write
|
||
|
7FF5ED4A1000
|
unkown
|
page readonly
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
4D60000
|
trusted library allocation
|
page read and write
|
||
|
4530000
|
direct allocation
|
page read and write
|
||
|
F8E6000
|
unkown
|
page read and write
|
||
|
3405000
|
heap
|
page read and write
|
||
|
4AE1000
|
heap
|
page read and write
|
||
|
7953000
|
unkown
|
page read and write
|
||
|
7FF5EDA53000
|
unkown
|
page readonly
|
||
|
7FF5ED80C000
|
unkown
|
page readonly
|
||
|
400E000
|
unclassified section
|
page execute and read and write
|
||
|
7C80000
|
unkown
|
page read and write
|
||
|
8000000
|
unkown
|
page read and write
|
||
|
7FF5ED4B4000
|
unkown
|
page readonly
|
||
|
BDC0000
|
unkown
|
page readonly
|
||
|
1240000
|
heap
|
page read and write
|
||
|
5641000
|
unkown
|
page read and write
|
||
|
7FF5ED3F3000
|
unkown
|
page readonly
|
||
|
4BCE000
|
direct allocation
|
page execute and read and write
|
||
|
7FF5ED505000
|
unkown
|
page readonly
|
||
|
F96B000
|
unkown
|
page read and write
|
||
|
2A44000
|
heap
|
page read and write
|
||
|
E59E000
|
stack
|
page read and write
|
||
|
7FF5ED3EA000
|
unkown
|
page readonly
|
||
|
9792000
|
unkown
|
page read and write
|
||
|
3C22000
|
heap
|
page read and write
|
||
|
AB4C000
|
unkown
|
page read and write
|
||
|
37AE000
|
unkown
|
page read and write
|
||
|
31E4000
|
heap
|
page read and write
|
||
|
A11F000
|
stack
|
page read and write
|
||
|
392D000
|
heap
|
page read and write
|
||
|
C6BF000
|
unkown
|
page read and write
|
||
|
4883000
|
heap
|
page read and write
|
||
|
7FF5ED5C5000
|
unkown
|
page readonly
|
||
|
7FF5ED1D0000
|
unkown
|
page readonly
|
||
|
A21E000
|
stack
|
page read and write
|
||
|
2890000
|
heap
|
page read and write
|
||
|
3AF0000
|
heap
|
page read and write
|
||
|
7FF5ED40D000
|
unkown
|
page readonly
|
||
|
4B93000
|
unkown
|
page read and write
|
||
|
A4AB000
|
unkown
|
page read and write
|
||
|
7FF5ED806000
|
unkown
|
page readonly
|
||
|
7FF5ED48A000
|
unkown
|
page readonly
|
||
|
3929000
|
heap
|
page read and write
|
||
|
4084000
|
heap
|
page read and write
|
||
|
4BE1000
|
unkown
|
page read and write
|
||
|
2D4C000
|
stack
|
page read and write
|
||
|
100000
|
heap
|
page read and write
|
||
|
CAE7000
|
unkown
|
page read and write
|
||
|
4659000
|
direct allocation
|
page read and write
|
||
|
40BF000
|
heap
|
page read and write
|
||
|
39C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
CAC7000
|
unkown
|
page read and write
|
||
|
906E000
|
stack
|
page read and write
|
||
|
7FF5ED853000
|
unkown
|
page readonly
|
||
|
8BE9000
|
stack
|
page read and write
|
||
|
3150000
|
heap
|
page read and write
|
||
|
7FF5ED433000
|
unkown
|
page readonly
|
||
|
7FF5ED92C000
|
unkown
|
page readonly
|
||
|
A39B000
|
unkown
|
page read and write
|
||
|
3F20000
|
heap
|
page read and write
|
||
|
303A000
|
heap
|
page read and write
|
||
|
986B000
|
unkown
|
page read and write
|
||
|
4F10000
|
trusted library allocation
|
page read and write
|
||
|
C89A000
|
unkown
|
page read and write
|
||
|
36FE000
|
stack
|
page read and write
|
||
|
FDDE000
|
unkown
|
page read and write
|
||
|
37A0000
|
unkown
|
page read and write
|
||
|
B08D000
|
stack
|
page read and write
|
||
|
4530000
|
direct allocation
|
page read and write
|
||
|
343D000
|
stack
|
page read and write
|
||
|
E69C000
|
stack
|
page read and write
|
||
|
7FF5ED9ED000
|
unkown
|
page readonly
|
||
|
2D80000
|
heap
|
page read and write
|
||
|
4020000
|
heap
|
page read and write
|
||
|
C9BF000
|
unkown
|
page read and write
|
||
|
C507000
|
unkown
|
page read and write
|
||
|
C57F000
|
unkown
|
page read and write
|
||
|
9869000
|
unkown
|
page read and write
|
||
|
303B000
|
stack
|
page read and write
|
||
|
143B000
|
stack
|
page read and write
|
||
|
4769000
|
direct allocation
|
page read and write
|
||
|
7FF5D1CD4000
|
unkown
|
page readonly
|
||
|
3BB0000
|
heap
|
page read and write
|
||
|
C999000
|
unkown
|
page read and write
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
39A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
A361000
|
unkown
|
page read and write
|
||
|
4769000
|
direct allocation
|
page read and write
|
||
|
347B000
|
heap
|
page read and write
|
||
|
7FF5ED849000
|
unkown
|
page readonly
|
||
|
7D40000
|
unkown
|
page read and write
|
||
|
978E000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7859000
|
unkown
|
page read and write
|
||
|
7FF5ED6A5000
|
unkown
|
page readonly
|
||
|
9E6C000
|
stack
|
page read and write
|
||
|
7FF5ED956000
|
unkown
|
page readonly
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
289B000
|
heap
|
page read and write
|
||
|
CB51000
|
unkown
|
page read and write
|
||
|
B5AE000
|
stack
|
page read and write
|
||
|
1095000
|
stack
|
page read and write
|
||
|
4640000
|
direct allocation
|
page read and write
|
||
|
175F000
|
stack
|
page read and write
|
||
|
7FF5ED750000
|
unkown
|
page readonly
|
||
|
A4FC000
|
unkown
|
page read and write
|
||
|
4D01000
|
direct allocation
|
page execute and read and write
|
||
|
C51E000
|
unkown
|
page read and write
|
||
|
22532F68000
|
heap
|
page read and write
|
||
|
7FF5ED81B000
|
unkown
|
page readonly
|
||
|
9815000
|
unkown
|
page read and write
|
||
|
22532F7C000
|
heap
|
page read and write
|
||
|
3700000
|
unkown
|
page read and write
|
||
|
116B0000
|
system
|
page execute and read and write
|
||
|
7FF5EDA2A000
|
unkown
|
page readonly
|
||
|
2E53000
|
direct allocation
|
page read and write
|
||
|
490000
|
unkown
|
page write copy
|
||
|
37B0000
|
unkown
|
page read and write
|
||
|
A4A1000
|
unkown
|
page read and write
|
||
|
7FF5ED5EB000
|
unkown
|
page readonly
|
||
|
1200000
|
unkown
|
page readonly
|
||
|
7FF5ED697000
|
unkown
|
page readonly
|
||
|
4024000
|
heap
|
page read and write
|
||
|
AAD1000
|
unkown
|
page read and write
|
||
|
987F000
|
unkown
|
page read and write
|
||
|
978E000
|
unkown
|
page read and write
|
||
|
2870000
|
heap
|
page read and write
|
||
|
A75000
|
heap
|
page read and write
|
||
|
40CB000
|
heap
|
page read and write
|
||
|
31EF000
|
stack
|
page read and write
|
||
|
7FF5ED933000
|
unkown
|
page readonly
|
||
|
3BB1000
|
heap
|
page read and write
|
||
|
46CE000
|
direct allocation
|
page read and write
|
||
|
3D05000
|
heap
|
page read and write
|
||
|
C700000
|
unkown
|
page read and write
|
||
|
49AC000
|
heap
|
page read and write
|
||
|
A49E000
|
unkown
|
page read and write
|
||
|
308A000
|
stack
|
page read and write
|
||
|
7FF5ED3D0000
|
unkown
|
page readonly
|
||
|
7FF5ED2A4000
|
unkown
|
page readonly
|
||
|
C5A3000
|
unkown
|
page read and write
|
||
|
2BDE000
|
stack
|
page read and write
|
||
|
FF10000
|
heap
|
page read and write
|
||
|
31E4000
|
heap
|
page read and write
|
||
|
7847000
|
unkown
|
page read and write
|
||
|
7DF4F3040000
|
unkown
|
page readonly
|
||
|
A33E000
|
unkown
|
page read and write
|
||
|
7FF5ED9D9000
|
unkown
|
page readonly
|
||
|
3160000
|
heap
|
page readonly
|
||
|
521D000
|
direct allocation
|
page execute and read and write
|
||
|
3A91000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF5ED853000
|
unkown
|
page readonly
|
||
|
3213000
|
heap
|
page read and write
|
||
|
2D25000
|
heap
|
page read and write
|
||
|
316E000
|
stack
|
page read and write
|
||
|
986F000
|
unkown
|
page read and write
|
||
|
79B5000
|
unkown
|
page read and write
|
||
|
7FF5ED669000
|
unkown
|
page readonly
|
||
|
7FF5ED814000
|
unkown
|
page readonly
|
||
|
C08A000
|
stack
|
page read and write
|
||
|
A29E000
|
stack
|
page read and write
|
||
|
373E000
|
stack
|
page read and write
|
||
|
C557000
|
unkown
|
page read and write
|
||
|
7FF5ED3CE000
|
unkown
|
page readonly
|
||
|
986B000
|
unkown
|
page read and write
|
||
|
AF0C000
|
stack
|
page read and write
|
||
|
3A1E000
|
stack
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
3412000
|
heap
|
page read and write
|
||
|
4C34000
|
unkown
|
page read and write
|
||
|
3E99000
|
heap
|
page read and write
|
||
|
2A44000
|
heap
|
page read and write
|
||
|
7FF5ED97E000
|
unkown
|
page readonly
|
||
|
7FF5ED4BB000
|
unkown
|
page readonly
|
||
|
9815000
|
unkown
|
page read and write
|
||
|
4C8A000
|
unkown
|
page read and write
|
||
|
37AC000
|
unkown
|
page read and write
|
||
|
C6F4000
|
unkown
|
page read and write
|
||
|
7A34000
|
unkown
|
page read and write
|
||
|
37F6000
|
unkown
|
page read and write
|
||
|
9D63000
|
unkown
|
page read and write
|
||
|
C4A0000
|
unkown
|
page read and write
|
||
|
CA98000
|
unkown
|
page read and write
|
||
|
4BE3000
|
unkown
|
page read and write
|
||
|
7E50000
|
unkown
|
page readonly
|
||
|
785D000
|
unkown
|
page read and write
|
||
|
7FF5ED9E1000
|
unkown
|
page readonly
|
||
|
4C18000
|
unkown
|
page read and write
|
||
|
7FF5EDA38000
|
unkown
|
page readonly
|
||
|
CAE4000
|
unkown
|
page read and write
|
||
|
B8AB000
|
stack
|
page read and write
|
||
|
7FF5ED39B000
|
unkown
|
page readonly
|
||
|
C962000
|
unkown
|
page read and write
|
||
|
C49E000
|
stack
|
page read and write
|
||
|
2D0C000
|
stack
|
page read and write
|
||
|
7FF5ED337000
|
unkown
|
page readonly
|
||
|
7FF5ED975000
|
unkown
|
page readonly
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
C08A000
|
stack
|
page read and write
|
||
|
2C60000
|
trusted library allocation
|
page read and write
|
||
|
4C7A000
|
unkown
|
page read and write
|
||
|
B8B0000
|
unkown
|
page read and write
|
||
|
7FF5ED8C1000
|
unkown
|
page readonly
|
||
|
785D000
|
unkown
|
page read and write
|
||
|
7C80000
|
unkown
|
page read and write
|
||
|
7FF5ED4BB000
|
unkown
|
page readonly
|
||
|
A479000
|
unkown
|
page read and write
|
||
|
4090000
|
heap
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
4CFD000
|
direct allocation
|
page execute and read and write
|
||
|
98A8000
|
unkown
|
page read and write
|
||
|
7FF5ED55F000
|
unkown
|
page readonly
|
||
|
3F11000
|
heap
|
page read and write
|
||
|
3700000
|
heap
|
page read and write
|
||
|
C6E3000
|
unkown
|
page read and write
|
||
|
37A0000
|
unkown
|
page read and write
|
||
|
787C000
|
unkown
|
page read and write
|
||
|
8208000
|
stack
|
page read and write
|
||
|
31E4000
|
heap
|
page read and write
|
||
|
8B60000
|
unkown
|
page readonly
|
||
|
7FF5ED86B000
|
unkown
|
page readonly
|
||
|
37F9000
|
unkown
|
page read and write
|
||
|
3213000
|
heap
|
page read and write
|
||
|
7DF4F3031000
|
unkown
|
page execute read
|
||
|
A375000
|
unkown
|
page read and write
|
||
|
C6F4000
|
unkown
|
page read and write
|
||
|
7FF5ED471000
|
unkown
|
page readonly
|
||
|
4659000
|
direct allocation
|
page read and write
|
||
|
7FF5ED586000
|
unkown
|
page readonly
|
||
|
45C3000
|
direct allocation
|
page read and write
|
||
|
8208000
|
stack
|
page read and write
|
||
|
3DCB000
|
heap
|
page read and write
|
||
|
3CB0000
|
heap
|
page read and write
|
||
|
476D000
|
direct allocation
|
page read and write
|
||
|
7FF5ED4A1000
|
unkown
|
page readonly
|
||
|
7FF5ED9CC000
|
unkown
|
page readonly
|
||
|
C893000
|
unkown
|
page read and write
|
||
|
FC5E000
|
unkown
|
page execute and read and write
|
||
|
7FF5ED28F000
|
unkown
|
page readonly
|
||
|
7FF5ED6B9000
|
unkown
|
page readonly
|
||
|
7FF5ED864000
|
unkown
|
page readonly
|
||
|
C84D000
|
unkown
|
page read and write
|
||
|
4769000
|
direct allocation
|
page read and write
|
||
|
31E4000
|
heap
|
page read and write
|
||
|
8DA8000
|
unkown
|
page read and write
|
||
|
7FF5ED46A000
|
unkown
|
page readonly
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
AB0D000
|
unkown
|
page read and write
|
||
|
C6C9000
|
unkown
|
page read and write
|
||
|
42BE000
|
heap
|
page read and write
|
||
|
7FF5ED9CA000
|
unkown
|
page readonly
|
||
|
C6C1000
|
unkown
|
page read and write
|
||
|
3210000
|
unkown
|
page read and write
|
||
|
89F000
|
stack
|
page read and write
|
||
|
BDBECFA000
|
stack
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
36F0000
|
unkown
|
page readonly
|
||
|
7FF5ED412000
|
unkown
|
page readonly
|
||
|
76A0000
|
unkown
|
page read and write
|
||
|
E615000
|
stack
|
page read and write
|
||
|
7FF5ED872000
|
unkown
|
page readonly
|
||
|
41F0000
|
heap
|
page read and write
|
||
|
4C50000
|
unkown
|
page read and write
|
||
|
7DF4F3061000
|
unkown
|
page execute read
|
||
|
95DB000
|
stack
|
page read and write
|
||
|
7DF4F3051000
|
unkown
|
page execute read
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
4C18000
|
unkown
|
page read and write
|
||
|
7FF5ED7FD000
|
unkown
|
page readonly
|
||
|
8BF0000
|
unkown
|
page readonly
|
||
|
9DED000
|
stack
|
page read and write
|
||
|
9873000
|
unkown
|
page read and write
|
||
|
39D1000
|
trusted library allocation
|
page execute and read and write
|
||
|
47F4000
|
heap
|
page read and write
|
||
|
AB05000
|
unkown
|
page read and write
|
||
|
4659000
|
direct allocation
|
page read and write
|
||
|
3E9B000
|
heap
|
page read and write
|
||
|
7FF5ED4F3000
|
unkown
|
page readonly
|
||
|
A4A1000
|
unkown
|
page read and write
|
||
|
C6F2000
|
unkown
|
page read and write
|
||
|
A09E000
|
stack
|
page read and write
|
||
|
476D000
|
direct allocation
|
page read and write
|
||
|
3FEE000
|
heap
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
982D000
|
unkown
|
page read and write
|
||
|
4CD1000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF5ED59E000
|
unkown
|
page readonly
|
||
|
CB80000
|
unkown
|
page read and write
|
||
|
7FF5ED5F7000
|
unkown
|
page readonly
|
||
|
22532F6F000
|
heap
|
page read and write
|
||
|
44A0000
|
direct allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7FF5ED86B000
|
unkown
|
page readonly
|
||
|
7FF5ED33F000
|
unkown
|
page readonly
|
||
|
9DED000
|
stack
|
page read and write
|
||
|
7D20000
|
unkown
|
page readonly
|
||
|
943B000
|
stack
|
page read and write
|
||
|
7DF4F3041000
|
unkown
|
page execute read
|
||
|
1440000
|
unkown
|
page read and write
|
||
|
7FF5D1CD4000
|
unkown
|
page readonly
|
||
|
A4B8000
|
unkown
|
page read and write
|
||
|
AB4C000
|
unkown
|
page read and write
|
||
|
1510000
|
unkown
|
page readonly
|
||
|
CB65000
|
unkown
|
page read and write
|
||
|
7FF5ED5CE000
|
unkown
|
page readonly
|
||
|
FC9D000
|
unkown
|
page execute and read and write
|
||
|
7FF5ED3D0000
|
unkown
|
page readonly
|
||
|
7FF5ED3A7000
|
unkown
|
page readonly
|
||
|
409B000
|
heap
|
page read and write
|
||
|
2A1E000
|
stack
|
page read and write
|
||
|
986F000
|
unkown
|
page read and write
|
||
|
7FF5EDA08000
|
unkown
|
page readonly
|
||
|
A491000
|
unkown
|
page read and write
|
||
|
7869000
|
unkown
|
page read and write
|
||
|
CB54000
|
unkown
|
page read and write
|
||
|
3213000
|
heap
|
page read and write
|
||
|
7869000
|
unkown
|
page read and write
|
||
|
3F03000
|
heap
|
page read and write
|
||
|
2D30000
|
direct allocation
|
page read and write
|
||
|
CB1C000
|
unkown
|
page read and write
|
||
|
37F0000
|
unclassified section
|
page execute and read and write
|
||
|
7FF5ED676000
|
unkown
|
page readonly
|
||
|
1440000
|
unkown
|
page read and write
|
||
|
B301000
|
unkown
|
page read and write
|
||
|
7FF5ED670000
|
unkown
|
page readonly
|
||
|
7FF5ED94A000
|
unkown
|
page readonly
|
||
|
BDD0000
|
unkown
|
page readonly
|
||
|
482000
|
unkown
|
page readonly
|
||
|
E51C000
|
stack
|
page read and write
|
||
|
3E80000
|
heap
|
page read and write
|
||
|
9883000
|
unkown
|
page read and write
|
||
|
9879000
|
unkown
|
page read and write
|
||
|
3D2E000
|
heap
|
page read and write
|
||
|
CAE4000
|
unkown
|
page read and write
|
||
|
7FF5EDA2A000
|
unkown
|
page readonly
|
||
|
31E4000
|
heap
|
page read and write
|
||
|
3A00000
|
direct allocation
|
page execute and read and write
|
||
|
987D000
|
unkown
|
page read and write
|
||
|
7FF5ED286000
|
unkown
|
page readonly
|
||
|
31E4000
|
heap
|
page read and write
|
||
|
3580000
|
unkown
|
page readonly
|
||
|
7FF5ED46A000
|
unkown
|
page readonly
|
||
|
303D000
|
heap
|
page read and write
|
||
|
7FF5ED85F000
|
unkown
|
page readonly
|
||
|
7FF5ED9A1000
|
unkown
|
page readonly
|
||
|
7FF5ED33F000
|
unkown
|
page readonly
|
||
|
B82A000
|
stack
|
page read and write
|
||
|
7FF5ED818000
|
unkown
|
page readonly
|
||
|
979C000
|
unkown
|
page read and write
|
||
|
787C000
|
unkown
|
page read and write
|
||
|
47DE000
|
direct allocation
|
page read and write
|
||
|
3C50000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
8BF0000
|
unkown
|
page readonly
|
||
|
C563000
|
unkown
|
page read and write
|
||
|
31E0000
|
heap
|
page read and write
|
||
|
7FF5ED779000
|
unkown
|
page readonly
|
||
|
7FF5ED71E000
|
unkown
|
page readonly
|
||
|
B22B000
|
stack
|
page read and write
|
||
|
7FFE000
|
stack
|
page read and write
|
||
|
FDC0000
|
unkown
|
page read and write
|
||
|
4F50000
|
direct allocation
|
page execute and read and write
|
||
|
4BF5000
|
heap
|
page read and write
|
||
|
97AD000
|
unkown
|
page read and write
|
||
|
3501000
|
heap
|
page read and write
|
||
|
BD98000
|
stack
|
page read and write
|
||
|
3501000
|
heap
|
page read and write
|
||
|
8A6E000
|
stack
|
page read and write
|
||
|
7FF5ED516000
|
unkown
|
page readonly
|
||
|
CA75000
|
unkown
|
page read and write
|
||
|
47DE000
|
direct allocation
|
page read and write
|
||
|
37BD000
|
unkown
|
page read and write
|
||
|
37F6000
|
unkown
|
page read and write
|
||
|
3D47000
|
heap
|
page read and write
|
||
|
784A000
|
unkown
|
page read and write
|
||
|
7953000
|
unkown
|
page read and write
|
||
|
7FF5ED59E000
|
unkown
|
page readonly
|
||
|
7FF5ED806000
|
unkown
|
page readonly
|
||
|
A49E000
|
unkown
|
page read and write
|
||
|
B9D000
|
heap
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
9A5B000
|
unkown
|
page read and write
|
||
|
C6F8000
|
unkown
|
page read and write
|
||
|
7FF5ED9AE000
|
unkown
|
page readonly
|
||
|
4F10000
|
trusted library allocation
|
page read and write
|
||
|
97B5000
|
unkown
|
page read and write
|
||
|
987D000
|
unkown
|
page read and write
|
||
|
7FF5ED586000
|
unkown
|
page readonly
|
||
|
4F3F000
|
heap
|
page read and write
|
||
|
97B5000
|
unkown
|
page read and write
|
||
|
7FF5ED64F000
|
unkown
|
page readonly
|
||
|
7FF5ECED2000
|
unkown
|
page readonly
|
||
|
7CD0000
|
unkown
|
page read and write
|
||
|
4640000
|
direct allocation
|
page read and write
|
||
|
2A44000
|
heap
|
page read and write
|
||
|
3DD1000
|
direct allocation
|
page execute and read and write
|
||
|
50EE000
|
direct allocation
|
page execute and read and write
|
||
|
BDC0000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
C89A000
|
unkown
|
page read and write
|
||
|
C7C5000
|
unkown
|
page read and write
|
||
|
7FF5ED93E000
|
unkown
|
page readonly
|
||
|
341B000
|
heap
|
page read and write
|
||
|
4AE1000
|
heap
|
page read and write
|
||
|
4C50000
|
unkown
|
page read and write
|
||
|
7FF5ED349000
|
unkown
|
page readonly
|
||
|
44F1000
|
heap
|
page read and write
|
||
|
B629000
|
stack
|
page read and write
|
||
|
7FF5ED821000
|
unkown
|
page readonly
|
||
|
A95000
|
heap
|
page read and write
|
||
|
2990000
|
heap
|
page read and write
|
||
|
CB72000
|
unkown
|
page read and write
|
||
|
45C3000
|
direct allocation
|
page read and write
|
||
|
7FF5ED503000
|
unkown
|
page readonly
|
||
|
7FF5D1CCD000
|
unkown
|
page readonly
|
||
|
18A0000
|
unkown
|
page readonly
|
||
|
3E20000
|
heap
|
page read and write
|
||
|
7852000
|
unkown
|
page read and write
|
||
|
A502000
|
unkown
|
page read and write
|
||
|
44A0000
|
direct allocation
|
page read and write
|
||
|
46CE000
|
direct allocation
|
page read and write
|
||
|
2ED4000
|
heap
|
page read and write
|
||
|
7FF5ED62F000
|
unkown
|
page readonly
|
||
|
7FF5EDA08000
|
unkown
|
page readonly
|
||
|
56C3000
|
unkown
|
page read and write
|
||
|
7FF5ED692000
|
unkown
|
page readonly
|
||
|
37AE000
|
unkown
|
page read and write
|
||
|
7FF5ED714000
|
unkown
|
page readonly
|
||
|
7FF5ED625000
|
unkown
|
page readonly
|
||
|
31E4000
|
heap
|
page read and write
|
||
|
22532F75000
|
heap
|
page read and write
|
||
|
7C90000
|
unkown
|
page read and write
|
||
|
FDE0000
|
unkown
|
page read and write
|
||
|
31E4000
|
heap
|
page read and write
|
||
|
FDDD000
|
unkown
|
page read and write
|
||
|
3046000
|
heap
|
page read and write
|
||
|
4BE1000
|
unkown
|
page read and write
|
||
|
7861000
|
unkown
|
page read and write
|
||
|
3801000
|
heap
|
page read and write
|
||
|
7FF5ED781000
|
unkown
|
page readonly
|
||
|
37CF000
|
stack
|
page read and write
|
||
|
7FF5ED810000
|
unkown
|
page readonly
|
||
|
AA90000
|
unkown
|
page read and write
|
||
|
C9FC000
|
unkown
|
page read and write
|
||
|
990000
|
heap
|
page read and write
|
||
|
7FF5ED7DB000
|
unkown
|
page readonly
|
||
|
37F2000
|
unkown
|
page read and write
|
||
|
4C4B000
|
unkown
|
page read and write
|
||
|
7FF5ED810000
|
unkown
|
page readonly
|
||
|
C964000
|
unkown
|
page read and write
|
||
|
7FF5ED476000
|
unkown
|
page readonly
|
||
|
7FF5ED9C8000
|
unkown
|
page readonly
|
||
|
7FF5ED8E2000
|
unkown
|
page readonly
|
||
|
3F10000
|
heap
|
page read and write
|
||
|
79FB000
|
unkown
|
page read and write
|
||
|
97B5000
|
unkown
|
page read and write
|
||
|
7FF5ED9D9000
|
unkown
|
page readonly
|
||
|
9881000
|
unkown
|
page read and write
|
||
|
4C8A000
|
unkown
|
page read and write
|
||
|
4BF0000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED46E000
|
unkown
|
page readonly
|
||
|
A4E000
|
stack
|
page read and write
|
||
|
1350000
|
unkown
|
page readonly
|
||
|
A479000
|
unkown
|
page read and write
|
||
|
2C12000
|
heap
|
page read and write
|
||
|
7FF5ED9C8000
|
unkown
|
page readonly
|
||
|
4BA6000
|
unkown
|
page read and write
|
||
|
AAF2000
|
unkown
|
page read and write
|
||
|
7FF5ED4E8000
|
unkown
|
page readonly
|
||
|
785B000
|
unkown
|
page read and write
|
||
|
2EF0000
|
heap
|
page read and write
|
||
|
7FF5ED5C9000
|
unkown
|
page readonly
|
||
|
308C000
|
stack
|
page read and write
|
||
|
41E0000
|
heap
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
465D000
|
direct allocation
|
page read and write
|
||
|
8210000
|
unkown
|
page read and write
|
||
|
AB5E000
|
unkown
|
page read and write
|
||
|
FDEC000
|
unkown
|
page read and write
|
||
|
2D30000
|
direct allocation
|
page read and write
|
||
|
3F9F000
|
heap
|
page read and write
|
||
|
B190000
|
unkown
|
page read and write
|
||
|
2A44000
|
heap
|
page read and write
|
||
|
96DF000
|
unkown
|
page read and write
|
||
|
3DCD000
|
direct allocation
|
page execute and read and write
|
||
|
7FF5ED9FF000
|
unkown
|
page readonly
|
||
|
A33E000
|
unkown
|
page read and write
|
||
|
4B50000
|
unkown
|
page read and write
|
||
|
7FF5ED986000
|
unkown
|
page readonly
|
||
|
7FF5ED961000
|
unkown
|
page readonly
|
||
|
3791000
|
unkown
|
page read and write
|
||
|
379E000
|
unkown
|
page read and write
|
||
|
CAAF000
|
unkown
|
page read and write
|
||
|
7FF5ED409000
|
unkown
|
page readonly
|
||
|
35A0000
|
unkown
|
page readonly
|
||
|
CA64000
|
unkown
|
page read and write
|
||
|
3213000
|
heap
|
page read and write
|
||
|
7FF5ED433000
|
unkown
|
page readonly
|
||
|
22534B70000
|
heap
|
page read and write
|
||
|
E71C000
|
stack
|
page read and write
|
||
|
A50B000
|
unkown
|
page read and write
|
||
|
10CE6000
|
system
|
page read and write
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
E89B000
|
stack
|
page read and write
|
||
|
7FF5ED449000
|
unkown
|
page readonly
|
||
|
1210000
|
unkown
|
page readonly
|
||
|
3EC4000
|
heap
|
page read and write
|
||
|
A310000
|
unkown
|
page read and write
|
||
|
7FF5ED87D000
|
unkown
|
page readonly
|
||
|
785B000
|
unkown
|
page read and write
|
||
|
7FF5ED52F000
|
unkown
|
page readonly
|
||
|
7E11000
|
unkown
|
page read and write
|
||
|
A3BE000
|
unkown
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
C561000
|
unkown
|
page read and write
|
||
|
7FF5EDA70000
|
unkown
|
page readonly
|
||
|
549F000
|
unclassified section
|
page read and write
|
||
|
7FF5ED7F1000
|
unkown
|
page readonly
|
||
|
60000
|
system
|
page execute and read and write
|
||
|
B22B000
|
stack
|
page read and write
|
||
|
4C60000
|
unkown
|
page read and write
|
||
|
37F2000
|
unkown
|
page read and write
|
||
|
3A2D000
|
heap
|
page read and write
|
||
|
3E78000
|
heap
|
page read and write
|
||
|
C51E000
|
unkown
|
page read and write
|
||
|
F962000
|
unkown
|
page read and write
|
||
|
2A44000
|
heap
|
page read and write
|
||
|
FDFE000
|
unkown
|
page read and write
|
||
|
3CFB000
|
heap
|
page read and write
|
||
|
7FF5ED91A000
|
unkown
|
page readonly
|
||
|
7FF5ED928000
|
unkown
|
page readonly
|
||
|
7859000
|
unkown
|
page read and write
|
||
|
3D50000
|
unclassified section
|
page execute and read and write
|
||
|
7FF5ED915000
|
unkown
|
page readonly
|
||
|
7FF5ED939000
|
unkown
|
page readonly
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
9D63000
|
unkown
|
page read and write
|
||
|
7FF5ED937000
|
unkown
|
page readonly
|
||
|
1490000
|
unkown
|
page read and write
|
||
|
97A9000
|
unkown
|
page read and write
|
||
|
89C0000
|
unkown
|
page read and write
|
||
|
A49E000
|
unkown
|
page read and write
|
||
|
7FF5ED71B000
|
unkown
|
page readonly
|
||
|
7FF5ED872000
|
unkown
|
page readonly
|
||
|
9A000
|
stack
|
page read and write
|
||
|
126F000
|
stack
|
page read and write
|
||
|
4C7A000
|
unkown
|
page read and write
|
||
|
7DA3000
|
unkown
|
page read and write
|
||
|
11B0000
|
unkown
|
page readonly
|
||
|
22532F90000
|
heap
|
page read and write
|
||
|
2CD0000
|
direct allocation
|
page read and write
|
||
|
CB87000
|
unkown
|
page read and write
|
||
|
CA20000
|
unkown
|
page read and write
|
||
|
5557000
|
stack
|
page read and write
|
||
|
3738000
|
unkown
|
page read and write
|
||
|
96DF000
|
unkown
|
page read and write
|
||
|
C88B000
|
unkown
|
page read and write
|
||
|
3090000
|
heap
|
page read and write
|
||
|
3220000
|
unkown
|
page readonly
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
7CE0000
|
unkown
|
page read and write
|
||
|
8CE9000
|
stack
|
page read and write
|
||
|
C516000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
F864000
|
unkown
|
page read and write
|
||
|
C8E1000
|
unkown
|
page read and write
|
||
|
7FF5ED4F3000
|
unkown
|
page readonly
|
||
|
7FF5ED996000
|
unkown
|
page readonly
|
||
|
3417000
|
heap
|
page read and write
|
||
|
7FF5ED7CF000
|
unkown
|
page readonly
|
||
|
C84D000
|
unkown
|
page read and write
|
||
|
906E000
|
stack
|
page read and write
|
||
|
45C3000
|
direct allocation
|
page read and write
|
||
|
1505000
|
heap
|
page read and write
|
||
|
C5A0000
|
unkown
|
page read and write
|
||
|
88EE000
|
stack
|
page read and write
|
||
|
987D000
|
unkown
|
page read and write
|
||
|
31A0000
|
heap
|
page readonly
|
||
|
C5A3000
|
unkown
|
page read and write
|
||
|
2A44000
|
heap
|
page read and write
|
||
|
7FF5ED4C2000
|
unkown
|
page readonly
|
||
|
7D20000
|
unkown
|
page readonly
|
||
|
3F4F000
|
stack
|
page read and write
|
||
|
91B9000
|
stack
|
page read and write
|
||
|
DE0000
|
unkown
|
page readonly
|
||
|
3748000
|
unkown
|
page read and write
|
||
|
7FF5ED939000
|
unkown
|
page readonly
|
||
|
2A44000
|
heap
|
page read and write
|
||
|
CBA0000
|
unkown
|
page read and write
|
||
|
7CC0000
|
unkown
|
page readonly
|
||
|
438A000
|
heap
|
page read and write
|
||
|
C41F000
|
stack
|
page read and write
|
||
|
7FF5ED602000
|
unkown
|
page readonly
|
||
|
3F20000
|
heap
|
page read and write
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
C507000
|
unkown
|
page read and write
|
||
|
4021000
|
heap
|
page read and write
|
||
|
980000
|
heap
|
page read and write
|
||
|
F96B000
|
unkown
|
page read and write
|
||
|
FDE0000
|
unkown
|
page read and write
|
||
|
E89B000
|
stack
|
page read and write
|
||
|
3CCD000
|
direct allocation
|
page execute and read and write
|
||
|
7FF5ED26E000
|
unkown
|
page readonly
|
||
|
F864000
|
unkown
|
page read and write
|
||
|
3070000
|
heap
|
page read and write
|
||
|
7FF5ED556000
|
unkown
|
page readonly
|
||
|
C561000
|
unkown
|
page read and write
|
||
|
383E000
|
stack
|
page read and write
|
||
|
4659000
|
direct allocation
|
page read and write
|
||
|
978E000
|
unkown
|
page read and write
|
||
|
289B000
|
heap
|
page read and write
|
||
|
2D3D000
|
stack
|
page read and write
|
||
|
970000
|
heap
|
page read and write
|
||
|
4C9A000
|
unkown
|
page read and write
|
||
|
476D000
|
direct allocation
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED349000
|
unkown
|
page readonly
|
||
|
7FF5ED28E000
|
unkown
|
page readonly
|
||
|
3C40000
|
heap
|
page read and write
|
||
|
A4FC000
|
unkown
|
page read and write
|
||
|
4530000
|
direct allocation
|
page read and write
|
||
|
25BC000
|
stack
|
page read and write
|
||
|
7FF5ED692000
|
unkown
|
page readonly
|
||
|
C10A000
|
stack
|
page read and write
|
||
|
4F10000
|
trusted library allocation
|
page read and write
|
||
|
11898000
|
system
|
page execute and read and write
|
||
|
4CE0000
|
unkown
|
page read and write
|
||
|
CA63000
|
unkown
|
page read and write
|
||
|
7FF5ED73D000
|
unkown
|
page readonly
|
||
|
7884000
|
unkown
|
page read and write
|
||
|
7FF5ED4E8000
|
unkown
|
page readonly
|
||
|
CAE7000
|
unkown
|
page read and write
|
||
|
7FF5ED975000
|
unkown
|
page readonly
|
||
|
37F3000
|
unclassified section
|
page execute and read and write
|
||
|
3E81000
|
heap
|
page read and write
|
||
|
C857000
|
unkown
|
page read and write
|
||
|
7977000
|
unkown
|
page read and write
|
||
|
7865000
|
unkown
|
page read and write
|
||
|
F924000
|
unkown
|
page read and write
|
||
|
7A34000
|
unkown
|
page read and write
|
||
|
CACA000
|
unkown
|
page read and write
|
||
|
1483000
|
heap
|
page read and write
|
||
|
7FF5ED996000
|
unkown
|
page readonly
|
||
|
986B000
|
unkown
|
page read and write
|
||
|
97AD000
|
unkown
|
page read and write
|
||
|
10EDF000
|
system
|
page read and write
|
||
|
CB72000
|
unkown
|
page read and write
|
||
|
7FF5ED743000
|
unkown
|
page readonly
|
||
|
3F6A000
|
heap
|
page read and write
|
||
|
7FF5ED286000
|
unkown
|
page readonly
|
||
|
3F67000
|
heap
|
page read and write
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
465D000
|
direct allocation
|
page read and write
|
||
|
986F000
|
unkown
|
page read and write
|
||
|
CA43000
|
unkown
|
page read and write
|
||
|
490000
|
unkown
|
page read and write
|
||
|
7FF5ED74A000
|
unkown
|
page readonly
|
||
|
9139000
|
stack
|
page read and write
|
||
|
310000
|
system
|
page execute and read and write
|
||
|
7FF5ED449000
|
unkown
|
page readonly
|
||
|
9A10000
|
unkown
|
page read and write
|
||
|
7FF5ED8E7000
|
unkown
|
page readonly
|
||
|
7FF5ED76D000
|
unkown
|
page readonly
|
||
|
CA42000
|
unkown
|
page read and write
|
||
|
28A1000
|
heap
|
page read and write
|
||
|
7FF5ED864000
|
unkown
|
page readonly
|
||
|
4D72000
|
direct allocation
|
page execute and read and write
|
||
|
7FF5ED8E7000
|
unkown
|
page readonly
|
||
|
3B9E000
|
direct allocation
|
page execute and read and write
|
||
|
78A0000
|
unkown
|
page read and write
|
||
|
7FF5ED3DA000
|
unkown
|
page readonly
|
||
|
BDBF1FE000
|
stack
|
page read and write
|
||
|
3941000
|
unclassified section
|
page execute and read and write
|
||
|
982D000
|
unkown
|
page read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
7FF5ED9B8000
|
unkown
|
page readonly
|
||
|
1E0000
|
heap
|
page read and write
|
||
|
F924000
|
unkown
|
page read and write
|
||
|
8DAC000
|
unkown
|
page read and write
|
||
|
AB09000
|
unkown
|
page read and write
|
||
|
45C3000
|
direct allocation
|
page read and write
|
||
|
CA43000
|
unkown
|
page read and write
|
||
|
7FF5ED5EB000
|
unkown
|
page readonly
|
||
|
25FC000
|
stack
|
page read and write
|
||
|
7FF5ED8C6000
|
unkown
|
page readonly
|
||
|
7F40000
|
unkown
|
page readonly
|
||
|
7FF5ED48A000
|
unkown
|
page readonly
|
||
|
3210000
|
unkown
|
page read and write
|
||
|
7DF4F3050000
|
unkown
|
page readonly
|
||
|
4B8B000
|
unkown
|
page read and write
|
||
|
7900000
|
unkown
|
page read and write
|
||
|
F979000
|
unkown
|
page read and write
|
||
|
7FF5ED91A000
|
unkown
|
page readonly
|
||
|
7CA0000
|
unkown
|
page read and write
|
||
|
7FF5ED750000
|
unkown
|
page readonly
|
||
|
46CE000
|
direct allocation
|
page read and write
|
||
|
4A7000
|
unkown
|
page read and write
|
||
|
1189A000
|
system
|
page execute and read and write
|
||
|
786B000
|
unkown
|
page read and write
|
||
|
7FF5ED735000
|
unkown
|
page readonly
|
||
|
8DAC000
|
unkown
|
page read and write
|
||
|
A491000
|
unkown
|
page read and write
|
||
|
40C8000
|
heap
|
page read and write
|
||
|
476D000
|
direct allocation
|
page read and write
|
||
|
CB65000
|
unkown
|
page read and write
|
||
|
7CA0000
|
unkown
|
page read and write
|
||
|
7FF5ED8AC000
|
unkown
|
page readonly
|
||
|
CB80000
|
unkown
|
page read and write
|
||
|
9929000
|
unkown
|
page read and write
|
||
|
7865000
|
unkown
|
page read and write
|
||
|
1505000
|
heap
|
page read and write
|
||
|
4A30000
|
direct allocation
|
page execute and read and write
|
||
|
A433000
|
unkown
|
page read and write
|
||
|
7FF5ED8AC000
|
unkown
|
page readonly
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
1451000
|
unkown
|
page readonly
|
||
|
BBE000
|
heap
|
page read and write
|
||
|
7FF5ED418000
|
unkown
|
page readonly
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
89F000
|
stack
|
page read and write
|
||
|
30EF000
|
unkown
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
3202000
|
heap
|
page read and write
|
||
|
4ECA000
|
heap
|
page read and write
|
||
|
4B14000
|
heap
|
page read and write
|
||
|
7FF5ED844000
|
unkown
|
page readonly
|
||
|
C5A0000
|
unkown
|
page read and write
|
||
|
FDEC000
|
unkown
|
page read and write
|
||
|
44A0000
|
direct allocation
|
page read and write
|
||
|
3800000
|
heap
|
page read and write
|
||
|
FDA0000
|
unkown
|
page read and write
|
||
|
A32A000
|
unkown
|
page read and write
|
||
|
7FF5EDA0D000
|
unkown
|
page readonly
|
||
|
4530000
|
direct allocation
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
987F000
|
unkown
|
page read and write
|
||
|
7FF5ED743000
|
unkown
|
page readonly
|
||
|
A323000
|
unkown
|
page read and write
|
||
|
2E53000
|
direct allocation
|
page read and write
|
||
|
22532F69000
|
heap
|
page read and write
|
||
|
289B000
|
heap
|
page read and write
|
||
|
31C0000
|
trusted library allocation
|
page read and write
|
||
|
965C000
|
stack
|
page read and write
|
||
|
7FF5ED1D9000
|
unkown
|
page readonly
|
||
|
CA75000
|
unkown
|
page read and write
|
||
|
93BE000
|
stack
|
page read and write
|
||
|
1248000
|
heap
|
page read and write
|
||
|
A37B000
|
unkown
|
page read and write
|
||
|
943B000
|
stack
|
page read and write
|
||
|
7FF5EDA14000
|
unkown
|
page readonly
|
||
|
4659000
|
direct allocation
|
page read and write
|
||
|
7FF5ED644000
|
unkown
|
page readonly
|
||
|
7FF5ED40D000
|
unkown
|
page readonly
|
||
|
977A000
|
unkown
|
page read and write
|
||
|
7FF5ED793000
|
unkown
|
page readonly
|
||
|
3A80000
|
trusted library allocation
|
page execute and read and write
|
||
|
89A0000
|
unkown
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
AAF6000
|
unkown
|
page read and write
|
||
|
9893000
|
unkown
|
page read and write
|
||
|
FF12000
|
heap
|
page read and write
|
||
|
7A34000
|
unkown
|
page read and write
|
||
|
C846000
|
unkown
|
page read and write
|
||
|
341E000
|
heap
|
page read and write
|
||
|
A4A1000
|
unkown
|
page read and write
|
||
|
C5AA000
|
unkown
|
page read and write
|
||
|
4B90000
|
unkown
|
page read and write
|
||
|
7FF5ED495000
|
unkown
|
page readonly
|
||
|
C8E1000
|
unkown
|
page read and write
|
||
|
C503000
|
unkown
|
page read and write
|
||
|
9A000
|
stack
|
page read and write
|
||
|
DD0000
|
unkown
|
page readonly
|
||
|
CA45000
|
unkown
|
page read and write
|
||
|
7FF5ED8E2000
|
unkown
|
page readonly
|
||
|
FE03000
|
unkown
|
page read and write
|
||
|
135F000
|
stack
|
page read and write
|
||
|
2892000
|
heap
|
page read and write
|
||
|
3C9E000
|
direct allocation
|
page execute and read and write
|
||
|
C9DE000
|
unkown
|
page read and write
|
||
|
9877000
|
unkown
|
page read and write
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
CBBA000
|
unkown
|
page read and write
|
||
|
3213000
|
heap
|
page read and write
|
||
|
7FF5ED342000
|
unkown
|
page readonly
|
||
|
FF1A000
|
heap
|
page read and write
|
||
|
4F10000
|
trusted library allocation
|
page read and write
|
||
|
3240000
|
unkown
|
page read and write
|
||
|
7FF5ED265000
|
unkown
|
page readonly
|
||
|
2D30000
|
direct allocation
|
page read and write
|
||
|
984000
|
heap
|
page read and write
|
||
|
7FF5D1CCD000
|
unkown
|
page readonly
|
||
|
C964000
|
unkown
|
page read and write
|
||
|
36F0000
|
unkown
|
page readonly
|
||
|
22533240000
|
heap
|
page read and write
|
||
|
A4AE000
|
unkown
|
page read and write
|
||
|
7FF5ED7E9000
|
unkown
|
page readonly
|
||
|
CBD5000
|
unkown
|
page read and write
|
||
|
BDBF7FB000
|
stack
|
page read and write
|
||
|
7FF5ED9AE000
|
unkown
|
page readonly
|
||
|
56D9000
|
unkown
|
page read and write
|
||
|
9976000
|
unkown
|
page read and write
|
||
|
3870000
|
trusted library allocation
|
page read and write
|
||
|
C563000
|
unkown
|
page read and write
|
||
|
3F80000
|
heap
|
page read and write
|
||
|
BC9B000
|
stack
|
page read and write
|
||
|
3F3A000
|
heap
|
page read and write
|
||
|
404D000
|
unclassified section
|
page execute and read and write
|
||
|
C846000
|
unkown
|
page read and write
|
||
|
37D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
979C000
|
unkown
|
page read and write
|
||
|
979C000
|
unkown
|
page read and write
|
||
|
987B000
|
unkown
|
page read and write
|
||
|
3417000
|
heap
|
page read and write
|
||
|
E71C000
|
stack
|
page read and write
|
||
|
7FF5ED9E1000
|
unkown
|
page readonly
|
||
|
2890000
|
heap
|
page read and write
|
||
|
4CC0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF5ED50A000
|
unkown
|
page readonly
|
||
|
22532F75000
|
heap
|
page read and write
|
||
|
8210000
|
unkown
|
page read and write
|
||
|
7FF5ED2A4000
|
unkown
|
page readonly
|
||
|
CAE7000
|
unkown
|
page read and write
|
||
|
7FF5EDA31000
|
unkown
|
page readonly
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
7FF5ED915000
|
unkown
|
page readonly
|
||
|
FDFF000
|
unkown
|
page read and write
|
||
|
C89C000
|
unkown
|
page read and write
|
||
|
97AD000
|
unkown
|
page read and write
|
||
|
3E75000
|
heap
|
page read and write
|
||
|
7852000
|
unkown
|
page read and write
|
||
|
4D60000
|
trusted library allocation
|
page read and write
|
||
|
3EB1000
|
heap
|
page read and write
|
||
|
7FF5ED4EF000
|
unkown
|
page readonly
|
||
|
3791000
|
unkown
|
page read and write
|
||
|
8801000
|
unkown
|
page read and write
|
||
|
7FF5ED516000
|
unkown
|
page readonly
|
||
|
991F000
|
unkown
|
page read and write
|
||
|
3400000
|
heap
|
page read and write
|
||
|
9815000
|
unkown
|
page read and write
|
||
|
7FF5ED1D9000
|
unkown
|
page readonly
|
||
|
2D70000
|
heap
|
page read and write
|
||
|
3007000
|
heap
|
page read and write
|
||
|
9CE000
|
stack
|
page read and write
|
||
|
41F0000
|
heap
|
page read and write
|
||
|
7F2E000
|
stack
|
page read and write
|
||
|
3B29000
|
direct allocation
|
page execute and read and write
|
||
|
3213000
|
heap
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
3590000
|
unkown
|
page read and write
|
||
|
7FF5EDA69000
|
unkown
|
page readonly
|
||
|
7FF5ED97A000
|
unkown
|
page readonly
|
||
|
C6C9000
|
unkown
|
page read and write
|
||
|
818E000
|
stack
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
BDD0000
|
unkown
|
page readonly
|
||
|
997A000
|
unkown
|
page read and write
|
||
|
1199C000
|
stack
|
page read and write
|
||
|
9875000
|
unkown
|
page read and write
|
||
|
4B5D000
|
direct allocation
|
page execute and read and write
|
||
|
22532FA4000
|
heap
|
page read and write
|
||
|
78AD000
|
unkown
|
page read and write
|
||
|
5641000
|
unkown
|
page read and write
|
||
|
2E53000
|
direct allocation
|
page read and write
|
||
|
2EFC000
|
heap
|
page read and write
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
30F5000
|
heap
|
page read and write
|
||
|
4D18000
|
heap
|
page read and write
|
||
|
7FF5ED507000
|
unkown
|
page readonly
|
||
|
9879000
|
unkown
|
page read and write
|
||
|
4F10000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED9D6000
|
unkown
|
page readonly
|
||
|
A379000
|
unkown
|
page read and write
|
||
|
9879000
|
unkown
|
page read and write
|
||
|
AB0B000
|
unkown
|
page read and write
|
||
|
31E4000
|
heap
|
page read and write
|
||
|
7FF5ED4B4000
|
unkown
|
page readonly
|
||
|
35A0000
|
unkown
|
page readonly
|
||
|
970000
|
heap
|
page read and write
|
||
|
7FF5ED5C9000
|
unkown
|
page readonly
|
||
|
7FF5ED5A8000
|
unkown
|
page readonly
|
||
|
CA7A000
|
unkown
|
page read and write
|
||
|
4090000
|
heap
|
page read and write
|
||
|
4BA6000
|
unkown
|
page read and write
|
||
|
7DA3000
|
unkown
|
page read and write
|
||
|
7FF5ED74A000
|
unkown
|
page readonly
|
||
|
30C0000
|
heap
|
page read and write
|
||
|
7DF4F3071000
|
unkown
|
page execute read
|
||
|
900000
|
heap
|
page read and write
|
||
|
B94000
|
heap
|
page read and write
|
||
|
8860000
|
unkown
|
page read and write
|
||
|
97C3000
|
unkown
|
page read and write
|
||
|
7FF5ED534000
|
unkown
|
page readonly
|
||
|
2878000
|
heap
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
F8EB000
|
unkown
|
page read and write
|
||
|
3405000
|
heap
|
page read and write
|
||
|
7FF5ED6B9000
|
unkown
|
page readonly
|
||
|
347B000
|
heap
|
page read and write
|
||
|
46CE000
|
direct allocation
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED404000
|
unkown
|
page readonly
|
||
|
3240000
|
unkown
|
page read and write
|
||
|
7E50000
|
unkown
|
page readonly
|
||
|
7FF5ED9C6000
|
unkown
|
page readonly
|
||
|
47DE000
|
direct allocation
|
page read and write
|
||
|
3058000
|
heap
|
page read and write
|
||
|
7FF5EDA0D000
|
unkown
|
page readonly
|
||
|
E79D000
|
stack
|
page read and write
|
||
|
7FF5ED793000
|
unkown
|
page readonly
|
||
|
7CC0000
|
unkown
|
page readonly
|
||
|
2BA0000
|
heap
|
page read and write
|
||
|
7FF5ED8A4000
|
unkown
|
page readonly
|
||
|
7FF5ED3D6000
|
unkown
|
page readonly
|
||
|
3C3F000
|
stack
|
page read and write
|
||
|
9795000
|
unkown
|
page read and write
|
||
|
490000
|
unkown
|
page write copy
|
||
|
FDD5000
|
unkown
|
page read and write
|
||
|
7FF5ED4FD000
|
unkown
|
page readonly
|
||
|
9869000
|
unkown
|
page read and write
|
||
|
3213000
|
heap
|
page read and write
|
||
|
977A000
|
unkown
|
page read and write
|
||
|
C41F000
|
stack
|
page read and write
|
||
|
9977000
|
unkown
|
page read and write
|
||
|
3FF0000
|
heap
|
page read and write
|
||
|
366E000
|
stack
|
page read and write
|
||
|
7FF5ED43D000
|
unkown
|
page readonly
|
||
|
127E000
|
heap
|
page read and write
|
||
|
B190000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
8730000
|
unkown
|
page read and write
|
||
|
4640000
|
direct allocation
|
page read and write
|
||
|
F8E6000
|
unkown
|
page read and write
|
||
|
3795000
|
unkown
|
page read and write
|
||
|
4080000
|
heap
|
page read and write
|
||
|
8730000
|
unkown
|
page read and write
|
||
|
B10D000
|
stack
|
page read and write
|
||
|
7FF5ED695000
|
unkown
|
page readonly
|
||
|
7F40000
|
unkown
|
page readonly
|
||
|
C557000
|
unkown
|
page read and write
|
||
|
31E4000
|
heap
|
page read and write
|
||
|
784A000
|
unkown
|
page read and write
|
||
|
9A5B000
|
unkown
|
page read and write
|
||
|
47DE000
|
direct allocation
|
page read and write
|
||
|
37AC000
|
unkown
|
page read and write
|
||
|
7FF5ED3DA000
|
unkown
|
page readonly
|
||
|
4A7000
|
unkown
|
page read and write
|
||
|
BC9B000
|
stack
|
page read and write
|
||
|
7FF5ED20E000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
9792000
|
unkown
|
page read and write
|
||
|
3FFE000
|
heap
|
page read and write
|
||
|
C962000
|
unkown
|
page read and write
|
||
|
C88B000
|
unkown
|
page read and write
|
||
|
A494000
|
unkown
|
page read and write
|
||
|
1510000
|
unkown
|
page readonly
|
||
|
2897000
|
heap
|
page read and write
|
||
|
965C000
|
stack
|
page read and write
|
||
|
7FF5ED6DB000
|
unkown
|
page readonly
|
||
|
2D90000
|
heap
|
page read and write
|
||
|
45C3000
|
direct allocation
|
page read and write
|
||
|
2C3D000
|
stack
|
page read and write
|
||
|
A09D000
|
stack
|
page read and write
|
||
|
CB7B000
|
unkown
|
page read and write
|
||
|
3100000
|
heap
|
page read and write
|
||
|
7E11000
|
unkown
|
page read and write
|
||
|
4640000
|
direct allocation
|
page read and write
|
||
|
3213000
|
heap
|
page read and write
|
||
|
79D3000
|
unkown
|
page read and write
|
||
|
9893000
|
unkown
|
page read and write
|
||
|
F962000
|
unkown
|
page read and write
|
||
|
CA20000
|
unkown
|
page read and write
|
||
|
CB51000
|
unkown
|
page read and write
|
||
|
7FF5ED71E000
|
unkown
|
page readonly
|
||
|
10CE0000
|
unkown
|
page read and write
|
||
|
7FF5ED68C000
|
unkown
|
page readonly
|
||
|
3A40000
|
trusted library allocation
|
page read and write
|
||
|
A502000
|
unkown
|
page read and write
|
||
|
7FF5EDA14000
|
unkown
|
page readonly
|
||
|
A50B000
|
unkown
|
page read and write
|
||
|
CA42000
|
unkown
|
page read and write
|
||
|
7FF5ED7E9000
|
unkown
|
page readonly
|
||
|
7A34000
|
unkown
|
page read and write
|
||
|
37A8000
|
unkown
|
page read and write
|
||
|
B640000
|
unkown
|
page read and write
|
||
|
3213000
|
heap
|
page read and write
|
||
|
CA7C000
|
unkown
|
page read and write
|
||
|
79D3000
|
unkown
|
page read and write
|
||
|
490000
|
unkown
|
page write copy
|
||
|
465D000
|
direct allocation
|
page read and write
|
||
|
3DF7000
|
heap
|
page execute and read and write
|
||
|
4B59000
|
direct allocation
|
page execute and read and write
|
||
|
7FF5ED660000
|
unkown
|
page readonly
|
||
|
C57F000
|
unkown
|
page read and write
|
||
|
1230000
|
unkown
|
page read and write
|
||
|
490000
|
unkown
|
page read and write
|
||
|
FF12000
|
heap
|
page read and write
|
||
|
7FF5ED781000
|
unkown
|
page readonly
|
||
|
4BDC000
|
unkown
|
page read and write
|
||
|
7FF5EDA76000
|
unkown
|
page readonly
|
||
|
5590000
|
unkown
|
page write copy
|
||
|
A364000
|
unkown
|
page read and write
|
||
|
9883000
|
unkown
|
page read and write
|
||
|
7F30000
|
unkown
|
page read and write
|
||
|
22532F48000
|
heap
|
page read and write
|
||
|
3EB1000
|
heap
|
page read and write
|
||
|
482000
|
unkown
|
page readonly
|
||
|
7FF5ED85F000
|
unkown
|
page readonly
|
||
|
31AF000
|
stack
|
page read and write
|
||
|
98A8000
|
unkown
|
page read and write
|
||
|
37B0000
|
unkown
|
page read and write
|
||
|
C503000
|
unkown
|
page read and write
|
||
|
797D000
|
unkown
|
page read and write
|
||
|
F8EB000
|
unkown
|
page read and write
|
||
|
900000
|
heap
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
CB72000
|
unkown
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
7FF5ED9A1000
|
unkown
|
page readonly
|
||
|
FDEC000
|
unkown
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
7FF5ED602000
|
unkown
|
page readonly
|
||
|
4CB0000
|
unkown
|
page read and write
|
||
|
89E0000
|
unkown
|
page read and write
|
||
|
7FF5ED1F7000
|
unkown
|
page readonly
|
||
|
7FF5ED4B0000
|
unkown
|
page readonly
|
||
|
7FF5ED81B000
|
unkown
|
page readonly
|
||
|
CB86000
|
unkown
|
page read and write
|
||
|
11B0000
|
unkown
|
page readonly
|
||
|
7FF5ED4DF000
|
unkown
|
page readonly
|
||
|
4B78000
|
unkown
|
page read and write
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
8720000
|
unkown
|
page readonly
|
||
|
7FF5ED8A4000
|
unkown
|
page readonly
|
||
|
7FF5ED821000
|
unkown
|
page readonly
|
||
|
CBBB000
|
unkown
|
page read and write
|
||
|
F8A3000
|
unkown
|
page read and write
|
||
|
7FF5ED990000
|
unkown
|
page readonly
|
||
|
35D0000
|
unkown
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
7FF5ED933000
|
unkown
|
page readonly
|
||
|
B10D000
|
stack
|
page read and write
|
||
|
7D00000
|
unkown
|
page readonly
|
||
|
7FF5ED64F000
|
unkown
|
page readonly
|
||
|
7FF5ED3AC000
|
unkown
|
page readonly
|
||
|
2D33000
|
heap
|
page read and write
|
||
|
7FF5ED986000
|
unkown
|
page readonly
|
||
|
FDD2000
|
unkown
|
page read and write
|
||
|
3DD9000
|
heap
|
page read and write
|
||
|
4ECE000
|
heap
|
page read and write
|
||
|
7FF5ED519000
|
unkown
|
page readonly
|
||
|
7CD0000
|
unkown
|
page read and write
|
||
|
7FF5ED850000
|
unkown
|
page readonly
|
||
|
AAD1000
|
unkown
|
page read and write
|
||
|
7DF4F3061000
|
unkown
|
page execute read
|
||
|
46C0000
|
heap
|
page read and write
|
||
|
3048000
|
heap
|
page read and write
|
||
|
B170000
|
unkown
|
page readonly
|
||
|
476D000
|
direct allocation
|
page read and write
|
||
|
7FF5ED803000
|
unkown
|
page readonly
|
||
|
401000
|
unkown
|
page execute read
|
||
|
7CE0000
|
unkown
|
page read and write
|
||
|
22532FA4000
|
heap
|
page read and write
|
||
|
7FF5EDA69000
|
unkown
|
page readonly
|
||
|
C9AA000
|
unkown
|
page read and write
|
||
|
44A0000
|
direct allocation
|
page read and write
|
||
|
FDFE000
|
unkown
|
page read and write
|
||
|
36D3000
|
stack
|
page read and write
|
||
|
B2DC000
|
unkown
|
page read and write
|
||
|
4AE1000
|
heap
|
page read and write
|
||
|
117A0000
|
system
|
page execute and read and write
|
||
|
4B8B000
|
unkown
|
page read and write
|
||
|
7FF5ED4C6000
|
unkown
|
page readonly
|
||
|
3DB4000
|
heap
|
page read and write
|
||
|
7FF5EDA76000
|
unkown
|
page readonly
|
||
|
3EF2000
|
heap
|
page read and write
|
||
|
3600000
|
heap
|
page read and write
|
||
|
F979000
|
unkown
|
page read and write
|
||
|
7FF5ED210000
|
unkown
|
page readonly
|
||
|
2D30000
|
direct allocation
|
page read and write
|
||
|
7FF5ED65C000
|
unkown
|
page readonly
|
||
|
CB54000
|
unkown
|
page read and write
|
||
|
7FF5ED850000
|
unkown
|
page readonly
|
||
|
11702000
|
system
|
page execute and read and write
|
||
|
7FF5ED9C6000
|
unkown
|
page readonly
|
||
|
8710000
|
unkown
|
page readonly
|
||
|
CA08000
|
unkown
|
page read and write
|
||
|
896B000
|
stack
|
page read and write
|
||
|
31E4000
|
heap
|
page read and write
|
||
|
3E1F000
|
stack
|
page read and write
|
||
|
818E000
|
stack
|
page read and write
|
||
|
4610000
|
heap
|
page read and write
|
||
|
7DF4F3051000
|
unkown
|
page execute read
|
||
|
9660000
|
unkown
|
page read and write
|
||
|
3DFB000
|
heap
|
page read and write
|
||
|
7FF5ED77E000
|
unkown
|
page readonly
|
||
|
BAF9000
|
stack
|
page read and write
|
||
|
2C1F000
|
stack
|
page read and write
|
||
|
7FF5EDA70000
|
unkown
|
page readonly
|
||
|
44A0000
|
direct allocation
|
page read and write
|
||
|
79B1000
|
unkown
|
page read and write
|
||
|
2EEE000
|
stack
|
page read and write
|
||
|
3D9A000
|
heap
|
page read and write
|
||
|
4530000
|
direct allocation
|
page read and write
|
||
|
1500000
|
heap
|
page read and write
|
||
|
FBA0000
|
unkown
|
page execute and read and write
|
||
|
7FF5ED39E000
|
unkown
|
page readonly
|
||
|
3030000
|
heap
|
page read and write
|
||
|
B650000
|
unkown
|
page read and write
|
||
|
22532F10000
|
heap
|
page read and write
|
||
|
7FF5ED39B000
|
unkown
|
page readonly
|
||
|
7F30000
|
unkown
|
page read and write
|
||
|
C6F2000
|
unkown
|
page read and write
|
||
|
1500000
|
heap
|
page read and write
|
||
|
7FF5ED4EF000
|
unkown
|
page readonly
|
||
|
37D2000
|
unkown
|
page read and write
|
||
|
4530000
|
direct allocation
|
page read and write
|
||
|
9795000
|
unkown
|
page read and write
|
||
|
A37B000
|
unkown
|
page read and write
|
||
|
9877000
|
unkown
|
page read and write
|
||
|
7FF5ED8B4000
|
unkown
|
page readonly
|
||
|
7FF5ED8FF000
|
unkown
|
page readonly
|
||
|
C4A0000
|
unkown
|
page read and write
|
||
|
3A9E000
|
heap
|
page read and write
|
||
|
97A9000
|
unkown
|
page read and write
|
||
|
E81E000
|
stack
|
page read and write
|
||
|
4421000
|
heap
|
page read and write
|
||
|
7FF5ED849000
|
unkown
|
page readonly
|
||
|
DE0000
|
unkown
|
page readonly
|
||
|
3049000
|
heap
|
page read and write
|
||
|
7FF5ED265000
|
unkown
|
page readonly
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
7FF5ED7FD000
|
unkown
|
page readonly
|
||
|
3900000
|
heap
|
page read and write
|
||
|
7FF5EDA47000
|
unkown
|
page readonly
|
||
|
22533245000
|
heap
|
page read and write
|
||
|
CA64000
|
unkown
|
page read and write
|
||
|
7FF5ED404000
|
unkown
|
page readonly
|
||
|
7FF5ED495000
|
unkown
|
page readonly
|
||
|
A37D000
|
unkown
|
page read and write
|
||
|
9B10000
|
heap
|
page read and write
|
||
|
2F2F000
|
stack
|
page read and write
|
||
|
7FF5ED8C1000
|
unkown
|
page readonly
|
||
|
7FF5ED5C1000
|
unkown
|
page readonly
|
||
|
AAF2000
|
unkown
|
page read and write
|
||
|
2A44000
|
heap
|
page read and write
|
||
|
CAA0000
|
unkown
|
page read and write
|
||
|
4769000
|
direct allocation
|
page read and write
|
||
|
CAC7000
|
unkown
|
page read and write
|
||
|
CB6B000
|
unkown
|
page read and write
|
||
|
7FF5ED97E000
|
unkown
|
page readonly
|
||
|
7DD0000
|
unkown
|
page read and write
|
||
|
97C3000
|
unkown
|
page read and write
|
||
|
2D30000
|
direct allocation
|
page read and write
|
||
|
3213000
|
heap
|
page read and write
|
||
|
F8A3000
|
unkown
|
page read and write
|
||
|
7FF5ED93B000
|
unkown
|
page readonly
|
||
|
289B000
|
heap
|
page read and write
|
||
|
BDBF0FF000
|
stack
|
page read and write
|
||
|
4C4B000
|
unkown
|
page read and write
|
||
|
370D000
|
unkown
|
page read and write
|
||
|
B00B000
|
stack
|
page read and write
|
||
|
A364000
|
unkown
|
page read and write
|
||
|
7FF5ED9A6000
|
unkown
|
page readonly
|
||
|
AAF9000
|
unkown
|
page read and write
|
||
|
9F1E000
|
stack
|
page read and write
|
||
|
A375000
|
unkown
|
page read and write
|
||
|
8801000
|
unkown
|
page read and write
|
||
|
FDFE000
|
unkown
|
page read and write
|
||
|
79B5000
|
unkown
|
page read and write
|
||
|
3FFC000
|
heap
|
page read and write
|
||
|
7DF4F3040000
|
unkown
|
page readonly
|
||
|
10C0000
|
unkown
|
page readonly
|
||
|
38B0000
|
unclassified section
|
page execute and read and write
|
||
|
14B0000
|
unkown
|
page readonly
|
||
|
7FF5ED847000
|
unkown
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3749000
|
unkown
|
page read and write
|
||
|
2B9E000
|
stack
|
page read and write
|
||
|
CB0D000
|
unkown
|
page read and write
|
||
|
47DE000
|
direct allocation
|
page read and write
|
||
|
A479000
|
unkown
|
page read and write
|
||
|
7FF5ED6BB000
|
unkown
|
page readonly
|
||
|
32DF000
|
stack
|
page read and write
|
||
|
9881000
|
unkown
|
page read and write
|
||
|
7FF5ED867000
|
unkown
|
page readonly
|
||
|
7FF5ED4C6000
|
unkown
|
page readonly
|
||
|
3590000
|
unkown
|
page read and write
|
||
|
FE03000
|
unkown
|
page read and write
|
||
|
C9A9000
|
unkown
|
page read and write
|
||
|
8DA0000
|
unkown
|
page read and write
|
||
|
4AB000
|
unkown
|
page readonly
|
||
|
7857000
|
unkown
|
page read and write
|
||
|
31E4000
|
heap
|
page read and write
|
||
|
3180000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED279000
|
unkown
|
page readonly
|
||
|
4A21000
|
heap
|
page read and write
|
||
|
3209000
|
stack
|
page read and write
|
||
|
9DE000
|
stack
|
page read and write
|
||
|
3213000
|
heap
|
page read and write
|
||
|
7D53000
|
unkown
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
89C0000
|
unkown
|
page read and write
|
||
|
4181000
|
heap
|
page read and write
|
||
|
13F0000
|
heap
|
page read and write
|
||
|
E61C000
|
stack
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED670000
|
unkown
|
page readonly
|
||
|
B150000
|
unkown
|
page read and write
|
||
|
331E000
|
stack
|
page read and write
|
||
|
7FF5ED426000
|
unkown
|
page readonly
|
||
|
88EE000
|
stack
|
page read and write
|
||
|
A327000
|
unkown
|
page read and write
|
||
|
CAE4000
|
unkown
|
page read and write
|
||
|
C49E000
|
stack
|
page read and write
|
||
|
7FF5ED50A000
|
unkown
|
page readonly
|
||
|
785F000
|
unkown
|
page read and write
|
||
|
28A1000
|
heap
|
page read and write
|
||
|
22533110000
|
heap
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
4C9A000
|
unkown
|
page read and write
|
||
|
7FF5ED674000
|
unkown
|
page readonly
|
||
|
3A3E000
|
stack
|
page read and write
|
||
|
7FF5ED445000
|
unkown
|
page readonly
|
||
|
7FF5ED412000
|
unkown
|
page readonly
|
||
|
8FE000
|
stack
|
page read and write
|
||
|
100000
|
heap
|
page read and write
|
||
|
B82A000
|
stack
|
page read and write
|
||
|
7DF4F3071000
|
unkown
|
page execute read
|
||
|
7FF5EDA11000
|
unkown
|
page readonly
|
||
|
4DDD000
|
stack
|
page read and write
|
||
|
987F000
|
unkown
|
page read and write
|
||
|
3E42000
|
direct allocation
|
page execute and read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
B140000
|
unkown
|
page readonly
|
||
|
C516000
|
unkown
|
page read and write
|
||
|
7FF5ED8F9000
|
unkown
|
page readonly
|
||
|
482000
|
unkown
|
page readonly
|
||
|
7FF5ED1BC000
|
unkown
|
page readonly
|
||
|
A3BE000
|
unkown
|
page read and write
|
||
|
7FF5ED5CE000
|
unkown
|
page readonly
|
||
|
7FF5ED9CC000
|
unkown
|
page readonly
|
||
|
7DF4F3050000
|
unkown
|
page readonly
|
||
|
4CC0000
|
unkown
|
page read and write
|
||
|
7FF5ED847000
|
unkown
|
page readonly
|
||
|
97D4000
|
unkown
|
page read and write
|
||
|
100000
|
heap
|
page read and write
|
||
|
89E0000
|
unkown
|
page read and write
|
||
|
9795000
|
unkown
|
page read and write
|
||
|
98E3000
|
unkown
|
page read and write
|
||
|
2253324E000
|
heap
|
page read and write
|
||
|
29DE000
|
stack
|
page read and write
|
||
|
2BA1000
|
heap
|
page read and write
|
||
|
A310000
|
unkown
|
page read and write
|
||
|
4C60000
|
unkown
|
page read and write
|
||
|
7FF5ED9F2000
|
unkown
|
page readonly
|
||
|
7FF5ED97A000
|
unkown
|
page readonly
|
||
|
9A10000
|
unkown
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
BDBF5FE000
|
stack
|
page read and write
|
||
|
56D9000
|
unkown
|
page read and write
|
||
|
7FF5ED7D6000
|
unkown
|
page readonly
|
||
|
C9AE000
|
unkown
|
page read and write
|
||
|
22532F00000
|
heap
|
page read and write
|
||
|
7FF5ED818000
|
unkown
|
page readonly
|
||
|
8A6E000
|
stack
|
page read and write
|
||
|
A4AB000
|
unkown
|
page read and write
|
||
|
CB72000
|
unkown
|
page read and write
|
||
|
C811000
|
unkown
|
page read and write
|
||
|
7FF5ED669000
|
unkown
|
page readonly
|
||
|
A37D000
|
unkown
|
page read and write
|
||
|
A327000
|
unkown
|
page read and write
|
||
|
9550000
|
unkown
|
page readonly
|
||
|
9B60000
|
unkown
|
page readonly
|
||
|
3405000
|
heap
|
page read and write
|
||
|
3405000
|
heap
|
page read and write
|
||
|
BDBF3FD000
|
stack
|
page read and write
|
||
|
A379000
|
unkown
|
page read and write
|
||
|
138F000
|
stack
|
page read and write
|
||
|
7FF5ED5F7000
|
unkown
|
page readonly
|
||
|
C6F8000
|
unkown
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
76A0000
|
unkown
|
page read and write
|
||
|
7FF5ED409000
|
unkown
|
page readonly
|
||
|
A4B8000
|
unkown
|
page read and write
|
||
|
B8AB000
|
stack
|
page read and write
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
C9A4000
|
unkown
|
page read and write
|
||
|
7B80000
|
unkown
|
page read and write
|
||
|
7861000
|
unkown
|
page read and write
|
||
|
C857000
|
unkown
|
page read and write
|
||
|
3220000
|
unkown
|
page readonly
|
||
|
3290000
|
unkown
|
page read and write
|
||
|
39B1000
|
trusted library allocation
|
page execute and read and write
|
||
|
78AD000
|
unkown
|
page read and write
|
||
|
4B56000
|
unkown
|
page read and write
|
||
|
9550000
|
unkown
|
page readonly
|
||
|
A391000
|
unkown
|
page read and write
|
||
|
7FF5ED1CC000
|
unkown
|
page readonly
|
||
|
22532FFA000
|
heap
|
page read and write
|
||
|
7FF5ED451000
|
unkown
|
page readonly
|
||
|
C5AA000
|
unkown
|
page read and write
|
||
|
1490000
|
unkown
|
page read and write
|
||
|
76C0000
|
unkown
|
page read and write
|
||
|
7FF5ED80C000
|
unkown
|
page readonly
|
||
|
7FF5ED6DB000
|
unkown
|
page readonly
|
||
|
3290000
|
unkown
|
page read and write
|
||
|
7FF5ED418000
|
unkown
|
page readonly
|
||
|
9A000
|
stack
|
page read and write
|
||
|
3758000
|
unkown
|
page read and write
|
||
|
797D000
|
unkown
|
page read and write
|
||
|
8108000
|
stack
|
page read and write
|
||
|
7FF5ED451000
|
unkown
|
page readonly
|
||
|
76C0000
|
unkown
|
page read and write
|
||
|
CB86000
|
unkown
|
page read and write
|
||
|
3400000
|
heap
|
page read and write
|
||
|
52A6000
|
unclassified section
|
page read and write
|
||
|
3412000
|
heap
|
page read and write
|
||
|
9798000
|
unkown
|
page read and write
|
||
|
7FF5ED697000
|
unkown
|
page readonly
|
||
|
7FF5ED8FF000
|
unkown
|
page readonly
|
||
|
4180000
|
heap
|
page read and write
|
||
|
7FF5ED519000
|
unkown
|
page readonly
|
||
|
7FF5ED77C000
|
unkown
|
page readonly
|
||
|
2B5D000
|
stack
|
page read and write
|
||
|
7FF5ED4DF000
|
unkown
|
page readonly
|
||
|
79FB000
|
unkown
|
page read and write
|
||
|
7FF5ED71B000
|
unkown
|
page readonly
|
||
|
3213000
|
heap
|
page read and write
|
||
|
7FF5ED735000
|
unkown
|
page readonly
|
||
|
7FF5ED625000
|
unkown
|
page readonly
|
||
|
3170000
|
heap
|
page read and write
|
||
|
7FF5ED77E000
|
unkown
|
page readonly
|
||
|
987B000
|
unkown
|
page read and write
|
||
|
7FF5ED9BE000
|
unkown
|
page readonly
|
||
|
7FF5ED94A000
|
unkown
|
page readonly
|
||
|
BDBEEFF000
|
stack
|
page read and write
|
||
|
4CE0000
|
unkown
|
page read and write
|
||
|
FDE4000
|
unkown
|
page read and write
|
||
|
A361000
|
unkown
|
page read and write
|
||
|
4BC9000
|
unkown
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
45C3000
|
direct allocation
|
page read and write
|
||
|
93E000
|
stack
|
page read and write
|
||
|
C4D0000
|
unkown
|
page read and write
|
||
|
7FF5EDA38000
|
unkown
|
page readonly
|
||
|
7FF5ED3F3000
|
unkown
|
page readonly
|
||
|
2E53000
|
direct allocation
|
page read and write
|
||
|
7FF5ED9D2000
|
unkown
|
page readonly
|
||
|
7950000
|
unkown
|
page read and write
|
||
|
8000000
|
unkown
|
page read and write
|
||
|
7FF5ED2A9000
|
unkown
|
page readonly
|
||
|
A11F000
|
stack
|
page read and write
|
||
|
CA08000
|
unkown
|
page read and write
|
||
|
3659000
|
stack
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
7950000
|
unkown
|
page read and write
|
||
|
CB86000
|
unkown
|
page read and write
|
||
|
3580000
|
unkown
|
page readonly
|
||
|
3FFA000
|
heap
|
page read and write
|
||
|
465D000
|
direct allocation
|
page read and write
|
||
|
7FF5ED42B000
|
unkown
|
page readonly
|
||
|
9701000
|
unkown
|
page read and write
|
||
|
982D000
|
unkown
|
page read and write
|
||
|
37F9000
|
unkown
|
page read and write
|
||
|
22532F40000
|
heap
|
page read and write
|
||
|
3797000
|
unkown
|
page read and write
|
||
|
490000
|
unkown
|
page read and write
|
||
|
7FF5ED8F9000
|
unkown
|
page readonly
|
||
|
9F5000
|
heap
|
page read and write
|
||
|
C89C000
|
unkown
|
page read and write
|
||
|
C4D0000
|
unkown
|
page read and write
|
||
|
31BE000
|
stack
|
page read and write
|
||
|
AADB000
|
unkown
|
page read and write
|
||
|
7FF5ED714000
|
unkown
|
page readonly
|
||
|
8EC6000
|
unkown
|
page read and write
|
||
|
22532F7C000
|
heap
|
page read and write
|
||
|
7DF4F3030000
|
unkown
|
page readonly
|
||
|
79B1000
|
unkown
|
page read and write
|
||
|
1483000
|
heap
|
page read and write
|
||
|
8EC6000
|
unkown
|
page read and write
|
||
|
9ADB000
|
stack
|
page read and write
|
||
|
7FF5ED1D7000
|
unkown
|
page readonly
|
||
|
B8C0000
|
unkown
|
page readonly
|
||
|
8FB9000
|
stack
|
page read and write
|
||
|
4C31000
|
trusted library allocation
|
page execute and read and write
|
||
|
3DF8000
|
heap
|
page read and write
|
||
|
7FF5ED755000
|
unkown
|
page readonly
|
||
|
C7C5000
|
unkown
|
page read and write
|
||
|
7FF5ED885000
|
unkown
|
page readonly
|
||
|
9871000
|
unkown
|
page read and write
|
||
|
9B60000
|
unkown
|
page readonly
|
||
|
B98000
|
heap
|
page read and write
|
||
|
B729000
|
stack
|
page read and write
|
||
|
9883000
|
unkown
|
page read and write
|
||
|
1451000
|
unkown
|
page readonly
|
||
|
4CB0000
|
unkown
|
page read and write
|
||
|
7FF5ED77C000
|
unkown
|
page readonly
|
||
|
7FF5ED68C000
|
unkown
|
page readonly
|
||
|
A1E000
|
stack
|
page read and write
|
||
|
22532F6F000
|
heap
|
page read and write
|
||
|
7FF5ED7D6000
|
unkown
|
page readonly
|
||
|
7FF5ED92C000
|
unkown
|
page readonly
|
||
|
3A77000
|
heap
|
page read and write
|
||
|
7FF5ED505000
|
unkown
|
page readonly
|
||
|
2A20000
|
heap
|
page read and write
|
||
|
482000
|
unkown
|
page readonly
|
||
|
79D3000
|
unkown
|
page read and write
|
||
|
7FFB000
|
stack
|
page read and write
|
||
|
4C1E000
|
unkown
|
page read and write
|
||
|
BDBEDFF000
|
stack
|
page read and write
|
||
|
7FF5ED55F000
|
unkown
|
page readonly
|
||
|
4CD0000
|
unkown
|
page read and write
|
||
|
9792000
|
unkown
|
page read and write
|
||
|
A3CD000
|
unkown
|
page read and write
|
||
|
FDD1000
|
unkown
|
page read and write
|
||
|
9702000
|
unkown
|
page read and write
|
||
|
BDBF6FF000
|
stack
|
page read and write
|
||
|
7FF5ED1D0000
|
unkown
|
page readonly
|
||
|
2DFC000
|
stack
|
page read and write
|
||
|
7FF5ED9FF000
|
unkown
|
page readonly
|
||
|
7FF5ED295000
|
unkown
|
page readonly
|
||
|
9869000
|
unkown
|
page read and write
|
||
|
7FF5ED660000
|
unkown
|
page readonly
|
||
|
CAE7000
|
unkown
|
page read and write
|
||
|
2A44000
|
heap
|
page read and write
|
||
|
482000
|
unkown
|
page readonly
|
||
|
7FF5ED928000
|
unkown
|
page readonly
|
||
|
3D42000
|
direct allocation
|
page execute and read and write
|
||
|
4D60000
|
trusted library allocation
|
page read and write
|
||
|
89A0000
|
unkown
|
page read and write
|
||
|
3F56000
|
heap
|
page read and write
|
||
|
7FF5ED5C5000
|
unkown
|
page readonly
|
||
|
37BD000
|
unkown
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
CB72000
|
unkown
|
page read and write
|
||
|
7FF5ED73D000
|
unkown
|
page readonly
|
||
|
7857000
|
unkown
|
page read and write
|
||
|
7FF5EDA0B000
|
unkown
|
page readonly
|
||
|
10C0000
|
unkown
|
page readonly
|
||
|
14B0000
|
unkown
|
page readonly
|
||
|
C6CF000
|
unkown
|
page read and write
|
||
|
30CB000
|
stack
|
page read and write
|
||
|
B8C0000
|
unkown
|
page readonly
|
||
|
3723000
|
heap
|
page read and write
|
||
|
9929000
|
unkown
|
page read and write
|
||
|
3700000
|
unkown
|
page read and write
|
||
|
3756000
|
unkown
|
page read and write
|
||
|
7FF5ED961000
|
unkown
|
page readonly
|
||
|
97C3000
|
unkown
|
page read and write
|
||
|
95E000
|
stack
|
page read and write
|
||
|
3FD2000
|
heap
|
page read and write
|
||
|
3130000
|
trusted library allocation
|
page read and write
|
||
|
7FF5ED42B000
|
unkown
|
page readonly
|
||
|
4614000
|
direct allocation
|
page read and write
|
||
|
3120000
|
heap
|
page read and write
|
||
|
C512000
|
unkown
|
page read and write
|
||
|
3213000
|
heap
|
page read and write
|
||
|
8DAD000
|
unkown
|
page read and write
|
||
|
A70000
|
heap
|
page read and write
|
||
|
79FB000
|
unkown
|
page read and write
|
||
|
B6E000
|
heap
|
page read and write
|
||
|
7DD0000
|
unkown
|
page read and write
|
||
|
8AF000
|
stack
|
page read and write
|
||
|
7FF5ED5A8000
|
unkown
|
page readonly
|
||
|
FDD4000
|
unkown
|
page read and write
|
||
|
7FF5ED8C6000
|
unkown
|
page readonly
|
||
|
C6D8000
|
unkown
|
page read and write
|
||
|
37E1000
|
trusted library allocation
|
page execute and read and write
|
||
|
3EB0000
|
heap
|
page read and write
|
||
|
46CE000
|
direct allocation
|
page read and write
|
||
|
40C8000
|
heap
|
page read and write
|
||
|
7FF5ED41C000
|
unkown
|
page readonly
|
||
|
79FB000
|
unkown
|
page read and write
|
||
|
97A9000
|
unkown
|
page read and write
|
||
|
7FF5ED9D6000
|
unkown
|
page readonly
|
||
|
18A1000
|
unkown
|
page readonly
|
||
|
905000
|
heap
|
page read and write
|
||
|
CA20000
|
unkown
|
page read and write
|
||
|
7FF5ED942000
|
unkown
|
page readonly
|
||
|
7FF5ED1D7000
|
unkown
|
page readonly
|
||
|
56C3000
|
unkown
|
page read and write
|
||
|
3FF2000
|
heap
|
page read and write
|
||
|
2FF4000
|
heap
|
page read and write
|
||
|
9929000
|
unkown
|
page read and write
|
||
|
7FF5ED779000
|
unkown
|
page readonly
|
||
|
465D000
|
direct allocation
|
page read and write
|
||
|
B150000
|
unkown
|
page read and write
|
||
|
7FF5ED471000
|
unkown
|
page readonly
|
||
|
A494000
|
unkown
|
page read and write
|
||
|
2EAE000
|
unkown
|
page read and write
|
||
|
8720000
|
unkown
|
page readonly
|
||
|
A4FC000
|
unkown
|
page read and write
|
||
|
34E9000
|
stack
|
page read and write
|
||
|
FDE0000
|
unkown
|
page read and write
|
||
|
7FF5ED46E000
|
unkown
|
page readonly
|
||
|
BD98000
|
stack
|
page read and write
|
||
|
AAF9000
|
unkown
|
page read and write
|
||
|
B08D000
|
stack
|
page read and write
|
||
|
4021000
|
heap
|
page read and write
|
||
|
7FF5EDA47000
|
unkown
|
page readonly
|
||
|
4B93000
|
unkown
|
page read and write
|
||
|
2C31000
|
heap
|
page read and write
|
||
|
A502000
|
unkown
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3B2D000
|
direct allocation
|
page execute and read and write
|
||
|
22532FA4000
|
heap
|
page read and write
|
||
|
7FF5ED844000
|
unkown
|
page readonly
|
There are 1872 hidden memdumps, click here to show them.