IOC Report
file.exe

loading gif

Files

File Path
Type
Category
Malicious
file.exe
PE32 executable (GUI) Intel 80386, for MS Windows
initial sample
 malicious
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 8
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\ATCVA5TX\random[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BEDT2L3A\random[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
modified
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\freebl3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\mozglue[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\nss3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\random[1].exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\softokn3[1].dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\1005587001\1017b01294.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\1005588001\474b2c9b63.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\1005590001\2018142c2f.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\Users\user\DocumentsIEGCAAKFBA.exe
PE32 executable (GUI) Intel 80386, for MS Windows
dropped
 malicious
C:\ProgramData\AAFIIJDAAAAKFHIDAAAK
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\DAECGCGH
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 9, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 9
dropped
C:\ProgramData\EGIDBFBF
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\FBAKEHIEBKJJJJJKKKEG
ASCII text, with very long lines (1769), with CRLF line terminators
dropped
C:\ProgramData\GIDBKKKKKFBGDGDHIDBGHIEBGD
SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
dropped
C:\ProgramData\IDBAKKECAEGCAKFIIIDH
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
dropped
C:\ProgramData\JEBKJDAFHJDGDHJKKEGIJDAKJJ
SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
dropped
C:\ProgramData\freebl3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\mozglue.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\msvcp140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\ProgramData\nss3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\softokn3.dll
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
dropped
C:\ProgramData\vcruntime140.dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\060c6a38-f245-4aa4-adb9-1c752d2c6f17.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\36d2caf1-d581-4904-b979-0fe8436abbce.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\4543212b-c46d-43da-a782-04e50fec8be9.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\5f9a5466-e680-4d6a-948a-ff1f2f0de1c6.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\6a45ae1b-3beb-47ba-b350-aab0a084404a.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\9982561d-e24d-48e3-a67d-d0136ed50586.tmp
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\9fa50a9b-07a5-4738-b7e7-8da7bdb0f825.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-67324A46-1F1C.pma
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\24493a9b-e834-4aa6-bc03-0a4f7932f5de.tmp
Unicode text, UTF-8 text, with very long lines (17244), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\24dad8e1-9c52-43bd-85df-69d72dc54845.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\3cc5db29-0592-4c0d-8442-f6f10c092bb5.tmp
Unicode text, UTF-8 text, with very long lines (13712), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\464045b3-01b5-471f-a83e-662dadc0420b.tmp
Unicode text, UTF-8 text, with very long lines (17079), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\6748159c-ed69-4cbc-8334-728fd2fb5159.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\77c0dd02-7efb-4e1d-b942-5aea74c75a7e.tmp
Unicode text, UTF-8 text, with very long lines (17244), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\8837ad3d-b9eb-48de-af9f-ef50354c01d2.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\9a2b65e0-2835-406b-b104-640f9432746d.tmp
ASCII text, with very long lines (1597), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log
data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)
ASCII text, with very long lines (1597), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\0b4d0fe1-2870-42e6-8680-3c6edcb0cd43.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\0d23a4d0-9a30-47a0-b238-b4cd1141cb3f.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\54b6849f-abfb-4219-9e12-cd1fd0c984fe.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\8ee4b078-b769-429e-a968-0ea7f5c7a499.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\8ee534ac-4c5d-494f-bc96-968311cf74fa.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\988e2257-26d9-41e3-8e81-6c96b3bae3bf.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 8
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF23f32.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF25838.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF25cbc.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF3c739.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\c3cdec64-31ab-4c25-a85a-5a7ba992f650.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)
Unicode text, UTF-8 text, with very long lines (13712), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF2746b.TMP (copy)
Unicode text, UTF-8 text, with very long lines (13712), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF2c181.TMP (copy)
Unicode text, UTF-8 text, with very long lines (13712), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF2f2e2.TMP (copy)
Unicode text, UTF-8 text, with very long lines (13712), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF336a1.TMP (copy)
Unicode text, UTF-8 text, with very long lines (13712), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF2747a.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF29d4f.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RF2987d.TMP (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\02aa6d6d-8d6b-4663-b5c7-a79b77e3d650.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\608871b1-4839-4100-93ed-31709c2cf0fd.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF257f9.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF25cbc.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF3c739.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 4
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\bd77028c-e908-41f2-a554-121464e62ffc.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\bfa27979-ec6d-4a4b-86fb-fcd32b03130e.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\fd061697-981d-4c3f-a361-853fb7e91857.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\a722adf5-3646-4295-bc25-1f4c300ec0a8.tmp
Unicode text, UTF-8 text, with very long lines (17079), with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\a83a0593-ef4b-48ef-8a0b-52b60ebfd1dc.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json
ASCII text, with very long lines (3951), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\e7e27c0f-394e-4ca6-a8e6-0705e19f7a97.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF223ca.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF223da.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF225dd.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF24c61.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF279d9.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF33672.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF35d82.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF39d0c.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_638343870221005468
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_638004170464094982
raw G3 (Group 3) FAX, byte-padded
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\a706bb9f-6c54-4869-99ed-7fb2a6ed3178.tmp
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\be50a16d-96ae-437e-97ba-f882764ebeb4.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\e3137ae7-40cd-4b42-9132-0802ca930f9e.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\FGDLZ049\json[1].json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\json[1].json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\msvcp140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\W1DLB4AP\vcruntime140[1].dll
PE32 executable (DLL) (console) Intel 80386, for MS Windows
dropped
C:\Users\user\AppData\Local\Temp\0f497047-b170-4072-8a32-317d9738fc3f.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\893da8f4-d990-4f6d-a4df-a429fce515fe.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\b857cfe5-4ab4-47cb-9f39-9c6fc849bc17.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\cv_debug.log
JSON data
dropped
C:\Users\user\AppData\Local\Temp\ec948ed9-7891-4112-a1d4-605bd1d6b3d6.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\af\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\am\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\ar\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\az\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\be\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\bg\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\bn\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\ca\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\cs\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\cy\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\da\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\de\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\el\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\en\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\en_CA\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\en_GB\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\en_US\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\es\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\es_419\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\et\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\eu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\fa\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\fi\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\fil\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\fr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\fr_CA\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\gl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\gu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\hi\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\hr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\hu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\hy\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\id\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\is\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\it\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\iw\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\ja\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\ka\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\kk\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\km\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\kn\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\ko\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\lo\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\lt\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\lv\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\ml\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\mn\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\mr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\ms\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\my\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\ne\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\nl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\no\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\pa\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\pl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\pt_BR\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\pt_PT\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\ro\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\ru\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\si\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\sk\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\sl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\sr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\sv\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\sw\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\ta\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\te\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\th\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\tr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\uk\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\ur\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\vi\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\zh_CN\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\zh_HK\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\zh_TW\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_locales\zu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\_metadata\verified_contents.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\dasherSettingSchema.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\manifest.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\offscreendocument.html
HTML document, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\offscreendocument_main.js
ASCII text, with very long lines (3700)
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\page_embed_script.js
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\CRX_INSTALL\service_worker_bin_prod.js
ASCII text, with very long lines (3705)
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_1685021146\ec948ed9-7891-4112-a1d4-605bd1d6b3d6.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_228736446\893da8f4-d990-4f6d-a4df-a429fce515fe.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_228736446\CRX_INSTALL\_metadata\verified_contents.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_228736446\CRX_INSTALL\content.js
Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_228736446\CRX_INSTALL\content_new.js
Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir1920_228736446\CRX_INSTALL\manifest.json
JSON data
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\cookies.sqlite-shm
data
dropped
C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fu7wner3.default-release\places.sqlite-shm
data
dropped
C:\Windows\Tasks\skotes.job
data
dropped
Chrome Cache Entry: 485
ASCII text, with very long lines (764)
downloaded
Chrome Cache Entry: 486
ASCII text
downloaded
Chrome Cache Entry: 487
ASCII text, with very long lines (2586)
downloaded
Chrome Cache Entry: 488
ASCII text, with very long lines (65531)
downloaded
Chrome Cache Entry: 489
ASCII text, with very long lines (1302)
downloaded
Chrome Cache Entry: 490
ASCII text, with very long lines (5162), with no line terminators
downloaded
Chrome Cache Entry: 491
SVG Scalable Vector Graphics image
downloaded
There are 239 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\file.exe
"C:\Users\user\Desktop\file.exe"
 malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9229 --profile-directory="Default"
 malicious
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2436 --field-trial-handle=2184,i,17830567374915129645,17658009818156142386,262144 /prefetch:8
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9229 --profile-directory="Default"
 malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2584 --field-trial-handle=2236,i,16034310366298232059,5096716925482931447,262144 /prefetch:3
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --remote-debugging-port=9229 --profile-directory=Default --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=3004 --field-trial-handle=2108,i,6932208838841982647,13002878886138125623,262144 /prefetch:3
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6980 --field-trial-handle=2108,i,6932208838841982647,13002878886138125623,262144 /prefetch:8
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7120 --field-trial-handle=2108,i,6932208838841982647,13002878886138125623,262144 /prefetch:8
malicious
C:\Users\user\DocumentsIEGCAAKFBA.exe
"C:\Users\user\DocumentsIEGCAAKFBA.exe"
malicious
C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
"C:\Users\user~1\AppData\Local\Temp\abc3bc1985\skotes.exe"
malicious
C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
C:\Users\user~1\AppData\Local\Temp\abc3bc1985\skotes.exe
 malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=7252 --field-trial-handle=2108,i,6932208838841982647,13002878886138125623,262144 /prefetch:8
malicious
C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
C:\Users\user~1\AppData\Local\Temp\abc3bc1985\skotes.exe
 malicious
C:\Users\user\AppData\Local\Temp\1005587001\1017b01294.exe
"C:\Users\user~1\AppData\Local\Temp\1005587001\1017b01294.exe"
malicious
C:\Users\user\AppData\Local\Temp\1005588001\474b2c9b63.exe
"C:\Users\user~1\AppData\Local\Temp\1005588001\474b2c9b63.exe"
malicious
C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
"C:\Users\user~1\AppData\Local\Temp\abc3bc1985\skotes.exe"
 malicious
C:\Users\user\AppData\Local\Temp\1005590001\2018142c2f.exe
"C:\Users\user~1\AppData\Local\Temp\1005590001\2018142c2f.exe"
malicious
C:\Users\user\AppData\Local\Temp\1005587001\1017b01294.exe
"C:\Users\user~1\AppData\Local\Temp\1005587001\1017b01294.exe"
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=4320 --field-trial-handle=2108,i,6932208838841982647,13002878886138125623,262144 /prefetch:3
malicious
C:\Users\user\AppData\Local\Temp\1005588001\474b2c9b63.exe
"C:\Users\user~1\AppData\Local\Temp\1005588001\474b2c9b63.exe"
malicious
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe" /c start "" "C:\Users\user\DocumentsIEGCAAKFBA.exe"
C:\Windows\System32\conhost.exe
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
There are 13 hidden processes, click here to show them.

URLs

Name
IP
Malicious
http://185.215.113.43/Zu7JuNko/index.phpOR
unknown
 malicious
http://185.215.113.43/Zu7JuNko/index.php/M
unknown
 malicious
http://185.215.113.206/c4becf79229cb002.phpSw
unknown
 malicious
https://duckduckgo.com/chrome_newtab
unknown
http://185.215.113.43/Zu7JuNko/index.php_M
unknown
https://community.fastly.steamstatic.com/public/javascript/webui/clientcom.js?v=g9lbYg_WDvLO&l=e
unknown
https://duckduckgo.com/ac/?q=
unknown
http://185.215.113.206/
185.215.113.206
https://community.fastly.steamstatic.com/public/css/applications/community/main.css?v=h6HMV-M6cfAX&a
unknown
https://community.fastly.steamstatic.com/public/javascript/profile.js?v=f9Xv_dG_70Ca&l=english
unknown
https://marshal-zhukov.com/api)w
unknown
https://www.gstatic.cn/recaptcha/
unknown
https://deff.nelreports.net/api/report?cat=msn
unknown
https://ntp.msn.cn/edge/ntp
unknown
https://community.fastly.steamstatic.com/public/javascript/applicati
unknown
http://185.215.113.206/ws
unknown
https://docs.google.com/
unknown
fadehairucw.store
http://www.valvesoftware.com/legal.htm
unknown
https://www.youtube.com
unknown
https://community.fastly.steamstatic.com/public/javascript/jquery-1.11.1.min.js?v=.isFTSRckeNhC
unknown
https://community.fastly.steamstatic.com/public/css/globalv2.css?v=1Zpka7DM_TWk&l=english
unknown
https://www.valvesoftware.com/en/contact?contact-person=Translation%20Team%20Feedback
unknown
https://community.fastly.steamstatic.com/public/shared/css/motiva_sans.css?v=ij4Q-MLeHxnJ&l=engl
unknown
https://community.fastly.steamstatic.com/public/javascript/applications/community/libraries~b28b7af6
unknown
http://185.215.113.206/68b591d6548ec281/nss3.dll
185.215.113.206
founpiuer.store
http://185.215.113.43/Zu7JuNko/index.phpcoded
unknown
https://s.ytimg.com;
unknown
https://community.fastly.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1
unknown
https://support.mozilla.org/products/firefoxgro.allizom.troppus.S3DiLP_FhcLK
unknown
https://steamcommunity.com/profiles/76561199724331900
23.192.247.89
https://community.fastly.steamstatic.com/public/shared/css/shared_responsive.css?v=fK65ckRAjZr-&
unknown
https://presticitpo.store:443/api
unknown
https://drive-daily-2.corp.google.com/
unknown
https://community.fastly.steamstatic.com/public/javascript/modalContent.js?v=1vfyNnvUqkgy&l=engl
unknown
https://unitedstates1.ss.wd.microsoft.us/
unknown
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
unknown
http://ocsp.rootca1.amazontrust.com0:
unknown
https://www.ecosia.org/newtab/
unknown
http://185.215.113.16/off/random.exee
unknown
https://drive-daily-1.corp.google.com/
unknown
https://lv.queniujq.cn
unknown
https://c.msn.com/c.gif?rnd=1731349070731&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=d656a9437545442c897859c057721d8a&activityId=d656a9437545442c897859c057721d8a&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0&ctsa=mr&CtsSyncId=FC0747ADCE0F43758A5B7B7221317D35&MUID=021090CBA3AE69423B8585FFA2C968AB
20.110.205.119
https://steamcommunity.com/profiles/76561199724331900/inventory/
unknown
https://www.youtube.com/
unknown
https://sb.scorecardresearch.com/b2?rn=1731349070732&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=021090CBA3AE69423B8585FFA2C968AB&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null
108.139.47.108
https://drive-daily-5.corp.google.com/
unknown
https://plus.google.com
unknown
http://185.215.113.16/steam/random.exeGce
unknown
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.SGzW6IeCawI.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo-5biO9jua-6zCEovdoDJ8SLzd6sw/cb=gapi.loaded_0
142.250.184.206
https://community.fa
unknown
https://www.google.com/recaptcha/
unknown
https://checkout.steampowered.com/
unknown
http://185.215.113.16/off/random.exe;
unknown
http://185.215.113.43/Zu7JuNko/index.phpded
unknown
https://chromewebstore.google.com/
unknown
https://contile-images.services.mozilla.com/CuERQnIs4CzqjKBh9os6_h9d4CUDCHO3oiqmAQO6VLM.25122.jpg
unknown
https://drive-preprod.corp.google.com/
unknown
https://srtb.msn.cn/
unknown
https://msn.comXIDv10
unknown
https://chrome.google.com/webstore/
unknown
https://community.fastly.steamstatic.com/public/css/skin_1/header.css?v=g2Zx7e0yBV_M&l=english
unknown
http://185.215.113.206rontdesk
unknown
https://assets.msn.cn/resolver/
unknown
https://community.fastly.steamstatic.com/public/css/skin_1/modalContent.css?v=.VpiwkLAYt9r1
unknown
http://185.215.113.206/c4becf79229cb002.phpcv
unknown
https://browser.events.data.msn.com/
unknown
http://185.215.113.206/68b591d6548ec281/vcruntime140.dll
185.215.113.206
http://185.215.113.206/c4becf79229cb002.phpd
unknown
https://help.steampowered.com/en/
unknown
https://community.fastly.steamstatic.com/public/javascript/reportedcontent.js?v=dAtjbcZMWhSe&l=e
unknown
https://ntp.msn.com/edge/ntp
unknown
https://assets.msn.com/resolver/
unknown
https://marshal-zhukov.com/apih
unknown
presticitpo.store
http://185.215.113.206/68b591d6548ec281/sqlite3.dll
185.215.113.206
https://community.fastly.steamstatic.com/public/javascript/applicationsL
unknown
https://marshal-zhukov.com/6Y?:8
unknown
https://recaptcha.net/recaptcha/;
unknown
https://ntp.msn.com
unknown
https://steamcommunity.com/linkfilter/?u=http%3A%2F%2Fwww.geon
unknown
https://community.fastly.steamstatic.com/public/css/skin_1/profilev2.css?v=ftiDdX_V0QeB&l=englis
unknown
http://185.215.113.43/Zu7JuNko/index.php;M
unknown
https://broadcast.st.dl.eccdnx.com
unknown
https://community.fastly.steamstatic.com/public/shared/images/responsive/logo_valve_footer.png
unknown
http://x1.c.lencr.org/0
unknown
http://x1.i.lencr.org/0
unknown
http://185.215.113.206/68b591d6548ec281/mozglue.dll
185.215.113.206
https://marshal-zhukov.com/pW
unknown
https://apis.google.com
unknown
https://steamcommunity.com/workshop/
unknown
https://community.fastly.steamstatic.com/public/javascript/prototype-1.7.js?v=.55t44gwuwgvw
unknown
https://login.steampowered.com/
unknown
https://support.mozilla.org/products/firefoxgro.all
unknown
https://store.steampowered.com/legal/
unknown
http://store.steampowered.com/p
unknown
https://domains.google.com/suggest/flow
unknown
http://185.215.113.43/Zu7JuNko/index.phpeSE
unknown
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
unknown
There are 90 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
chrome.cloudflare-dns.com
172.64.41.3
steamcommunity.com
23.192.247.89
plus.l.google.com
142.250.184.206
play.google.com
172.217.16.206
ssl.bingadsedgeextension-prod-europe.azurewebsites.net
94.245.104.56
sb.scorecardresearch.com
18.244.18.38
www.google.com
142.250.185.196
marshal-zhukov.com
188.114.97.3
googlehosted.l.googleusercontent.com
142.250.185.225
assets.msn.com
unknown
15.164.165.52.in-addr.arpa
unknown
c.msn.com
unknown
ntp.msn.com
unknown
navygenerayk.store
unknown
clients2.googleusercontent.com
unknown
bzib.nelreports.net
unknown
presticitpo.store
unknown
founpiuer.store
unknown
scriptyprefej.store
unknown
thumbystriw.store
unknown
necklacedmny.store
unknown
apis.google.com
unknown
api.msn.com
unknown
browser.events.data.msn.com
unknown
crisiwarny.store
unknown
fadehairucw.store
unknown
There are 16 hidden domains, click here to show them.

IPs

IP
Domain
Country
Malicious
185.215.113.43
unknown
Portugal
malicious
192.168.2.7
unknown
unknown
malicious
185.215.113.206
unknown
Portugal
malicious
13.107.246.40
unknown
United States
23.192.247.89
steamcommunity.com
United States
142.250.185.225
googlehosted.l.googleusercontent.com
United States
162.159.61.3
unknown
United States
23.219.161.135
unknown
United States
20.110.205.119
unknown
United States
108.139.47.108
unknown
United States
23.33.40.145
unknown
United States
185.215.113.16
unknown
Portugal
4.150.155.223
unknown
United States
18.244.18.38
sb.scorecardresearch.com
United States
239.255.255.250
unknown
Reserved
142.250.185.196
www.google.com
United States
188.114.97.3
marshal-zhukov.com
European Union
127.0.0.1
unknown
unknown
23.33.40.155
unknown
United States
23.44.203.19
unknown
United States
20.189.173.18
unknown
United States
142.250.184.206
plus.l.google.com
United States
204.79.197.219
unknown
United States
172.64.41.3
chrome.cloudflare-dns.com
United States
172.217.16.206
play.google.com
United States
94.245.104.56
ssl.bingadsedgeextension-prod-europe.azurewebsites.net
United Kingdom
104.117.182.72
unknown
United States
23.101.168.44
unknown
United States
There are 18 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
1017b01294.exe
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
474b2c9b63.exe
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2018142c2f.exe
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection
DisableIOAVProtection
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection
DisableRealtimeMonitoring
 malicious
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center\Notifications
DisableNotifications
 malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\MSUTB
Left
HKEY_CURRENT_USER\SOFTWARE\Microsoft\CTF\MSUTB
Top
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
freseenversion
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
freseen
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Defaults
is_dse_recommended
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Defaults
is_startup_page_recommended
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197676
WindowTabManagerFileMappingId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds
EdgeMUID
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dgiklkfkllikcanfonkcabmbdfmgleag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fikbjbembnmfhppjfnmfkahdhfohhjmg
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghbmnnjooekpmoecnnnilnnbdlolhkhi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
iglcjdemknebjbklcgkfaebgojjphkec
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ihmafllikibpmigkcoadcmckbfhibefp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jdiccldimpdaibmpdkjnbmckianbfold
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jmjflgjpcpepeafmmgdpfkogkghcpiha
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ncbjelpjchkpbikbpkcchkhkblodoama
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Profiles\Default
MUID
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahokoikenoafgppiblgpenaaaolecifn
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bhmhibnbialendcafinliemndanacfaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bobbggphonhgdonfdibkfipfepfcildj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ceaifoolopnigfpidlheoagpheiplgii
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
cjneempfhkonkkbcmnfdibgobmhbagaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dabfebgaghanlbehmkmaflipiohdimmc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dcaajljecejllikfgbhjdgeognacjkkp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dgiklkfkllikcanfonkcabmbdfmgleag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dmbljphlfghcnbohaoffiedmodfmkmol
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ehlmnljdoejdahfjdfobmpfancoibmig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
eijpepilkjkofamihbmjcnihgpbebafj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
enkoeamdnimieoooocohgbdajhhkajko
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fikbjbembnmfhppjfnmfkahdhfohhjmg
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fjngpfnaikknjdhkckmncgicobbkcnle
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbihlnbpmfkodghomcinpblknjhneknc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbmoeijgfngecijpcnbooedokgafmmji
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gcinnojdebelpnodghnoicmcdmamjoch
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gecfnmoodchdkebjjffmdcmeghkflpib
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gekagaaiohabmaknhkbaofhhedhelemf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghbmnnjooekpmoecnnnilnnbdlolhkhi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghglcnachgghkhbafjogogiggghcpjig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hciemgmhplhpinoohcjpafmncmjapioh
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hloomjjkinpbjldhobfkfdamkmikjmdo
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hmlhageoffiiefnmojcgoagebofoifpl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
iglcjdemknebjbklcgkfaebgojjphkec
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ihmafllikibpmigkcoadcmckbfhibefp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jbleckejnaboogigodiafflhkajdmpcl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jdiccldimpdaibmpdkjnbmckianbfold
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jgcbloklkllbkmkbfckchanipicejgah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jlipacegilfgfpgkefbjcncbfcoeecgj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jmjflgjpcpepeafmmgdpfkogkghcpiha
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jpfjdekhebcolnfkpicpciaknbgcdcbm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kfihiegbjaloebkmglnjnljoljgkkchm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
khffkadolmfbdgahbabbhipadklfmhgf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kjncpkplfnolibapodobnnjfgmjmiaba
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kkobcodijbdelbnhbfkkfncbeildnpie
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kmojgmpmopiiagdfbilgognmlegkonbk
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ncbjelpjchkpbikbpkcchkhkblodoama
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkbndigcebkoaejohleckhekfmcecfja
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nnpnekncnhiglbokoiffmejlimgmgoam
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ofefcgjbeghpigppfmkologfjadafddi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ojmnomejplkgljjhjindfoilnmobmihe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olkdlefmaniacnmgofabnpmomgcpdaip
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olmhchkiafniffcaiciiomfdplnmklak
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
pencekojiebcjhifbkfdncgmmooepclc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ppnnjfpaneghjbcepgedmlcgmfgkjhah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahokoikenoafgppiblgpenaaaolecifn
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bhmhibnbialendcafinliemndanacfaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bobbggphonhgdonfdibkfipfepfcildj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ceaifoolopnigfpidlheoagpheiplgii
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
cjneempfhkonkkbcmnfdibgobmhbagaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dabfebgaghanlbehmkmaflipiohdimmc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dcaajljecejllikfgbhjdgeognacjkkp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dgiklkfkllikcanfonkcabmbdfmgleag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dmbljphlfghcnbohaoffiedmodfmkmol
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ehlmnljdoejdahfjdfobmpfancoibmig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
eijpepilkjkofamihbmjcnihgpbebafj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
enkoeamdnimieoooocohgbdajhhkajko
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fikbjbembnmfhppjfnmfkahdhfohhjmg
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fjngpfnaikknjdhkckmncgicobbkcnle
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbihlnbpmfkodghomcinpblknjhneknc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbmoeijgfngecijpcnbooedokgafmmji
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gcinnojdebelpnodghnoicmcdmamjoch
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gecfnmoodchdkebjjffmdcmeghkflpib
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gekagaaiohabmaknhkbaofhhedhelemf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghbmnnjooekpmoecnnnilnnbdlolhkhi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghglcnachgghkhbafjogogiggghcpjig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hciemgmhplhpinoohcjpafmncmjapioh
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hloomjjkinpbjldhobfkfdamkmikjmdo
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hmlhageoffiiefnmojcgoagebofoifpl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
iglcjdemknebjbklcgkfaebgojjphkec
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ihmafllikibpmigkcoadcmckbfhibefp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jbleckejnaboogigodiafflhkajdmpcl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jdiccldimpdaibmpdkjnbmckianbfold
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jgcbloklkllbkmkbfckchanipicejgah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jlipacegilfgfpgkefbjcncbfcoeecgj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jmjflgjpcpepeafmmgdpfkogkghcpiha
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jpfjdekhebcolnfkpicpciaknbgcdcbm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kfihiegbjaloebkmglnjnljoljgkkchm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
khffkadolmfbdgahbabbhipadklfmhgf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kjncpkplfnolibapodobnnjfgmjmiaba
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kkobcodijbdelbnhbfkkfncbeildnpie
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kmojgmpmopiiagdfbilgognmlegkonbk
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ncbjelpjchkpbikbpkcchkhkblodoama
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkbndigcebkoaejohleckhekfmcecfja
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nnpnekncnhiglbokoiffmejlimgmgoam
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ofefcgjbeghpigppfmkologfjadafddi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ojmnomejplkgljjhjindfoilnmobmihe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olkdlefmaniacnmgofabnpmomgcpdaip
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olmhchkiafniffcaiciiomfdplnmklak
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
pencekojiebcjhifbkfdncgmmooepclc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ppnnjfpaneghjbcepgedmlcgmfgkjhah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
media.cdm.origin_data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.reporting
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
media.storage_id_salt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.account_id
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.prompt_seed
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.last_username
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
default_search_provider_data.template_url_data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
safebrowsing.incidents_sent
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
pinned_tabs
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
search_provider_overrides
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.last_account_id
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.prompt_version
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
session.startup_urls
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
session.restore_on_startup
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
browser.show_home_button
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
homepage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
homepage_is_newtabpage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
lastrun
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197676
WindowTabManagerFileMappingId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\197676
WindowTabManagerFileMappingId
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows Defender\Features
TamperProtection
There are 151 hidden registries, click here to show them.

Memdumps

Base Address
Regiontype
Protect
Malicious
BB1000
unkown
page execute and read and write
 malicious
161E000
heap
page read and write
 malicious
F31000
unkown
page execute and read and write
 malicious
651000
unkown
page execute and read and write
 malicious
79E000
heap
page read and write
 malicious
651000
unkown
page execute and read and write
 malicious
4A00000
direct allocation
page read and write
 malicious
631000
unkown
page execute and read and write
 malicious
651000
unkown
page execute and read and write
 malicious
5550000
direct allocation
page read and write
 malicious
5C4000
heap
page read and write
620000
direct allocation
page read and write
197F000
stack
page read and write
2327E000
heap
page read and write
3AEF000
stack
page read and write
6D10E000
unkown
page read and write
9A4000
heap
page read and write
1D1D1000
heap
page read and write
56F9000
trusted library allocation
page read and write
50B1000
heap
page read and write
4591000
heap
page read and write
53AD000
stack
page read and write
4591000
heap
page read and write
50C0000
heap
page read and write
3CCE000
stack
page read and write
5C4000
heap
page read and write
E34000
heap
page read and write
E20000
direct allocation
page read and write
57F9000
trusted library allocation
page read and write
9A0000
heap
page read and write
4B5F000
stack
page read and write
50B0000
heap
page read and write
FB000
stack
page read and write
393E000
stack
page read and write
50B1000
heap
page read and write
4591000
heap
page read and write
CB000
stack
page read and write
4E4000
unkown
page execute and write copy
50B1000
heap
page read and write
275F000
stack
page read and write
3C2F000
stack
page read and write
87A000
unkown
page execute and read and write
140E000
unkown
page execute and read and write
5250000
direct allocation
page read and write
4B3F000
stack
page read and write
5250000
direct allocation
page read and write
816000
unkown
page execute and write copy
2C6F000
stack
page read and write
6795000
trusted library allocation
page read and write
98C000
stack
page read and write
4B50000
direct allocation
page execute and read and write
5510000
direct allocation
page execute and read and write
4DBC000
trusted library allocation
page read and write
40BE000
stack
page read and write
306E000
stack
page read and write
56E2000
trusted library allocation
page read and write
56E9000
trusted library allocation
page read and write
322F000
stack
page read and write
BB1000
unkown
page execute and write copy
50B1000
heap
page read and write
C74000
heap
page read and write
41E1000
heap
page read and write
1D1B3000
heap
page read and write
4581000
heap
page read and write
549000
heap
page read and write
3F5F000
stack
page read and write
620000
direct allocation
page read and write
DB0000
direct allocation
page read and write
459000
unkown
page execute and read and write
5F0000
direct allocation
page read and write
570000
heap
page read and write
4581000
heap
page read and write
4D2000
unkown
page execute and write copy
4581000
heap
page read and write
125E000
stack
page read and write
48B000
unkown
page execute and read and write
87E000
heap
page read and write
5733000
trusted library allocation
page read and write
E20000
direct allocation
page read and write
4D2F000
stack
page read and write
12BC000
stack
page read and write
41DF000
stack
page read and write
45A0000
heap
page read and write
9A4000
heap
page read and write
56D0000
trusted library allocation
page read and write
5C4000
heap
page read and write
4591000
heap
page read and write
269F000
stack
page read and write
B7F000
stack
page read and write
28F0000
heap
page read and write
94A000
unkown
page execute and write copy
8C1000
unkown
page execute and read and write
48C000
unkown
page execute and write copy
4800000
direct allocation
page execute and read and write
699000
unkown
page write copy
56E6000
trusted library allocation
page read and write
456F000
stack
page read and write
93B000
unkown
page execute and write copy
489000
unkown
page execute and read and write
C74000
heap
page read and write
4581000
heap
page read and write
516E000
stack
page read and write
5741000
trusted library allocation
page read and write
316F000
stack
page read and write
9A4000
heap
page read and write
5701000
trusted library allocation
page read and write
9A4000
heap
page read and write
45A2000
heap
page read and write
421F000
stack
page read and write
495000
unkown
page execute and read and write
620000
direct allocation
page read and write
50B1000
heap
page read and write
564000
unkown
page execute and read and write
4581000
heap
page read and write
23521000
heap
page read and write
9A4000
heap
page read and write
F30000
unkown
page readonly
4800000
direct allocation
page execute and read and write
281E000
stack
page read and write
684000
heap
page read and write
43AF000
stack
page read and write
2C6F000
stack
page read and write
4771000
heap
page read and write
4591000
heap
page read and write
59F9000
trusted library allocation
page read and write
5733000
trusted library allocation
page read and write
16D4000
heap
page read and write
F67000
unkown
page execute and read and write
4650000
remote allocation
page read and write
4F7000
heap
page read and write
3CFE000
stack
page read and write
69B000
unkown
page execute and write copy
4581000
heap
page read and write
4581000
heap
page read and write
340E000
stack
page read and write
352F000
stack
page read and write
5C5000
heap
page read and write
4581000
heap
page read and write
4581000
heap
page read and write
232FD000
heap
page read and write
5C4000
heap
page read and write
699000
unkown
page write copy
3E2E000
stack
page read and write
37CE000
stack
page read and write
57E8000
trusted library allocation
page read and write
4E15000
trusted library allocation
page read and write
50B1000
heap
page read and write
DB0000
direct allocation
page read and write
6CE90000
unkown
page readonly
4FE000
stack
page read and write
16E0000
direct allocation
page read and write
5700000
direct allocation
page execute and read and write
5250000
direct allocation
page read and write
540000
heap
page read and write
9A4000
heap
page read and write
628C000
heap
page read and write
85B000
heap
page read and write
5C4000
heap
page read and write
1D1C3000
heap
page read and write
4581000
heap
page read and write
4BBE000
stack
page read and write
5250000
direct allocation
page read and write
31F0000
direct allocation
page read and write
5C4000
heap
page read and write
271000
unkown
page execute and read and write
E34000
heap
page read and write
5F90000
heap
page read and write
5080000
direct allocation
page execute and read and write
DB0000
direct allocation
page read and write
14B1000
heap
page read and write
369F000
stack
page read and write
5C4000
heap
page read and write
4B80000
direct allocation
page execute and read and write
925000
unkown
page execute and write copy
FC0000
unkown
page execute and read and write
44E000
unkown
page execute and write copy
E20000
direct allocation
page read and write
6C7000
unkown
page execute and write copy
4ECE000
stack
page read and write
56C0000
direct allocation
page execute and read and write
32EE000
stack
page read and write
4B80000
direct allocation
page execute and read and write
1D1D1000
heap
page read and write
8C7000
unkown
page execute and read and write
1076000
unkown
page execute and read and write
4591000
heap
page read and write
935000
unkown
page execute and write copy
1D1AD000
heap
page read and write
23286000
heap
page read and write
F3E000
unkown
page execute and write copy
5E0000
heap
page read and write
4EED000
stack
page read and write
32FE000
stack
page read and write
359F000
stack
page read and write
5C4000
heap
page read and write
2820000
heap
page read and write
342E000
stack
page read and write
4591000
heap
page read and write
E07000
heap
page read and write
249F000
stack
page read and write
5C4000
heap
page read and write
16D4000
heap
page read and write
452000
unkown
page execute and read and write
572E000
trusted library allocation
page read and write
5C4000
heap
page read and write
22DE000
stack
page read and write
457F000
stack
page read and write
9C0000
heap
page read and write
50B1000
heap
page read and write
5A9C000
stack
page read and write
61E01000
direct allocation
page execute read
56F9000
trusted library allocation
page read and write
489000
unkown
page execute and read and write
543000
heap
page read and write
5818000
trusted library allocation
page read and write
88F000
unkown
page execute and write copy
5721000
trusted library allocation
page read and write
9A4000
heap
page read and write
4591000
heap
page read and write
4581000
heap
page read and write
34AF000
stack
page read and write
545000
heap
page read and write
5C4000
heap
page read and write
1D1A5000
heap
page read and write
41EE000
stack
page read and write
684000
heap
page read and write
2DCE000
stack
page read and write
12C0000
direct allocation
page read and write
27DE000
stack
page read and write
28EE000
stack
page read and write
307E000
stack
page read and write
50B1000
heap
page read and write
5C4000
heap
page read and write
6B9000
unkown
page write copy
4591000
heap
page read and write
6EBE000
heap
page read and write
E20000
direct allocation
page read and write
3CEE000
stack
page read and write
4581000
heap
page read and write
936000
unkown
page execute and write copy
4591000
heap
page read and write
331F000
stack
page read and write
8DD000
unkown
page execute and read and write
147E000
heap
page read and write
31F0000
direct allocation
page read and write
512F000
stack
page read and write
57E9000
trusted library allocation
page read and write
DCE000
stack
page read and write
E76000
heap
page read and write
454F000
stack
page read and write
E01000
heap
page read and write
4B30000
trusted library allocation
page read and write
13B5000
stack
page read and write
4581000
heap
page read and write
572B000
trusted library allocation
page read and write
1D1C3000
heap
page read and write
23210000
trusted library allocation
page read and write
3B3E000
stack
page read and write
2F5F000
stack
page read and write
684000
heap
page read and write
61ED0000
direct allocation
page read and write
4CF000
unkown
page execute and write copy
8BF000
unkown
page execute and read and write
4A7C000
stack
page read and write
E20000
direct allocation
page read and write
684000
heap
page read and write
47E0000
direct allocation
page execute and read and write
433E000
stack
page read and write
620000
direct allocation
page read and write
2B5F000
stack
page read and write
302F000
stack
page read and write
570E000
trusted library allocation
page read and write
4591000
heap
page read and write
73C8D000
unkown
page read and write
5782000
trusted library allocation
page read and write
1D1D1000
heap
page read and write
50B1000
heap
page read and write
660000
direct allocation
page read and write
6C5000
unkown
page execute and write copy
9A4000
heap
page read and write
4F1000
unkown
page execute and write copy
37BF000
stack
page read and write
5C4000
heap
page read and write
5739000
trusted library allocation
page read and write
8B3000
unkown
page execute and write copy
8C2000
unkown
page execute and write copy
7F9000
unkown
page execute and read and write
43BF000
stack
page read and write
573C000
trusted library allocation
page read and write
50B1000
heap
page read and write
41E1000
heap
page read and write
2328F000
heap
page read and write
1DC90000
heap
page read and write
29FBB000
stack
page read and write
350F000
stack
page read and write
DF2000
heap
page read and write
337F000
stack
page read and write
377E000
stack
page read and write
4B70000
direct allocation
page execute and read and write
542000
heap
page read and write
12C0000
direct allocation
page read and write
E20000
direct allocation
page read and write
436000
unkown
page execute and read and write
8BF000
unkown
page execute and read and write
1C9CE000
stack
page read and write
867000
unkown
page execute and read and write
E20000
direct allocation
page read and write
271000
unkown
page execute and write copy
5C4000
heap
page read and write
4E9000
unkown
page execute and read and write
3B2E000
stack
page read and write
50B1000
heap
page read and write
8EA000
unkown
page execute and write copy
89C000
unkown
page execute and read and write
E20000
direct allocation
page read and write
5C4000
heap
page read and write
9A4000
heap
page read and write
2A2F000
stack
page read and write
16E0000
direct allocation
page read and write
4EFF000
stack
page read and write
5C4000
heap
page read and write
359E000
stack
page read and write
570E000
trusted library allocation
page read and write
3A4E000
stack
page read and write
56EF000
trusted library allocation
page read and write
12F5000
unkown
page execute and read and write
1D1C3000
heap
page read and write
50B1000
heap
page read and write
56DB000
trusted library allocation
page read and write
5C4000
heap
page read and write
9A4000
heap
page read and write
692000
unkown
page execute and read and write
8F2000
heap
page read and write
56DB000
trusted library allocation
page read and write
232FC000
heap
page read and write
50B1000
heap
page read and write
7FB000
unkown
page execute and write copy
A8D000
stack
page read and write
684000
heap
page read and write
5705000
trusted library allocation
page read and write
4A3E000
stack
page read and write
4591000
heap
page read and write
81B000
unkown
page execute and write copy
53B0000
direct allocation
page read and write
3E0E000
stack
page read and write
5C4000
heap
page read and write
925000
unkown
page execute and write copy
463000
unkown
page execute and write copy
2B6E000
stack
page read and write
33FF000
stack
page read and write
14CE000
heap
page read and write
42BE000
stack
page read and write
FE1000
unkown
page execute and read and write
AD0000
heap
page read and write
4B3F000
stack
page read and write
4C0000
unkown
page execute and write copy
5C4000
heap
page read and write
442F000
stack
page read and write
622C000
stack
page read and write
D54000
heap
page read and write
52E000
heap
page read and write
3A9F000
stack
page read and write
44FF000
stack
page read and write
E34000
heap
page read and write
1D77E000
stack
page read and write
3C8F000
stack
page read and write
4800000
direct allocation
page execute and read and write
4D0000
heap
page read and write
5702000
trusted library allocation
page read and write
403E000
stack
page read and write
5C4000
heap
page read and write
FCE000
unkown
page execute and write copy
56D1000
trusted library allocation
page read and write
61ED3000
direct allocation
page read and write
50B1000
heap
page read and write
4591000
heap
page read and write
1720000
heap
page read and write
460000
unkown
page execute and write copy
3D5E000
stack
page read and write
31F0000
direct allocation
page read and write
56E1000
trusted library allocation
page read and write
C74000
heap
page read and write
5733000
trusted library allocation
page read and write
DB0000
direct allocation
page read and write
2CDE000
stack
page read and write
9A4000
heap
page read and write
67E000
heap
page read and write
1CE9C000
stack
page read and write
3DBE000
stack
page read and write
56DB000
trusted library allocation
page read and write
5C4000
heap
page read and write
4BD000
unkown
page execute and write copy
2927000
heap
page read and write
6774000
trusted library allocation
page read and write
5C4000
heap
page read and write
4BFD000
stack
page read and write
5E7E000
stack
page read and write
3C8F000
stack
page read and write
9A4000
heap
page read and write
DC0000
heap
page read and write
5C0000
heap
page read and write
5C4000
heap
page read and write
15F0000
heap
page read and write
47CE000
stack
page read and write
31F0000
direct allocation
page read and write
5725000
trusted library allocation
page read and write
64E000
stack
page read and write
56DE000
trusted library allocation
page read and write
E34000
heap
page read and write
352F000
stack
page read and write
4BA0000
direct allocation
page execute and read and write
684000
heap
page read and write
350F000
stack
page read and write
836000
unkown
page execute and read and write
94A000
unkown
page execute and read and write
41AF000
stack
page read and write
1D87F000
stack
page read and write
551F000
stack
page read and write
1C98E000
stack
page read and write
4A3B000
stack
page read and write
28AC000
stack
page read and write
2E1F000
stack
page read and write
93B000
unkown
page execute and write copy
6771000
trusted library allocation
page read and write
4DA0000
direct allocation
page execute and read and write
3F0F000
stack
page read and write
444E000
stack
page read and write
5C4000
heap
page read and write
460000
unkown
page execute and write copy
50B1000
heap
page read and write
2B2F000
stack
page read and write
684000
heap
page read and write
4EAE000
stack
page read and write
40AE000
stack
page read and write
4B50000
direct allocation
page execute and read and write
5F0000
direct allocation
page read and write
2A170000
heap
page read and write
684000
heap
page read and write
399E000
stack
page read and write
8C1000
unkown
page execute and read and write
610000
heap
page read and write
4DC000
unkown
page execute and write copy
3F0F000
stack
page read and write
50B1000
heap
page read and write
935000
unkown
page execute and write copy
5722000
trusted library allocation
page read and write
5C4000
heap
page read and write
E20000
direct allocation
page read and write
44EF000
stack
page read and write
4581000
heap
page read and write
D56000
heap
page read and write
4581000
heap
page read and write
6B9000
unkown
page write copy
467E000
stack
page read and write
8CB000
unkown
page execute and read and write
836000
unkown
page execute and read and write
4B40000
direct allocation
page execute and read and write
5050000
direct allocation
page execute and read and write
452000
unkown
page execute and read and write
8DC000
unkown
page execute and write copy
50B1000
heap
page read and write
3CBF000
stack
page read and write
684000
heap
page read and write
2B9E000
stack
page read and write
390E000
stack
page read and write
2D1E000
stack
page read and write
57C000
unkown
page execute and write copy
FA8000
unkown
page execute and read and write
2910000
direct allocation
page read and write
5F0000
direct allocation
page read and write
F3D000
stack
page read and write
8BF000
unkown
page execute and read and write
5C4000
heap
page read and write
321E000
stack
page read and write
574D000
trusted library allocation
page read and write
345E000
stack
page read and write
5C4000
heap
page read and write
8A0000
unkown
page execute and write copy
170000
heap
page read and write
8C1000
unkown
page execute and read and write
542000
heap
page read and write
5550000
direct allocation
page read and write
4BD000
unkown
page execute and write copy
3E1F000
stack
page read and write
4591000
heap
page read and write
651000
unkown
page execute and write copy
477F000
stack
page read and write
5F0000
direct allocation
page read and write
5C4000
heap
page read and write
6B2000
unkown
page execute and write copy
55A000
heap
page read and write
363E000
stack
page read and write
442F000
stack
page read and write
38CF000
stack
page read and write
4581000
heap
page read and write
4F3000
stack
page read and write
535000
heap
page read and write
16D4000
heap
page read and write
56FF000
trusted library allocation
page read and write
C10000
heap
page read and write
FC1000
unkown
page execute and write copy
5716000
trusted library allocation
page read and write
510E000
stack
page read and write
DAA000
unkown
page execute and write copy
5C4000
heap
page read and write
416E000
stack
page read and write
5C4000
heap
page read and write
3F2F000
stack
page read and write
D10000
heap
page read and write
4581000
heap
page read and write
84D000
heap
page read and write
5560000
trusted library allocation
page read and write
4591000
heap
page read and write
16D4000
heap
page read and write
3D1E000
stack
page read and write
5C4000
heap
page read and write
540B000
stack
page read and write
895000
heap
page read and write
2D7000
unkown
page execute and write copy
302F000
stack
page read and write
E34000
heap
page read and write
5C4000
heap
page read and write
660000
direct allocation
page read and write
46DE000
stack
page read and write
37DF000
stack
page read and write
935000
unkown
page execute and read and write
2D7000
unkown
page execute and write copy
93B000
unkown
page execute and write copy
309F000
stack
page read and write
47E0000
direct allocation
page execute and read and write
9A4000
heap
page read and write
1D19B000
heap
page read and write
9D0000
heap
page read and write
5715000
trusted library allocation
page read and write
4591000
heap
page read and write
570A000
trusted library allocation
page read and write
9A4000
heap
page read and write
F54000
unkown
page execute and write copy
4870000
direct allocation
page execute and read and write
C5F000
unkown
page execute and read and write
4581000
heap
page read and write
E20000
direct allocation
page read and write
46CE000
stack
page read and write
DEE000
heap
page read and write
56DA000
trusted library allocation
page read and write
4581000
heap
page read and write
50B1000
heap
page read and write
108F000
unkown
page execute and write copy
4B2F000
stack
page read and write
6BB000
unkown
page execute and write copy
553A000
trusted library allocation
page execute and read and write
56D5000
trusted library allocation
page read and write
3DEF000
stack
page read and write
5732000
trusted library allocation
page read and write
4591000
heap
page read and write
DB0000
direct allocation
page read and write
3BDE000
stack
page read and write
49FF000
stack
page read and write
684000
heap
page read and write
57E0000
trusted library allocation
page read and write
DA2000
unkown
page execute and read and write
50B1000
heap
page read and write
4591000
heap
page read and write
5C5000
heap
page read and write
1D1C3000
heap
page read and write
651000
unkown
page execute and write copy
1604000
heap
page read and write
1D191000
heap
page read and write
9A4000
heap
page read and write
430E000
stack
page read and write
8B5000
unkown
page execute and read and write
1460000
heap
page read and write
356E000
stack
page read and write
54E000
heap
page read and write
E39000
heap
page read and write
3EFE000
stack
page read and write
E5C000
stack
page read and write
271000
unkown
page execute and write copy
1DA0E000
stack
page read and write
84E000
heap
page read and write
1009000
unkown
page execute and read and write
4E0F000
stack
page read and write
81B000
unkown
page execute and write copy
50B1000
heap
page read and write
2ABF000
stack
page read and write
5725000
trusted library allocation
page read and write
5708000
trusted library allocation
page read and write
41E1000
heap
page read and write
520F000
stack
page read and write
31F0000
direct allocation
page read and write
84A000
unkown
page execute and write copy
4B70000
direct allocation
page execute and read and write
402E000
stack
page read and write
4860000
direct allocation
page execute and read and write
50B1000
heap
page read and write
828C000
stack
page read and write
93B000
unkown
page execute and write copy
39EE000
stack
page read and write
317F000
stack
page read and write
8C2000
unkown
page execute and write copy
1D1B3000
heap
page read and write
5C4000
heap
page read and write
1D19B000
heap
page read and write
DB0000
direct allocation
page read and write
AE0000
heap
page read and write
DB0000
direct allocation
page read and write
FFC000
unkown
page execute and read and write
4581000
heap
page read and write
86F000
unkown
page execute and write copy
1604000
heap
page read and write
4591000
heap
page read and write
4BF0000
direct allocation
page execute and read and write
61ECC000
direct allocation
page read and write
C46000
unkown
page execute and read and write
4D4B000
stack
page read and write
6C6000
unkown
page execute and read and write
4D90000
direct allocation
page execute and read and write
3A2F000
stack
page read and write
4A51000
heap
page read and write
5C4000
heap
page read and write
14CF000
stack
page read and write
9A4000
heap
page read and write
C74000
heap
page read and write
4BF000
unkown
page execute and read and write
78F000
stack
page read and write
8DD000
unkown
page execute and read and write
1604000
heap
page read and write
32EE000
stack
page read and write
6B2000
unkown
page execute and read and write
7A0F000
stack
page read and write
E3C000
stack
page read and write
4591000
heap
page read and write
2827000
heap
page read and write
EDE000
stack
page read and write
DE8000
heap
page read and write
2C9000
unkown
page write copy
2DEE000
stack
page read and write
23310000
trusted library allocation
page read and write
385E000
stack
page read and write
290E000
stack
page read and write
C74000
heap
page read and write
161A000
heap
page read and write
5050000
direct allocation
page execute and read and write
31F0000
direct allocation
page read and write
C05000
heap
page read and write
73C86000
unkown
page readonly
1D1D1000
heap
page read and write
5C4000
heap
page read and write
C74000
heap
page read and write
67B000
heap
page read and write
2F2E000
stack
page read and write
5250000
direct allocation
page read and write
48A000
unkown
page execute and write copy
4F2000
unkown
page execute and read and write
12C0000
direct allocation
page read and write
56E1000
trusted library allocation
page read and write
1D19B000
heap
page read and write
650000
unkown
page readonly
282E000
stack
page read and write
56D0000
direct allocation
page execute and read and write
868000
unkown
page execute and write copy
574A000
trusted library allocation
page read and write
3F7E000
stack
page read and write
E20000
direct allocation
page read and write
50B1000
heap
page read and write
303F000
stack
page read and write
4C10000
direct allocation
page execute and read and write
4591000
heap
page read and write
463000
unkown
page execute and write copy
5C4000
heap
page read and write
426F000
stack
page read and write
6EC0000
heap
page read and write
1D49F000
stack
page read and write
4E9000
unkown
page execute and read and write
4770000
heap
page read and write
5B49000
trusted library allocation
page read and write
D1E000
stack
page read and write
84A000
unkown
page execute and write copy
E9E000
stack
page read and write
50B1000
heap
page read and write
28DF000
stack
page read and write
5717000
trusted library allocation
page read and write
8CF000
unkown
page execute and read and write
9A4000
heap
page read and write
5C4000
heap
page read and write
88F000
unkown
page execute and write copy
1D1CA000
heap
page read and write
3F4E000
stack
page read and write
47ED000
stack
page read and write
651000
unkown
page execute and write copy
84F000
unkown
page execute and read and write
300F000
stack
page read and write
56F9000
trusted library allocation
page read and write
4B5000
unkown
page execute and read and write
41E1000
heap
page read and write
DF6000
heap
page read and write
1604000
heap
page read and write
4B2D000
trusted library allocation
page read and write
4581000
heap
page read and write
265F000
stack
page read and write
462000
unkown
page execute and read and write
542000
heap
page read and write
4221000
heap
page read and write
4591000
heap
page read and write
684000
heap
page read and write
867000
unkown
page execute and read and write
F31000
unkown
page execute and write copy
36DE000
stack
page read and write
30EF000
stack
page read and write
88A000
heap
page read and write
31DF000
stack
page read and write
1D19B000
heap
page read and write
5050000
direct allocation
page execute and read and write
1DE000
stack
page read and write
1DC95000
heap
page read and write
6EC0000
heap
page read and write
5C4000
heap
page read and write
4F2000
unkown
page execute and read and write
E20000
direct allocation
page read and write
6CF22000
unkown
page readonly
5C4000
heap
page read and write
5C4000
heap
page read and write
241F000
stack
page read and write
493D000
stack
page read and write
39AF000
stack
page read and write
919000
unkown
page execute and read and write
107E000
unkown
page execute and read and write
6CF0D000
unkown
page readonly
677000
heap
page read and write
3A7E000
stack
page read and write
31BE000
stack
page read and write
3B8E000
stack
page read and write
34EE000
stack
page read and write
893000
unkown
page execute and write copy
4D70000
direct allocation
page execute and read and write
FBF000
unkown
page execute and write copy
90C000
heap
page read and write
4780000
heap
page read and write
4591000
heap
page read and write
104F000
stack
page read and write
6FB0000
heap
page read and write
49F0000
direct allocation
page read and write
C3E000
unkown
page execute and read and write
12D0000
heap
page read and write
50B1000
heap
page read and write
6B9000
unkown
page write copy
39FE000
stack
page read and write
9A4000
heap
page read and write
5C4000
heap
page read and write
660000
direct allocation
page read and write
5727000
trusted library allocation
page read and write
2CAE000
stack
page read and write
90D000
heap
page read and write
4D50000
direct allocation
page execute and read and write
84CE000
stack
page read and write
318E000
stack
page read and write
5C4000
heap
page read and write
368E000
stack
page read and write
5C4000
heap
page read and write
5090000
heap
page read and write
4BA0000
direct allocation
page execute and read and write
1D1AD000
heap
page read and write
5F0000
direct allocation
page read and write
4221000
heap
page read and write
5F7F000
stack
page read and write
2DFE000
stack
page read and write
305F000
stack
page read and write
819000
unkown
page execute and read and write
4BE0000
remote allocation
page read and write
355F000
stack
page read and write
50B1000
heap
page read and write
5250000
direct allocation
page read and write
1665000
heap
page read and write
395F000
stack
page read and write
DCB000
heap
page read and write
E20000
direct allocation
page read and write
4591000
heap
page read and write
8C7000
unkown
page execute and read and write
93B000
unkown
page execute and write copy
684000
heap
page read and write
50B1000
heap
page read and write
5050000
direct allocation
page execute and read and write
50B1000
heap
page read and write
57D8000
trusted library allocation
page read and write
98C000
stack
page read and write
4B3C000
trusted library allocation
page read and write
E20000
direct allocation
page read and write
354E000
stack
page read and write
4670000
trusted library allocation
page read and write
14B8000
heap
page read and write
5250000
direct allocation
page read and write
541E000
stack
page read and write
12C0000
direct allocation
page read and write
5C4000
heap
page read and write
3E5F000
stack
page read and write
5C4000
heap
page read and write
FB7000
unkown
page execute and read and write
5C4000
heap
page read and write
270000
unkown
page read and write
5C4000
heap
page read and write
4581000
heap
page read and write
915000
unkown
page execute and read and write
E30000
heap
page read and write
DF6000
heap
page read and write
5AB9000
trusted library allocation
page read and write
430E000
stack
page read and write
4C7F000
stack
page read and write
BE0000
heap
page read and write
5250000
direct allocation
page read and write
1DC6F000
stack
page read and write
1D1B5000
heap
page read and write
3CDF000
stack
page read and write
84F000
unkown
page execute and read and write
31F0000
direct allocation
page read and write
4581000
heap
page read and write
41F1000
heap
page read and write
C0E000
stack
page read and write
9A4000
heap
page read and write
1D1CC000
heap
page read and write
8DC000
unkown
page execute and write copy
4771000
heap
page read and write
539000
unkown
page execute and read and write
4A2E000
stack
page read and write
901000
heap
page read and write
F74000
unkown
page execute and write copy
5F0000
direct allocation
page read and write
684000
heap
page read and write
373F000
stack
page read and write
4BB0000
direct allocation
page execute and read and write
6B2000
unkown
page execute and write copy
57E9000
trusted library allocation
page read and write
4581000
heap
page read and write
4771000
heap
page read and write
36AE000
stack
page read and write
565000
unkown
page execute and write copy
5AB1000
trusted library allocation
page read and write
4591000
heap
page read and write
8E6000
unkown
page execute and read and write
1D1AE000
heap
page read and write
F85000
unkown
page execute and write copy
575F000
trusted library allocation
page read and write
684000
heap
page read and write
4581000
heap
page read and write
50B1000
heap
page read and write
620000
direct allocation
page read and write
62A1000
heap
page read and write
4EF000
heap
page read and write
54E000
heap
page read and write
4581000
heap
page read and write
47E0000
direct allocation
page execute and read and write
4591000
heap
page read and write
2D6000
unkown
page execute and read and write
4591000
heap
page read and write
4581000
heap
page read and write
4D1000
unkown
page execute and read and write
4591000
heap
page read and write
6D110000
unkown
page read and write
494E000
stack
page read and write
660000
direct allocation
page read and write
50D0000
heap
page read and write
2D5000
unkown
page execute and write copy
4E1000
unkown
page execute and write copy
FD1000
unkown
page execute and read and write
1470000
heap
page read and write
4591000
heap
page read and write
E34000
heap
page read and write
6D0CF000
unkown
page readonly
3C6E000
stack
page read and write
4810000
direct allocation
page execute and read and write
33AE000
stack
page read and write
1C88E000
stack
page read and write
5C4000
heap
page read and write
458E000
stack
page read and write
C74000
heap
page read and write
464000
unkown
page execute and read and write
2927000
heap
page read and write
1D1D1000
heap
page read and write
40AE000
stack
page read and write
5C4000
heap
page read and write
2E1E000
stack
page read and write
3F6E000
stack
page read and write
3B8E000
stack
page read and write
5718000
trusted library allocation
page read and write
1D2A0000
trusted library allocation
page read and write
1604000
heap
page read and write
50D0000
direct allocation
page execute and read and write
6D115000
unkown
page readonly
56D5000
trusted library allocation
page read and write
1D1A7000
heap
page read and write
4B80000
direct allocation
page execute and read and write
8C4000
unkown
page execute and read and write
3B4F000
stack
page read and write
5C5000
heap
page read and write
38BE000
stack
page read and write
9A4000
heap
page read and write
927000
unkown
page execute and write copy
4850000
direct allocation
page execute and read and write
306E000
stack
page read and write
331E000
stack
page read and write
50E0000
direct allocation
page execute and read and write
53B0000
direct allocation
page read and write
526F000
stack
page read and write
41FE000
stack
page read and write
92A000
unkown
page execute and write copy
1D1AD000
heap
page read and write
E34000
heap
page read and write
E20000
direct allocation
page read and write
570F000
trusted library allocation
page read and write
1604000
heap
page read and write
4B5000
unkown
page execute and read and write
5514000
trusted library allocation
page read and write
52AD000
stack
page read and write
8EB000
unkown
page execute and read and write
1D18F000
heap
page read and write
4ED0000
direct allocation
page read and write
8BE000
heap
page read and write
50B1000
heap
page read and write
16E0000
direct allocation
page read and write
40DE000
stack
page read and write
4D4000
unkown
page execute and read and write
50B1000
heap
page read and write
DA2000
unkown
page execute and write copy
45F000
unkown
page execute and read and write
DB0000
direct allocation
page read and write
56EF000
trusted library allocation
page read and write
5030000
direct allocation
page execute and read and write
57E8000
trusted library allocation
page read and write
8C8000
unkown
page execute and write copy
89D000
unkown
page execute and write copy
5741000
trusted library allocation
page read and write
2A2F000
stack
page read and write
684000
heap
page read and write
4C5000
heap
page read and write
61ED4000
direct allocation
page readonly
251F000
stack
page read and write
4591000
heap
page read and write
567F000
stack
page read and write
4591000
heap
page read and write
D7F000
stack
page read and write
5C4000
heap
page read and write
41EE000
stack
page read and write
3207000
heap
page read and write
5C4000
heap
page read and write
1CC5E000
stack
page read and write
4A20000
direct allocation
page read and write
5708000
trusted library allocation
page read and write
4D30000
direct allocation
page execute and read and write
56D1000
trusted library allocation
page read and write
927000
unkown
page execute and write copy
3C1E000
stack
page read and write
47F0000
direct allocation
page execute and read and write
6B9000
unkown
page write copy
564D000
stack
page read and write
9A4000
heap
page read and write
279E000
stack
page read and write
1110000
heap
page read and write
56D7000
trusted library allocation
page read and write
DB6000
unkown
page execute and write copy
5739000
trusted library allocation
page read and write
1100000
heap
page read and write
866000
unkown
page execute and write copy
11E9000
stack
page read and write
5710000
trusted library allocation
page read and write
A8D000
stack
page read and write
5BF0000
heap
page read and write
387F000
stack
page read and write
56DE000
stack
page read and write
32AF000
stack
page read and write
4591000
heap
page read and write
31AE000
stack
page read and write
5513000
trusted library allocation
page execute and read and write
4BD0000
direct allocation
page execute and read and write
50B1000
heap
page read and write
90D000
heap
page read and write
32CE000
stack
page read and write
444E000
stack
page read and write
411E000
stack
page read and write
925000
unkown
page execute and write copy
4C4000
heap
page read and write
362E000
stack
page read and write
550F000
stack
page read and write
4581000
heap
page read and write
5C4000
heap
page read and write
33EF000
stack
page read and write
48BF000
stack
page read and write
FE0000
unkown
page execute and write copy
2A171000
heap
page read and write
8A4000
unkown
page execute and read and write
874000
unkown
page execute and write copy
88C000
heap
page read and write
335E000
stack
page read and write
4771000
heap
page read and write
5C4000
heap
page read and write
2920000
heap
page read and write
8C6000
unkown
page execute and write copy
1D1AE000
heap
page read and write
5BF5000
heap
page read and write
56FA000
trusted library allocation
page read and write
1D1AD000
heap
page read and write
17A5000
heap
page read and write
178E000
stack
page read and write
406F000
stack
page read and write
1D1A7000
heap
page read and write
E34000
heap
page read and write
3DAD000
stack
page read and write
DB0000
direct allocation
page read and write
4830000
direct allocation
page execute and read and write
5C4000
heap
page read and write
4221000
heap
page read and write
4B7E000
stack
page read and write
936000
unkown
page execute and write copy
50B1000
heap
page read and write
89C000
unkown
page execute and read and write
37FE000
stack
page read and write
5C4000
heap
page read and write
4591000
heap
page read and write
92B000
unkown
page execute and write copy
4A51000
heap
page read and write
5540000
direct allocation
page execute and read and write
3E0E000
stack
page read and write
5BE000
stack
page read and write
50B1000
heap
page read and write
6A7000
unkown
page execute and write copy
54E0000
trusted library allocation
page read and write
5C4000
heap
page read and write
DDC000
heap
page read and write
438000
unkown
page execute and write copy
4B50000
trusted library allocation
page read and write
4BE0000
direct allocation
page execute and read and write
5C4000
heap
page read and write
353F000
stack
page read and write
108E000
unkown
page execute and write copy
1D19B000
heap
page read and write
454F000
stack
page read and write
4591000
heap
page read and write
5BDE000
stack
page read and write
1D1AD000
heap
page read and write
9A4000
heap
page read and write
5540000
trusted library allocation
page read and write
8EB000
unkown
page execute and read and write
8C6000
unkown
page execute and write copy
2DAF000
stack
page read and write
3DCF000
stack
page read and write
4591000
heap
page read and write
44D000
unkown
page execute and read and write
DA6000
unkown
page write copy
56EF000
trusted library allocation
page read and write
2380000
direct allocation
page execute and read and write
4660000
direct allocation
page read and write
6B2000
unkown
page execute and write copy
316F000
stack
page read and write
509F000
trusted library allocation
page read and write
1D192000
heap
page read and write
1604000
heap
page read and write
78C0000
trusted library allocation
page read and write
4A51000
heap
page read and write
366F000
stack
page read and write
56DE000
trusted library allocation
page read and write
5C4000
heap
page read and write
5C4000
heap
page read and write
378F000
stack
page read and write
2DEE000
stack
page read and write
50B1000
heap
page read and write
57D3000
trusted library allocation
page read and write
73C70000
unkown
page readonly
1D9CE000
stack
page read and write
572E000
trusted library allocation
page read and write
E0C000
stack
page read and write
381F000
stack
page read and write
37EE000
stack
page read and write
103E000
unkown
page execute and read and write
660000
direct allocation
page read and write
5C4000
heap
page read and write
4C00000
direct allocation
page execute and read and write
684000
heap
page read and write
4591000
heap
page read and write
935000
unkown
page execute and write copy
1D19B000
heap
page read and write
4EA000
heap
page read and write
50B1000
heap
page read and write
5C4000
heap
page read and write
50B1000
heap
page read and write
847000
unkown
page execute and read and write
312E000
stack
page read and write
94A000
unkown
page execute and write copy
4571000
heap
page read and write
575A000
trusted library allocation
page read and write
684000
heap
page read and write
559000
heap
page read and write
4CF000
unkown
page execute and write copy
56EE000
trusted library allocation
page read and write
4BA0000
direct allocation
page execute and read and write
836000
unkown
page execute and read and write
4800000
direct allocation
page execute and read and write
684000
heap
page read and write
DA6000
unkown
page write copy
23275000
heap
page read and write
1D1B4000
heap
page read and write
2EAE000
stack
page read and write
56EE000
trusted library allocation
page read and write
DF9000
heap
page read and write
1D17D000
stack
page read and write
464000
unkown
page execute and read and write
480E000
stack
page read and write
1D1AA000
heap
page read and write
555000
unkown
page execute and write copy
61EB4000
direct allocation
page read and write
73C8D000
unkown
page read and write
50B1000
heap
page read and write
4D4000
unkown
page execute and read and write
DB0000
direct allocation
page read and write
684000
heap
page read and write
E34000
heap
page read and write
572E000
trusted library allocation
page read and write
5704000
trusted library allocation
page read and write
5725000
trusted library allocation
page read and write
497000
unkown
page execute and write copy
4BB0000
direct allocation
page execute and read and write
4581000
heap
page read and write
3ADE000
stack
page read and write
5C4000
heap
page read and write
23480000
trusted library allocation
page read and write
31F0000
direct allocation
page read and write
4CCF000
stack
page read and write
2CDF000
stack
page read and write
F40000
unkown
page execute and write copy
847000
heap
page read and write
9A4000
heap
page read and write
73C86000
unkown
page readonly
50B1000
heap
page read and write
2328A000
heap
page read and write
4F4F000
stack
page read and write
836000
unkown
page execute and write copy
5520000
trusted library allocation
page read and write
5A31000
trusted library allocation
page read and write
56FA000
trusted library allocation
page read and write
2A1F000
stack
page read and write
2F1F000
stack
page read and write
565000
unkown
page execute and write copy
4A00000
direct allocation
page read and write
50B1000
heap
page read and write
E34000
heap
page read and write
129E000
stack
page read and write
DCF000
heap
page read and write
49F0000
direct allocation
page read and write
3A6E000
stack
page read and write
5C4000
heap
page read and write
4A50000
heap
page read and write
8A1000
unkown
page execute and read and write
4591000
heap
page read and write
7FA000
heap
page read and write
BB1000
unkown
page execute and write copy
4586000
heap
page read and write
32BF000
stack
page read and write
59DA000
trusted library allocation
page read and write
319F000
stack
page read and write
9A4000
heap
page read and write
4DBF000
stack
page read and write
57C000
unkown
page execute and write copy
5C5000
heap
page read and write
9A4000
heap
page read and write
82A000
unkown
page execute and read and write
500000
unkown
page execute and read and write
5100000
heap
page read and write
50B1000
heap
page read and write
12C0000
direct allocation
page read and write
4BE0000
remote allocation
page read and write
50B1000
heap
page read and write
F9B000
unkown
page execute and read and write
8A2000
unkown
page execute and write copy
122F000
stack
page read and write
DDE000
heap
page read and write
6BB000
unkown
page execute and write copy
56BE000
stack
page read and write
56D5000
trusted library allocation
page read and write
12DA000
heap
page read and write
4581000
heap
page read and write
2B9F000
stack
page read and write
1DB0C000
stack
page read and write
1D1D1000
heap
page read and write
31F0000
direct allocation
page read and write
5C4000
heap
page read and write
31AE000
stack
page read and write
E34000
heap
page read and write
9A4000
heap
page read and write
52D000
heap
page read and write
5250000
direct allocation
page read and write
53C0000
heap
page read and write
47D0000
direct allocation
page execute and read and write
F72000
unkown
page execute and read and write
33BE000
stack
page read and write
56EE000
trusted library allocation
page read and write
6A6000
unkown
page execute and read and write
17A0000
heap
page read and write
907000
unkown
page execute and write copy
DA0000
unkown
page readonly
50B1000
heap
page read and write
8BC000
unkown
page execute and write copy
5530000
trusted library allocation
page read and write
4221000
heap
page read and write
4581000
heap
page read and write
8CF000
unkown
page execute and read and write
5C4000
heap
page read and write
53B0000
direct allocation
page read and write
5733000
trusted library allocation
page read and write
80A000
unkown
page execute and read and write
4830000
direct allocation
page execute and read and write
4F8E000
stack
page read and write
660000
direct allocation
page read and write
907000
heap
page read and write
5712000
trusted library allocation
page read and write
1D1B8000
heap
page read and write
408D000
stack
page read and write
5060000
direct allocation
page execute and read and write
1691000
heap
page read and write
292D000
heap
page read and write
4590000
heap
page read and write
34BF000
stack
page read and write
476F000
stack
page read and write
1D1A1000
heap
page read and write
2DAF000
stack
page read and write
5C4000
heap
page read and write
4BCE000
stack
page read and write
935000
unkown
page execute and read and write
4591000
heap
page read and write
5C4000
heap
page read and write
4591000
heap
page read and write
895000
unkown
page execute and read and write
1D1B2000
heap
page read and write
3E2E000
stack
page read and write
56FF000
trusted library allocation
page read and write
1D1D1000
heap
page read and write
E20000
direct allocation
page read and write
6C5000
unkown
page execute and write copy
8C4000
unkown
page execute and read and write
304E000
stack
page read and write
6D10F000
unkown
page write copy
73C71000
unkown
page execute read
684000
heap
page read and write
612B000
stack
page read and write
684000
heap
page read and write
DFE000
heap
page read and write
94A000
unkown
page execute and write copy
49F000
unkown
page execute and read and write
54E000
heap
page read and write
905000
unkown
page execute and write copy
4B80000
direct allocation
page execute and read and write
8B5000
unkown
page execute and read and write
4771000
heap
page read and write
1D1AD000
heap
page read and write
4581000
heap
page read and write
2EFF000
stack
page read and write
1D1B3000
heap
page read and write
42EF000
stack
page read and write
2B2F000
stack
page read and write
36DF000
stack
page read and write
336F000
stack
page read and write
1D19A000
heap
page read and write
E20000
direct allocation
page read and write
500E000
stack
page read and write
4A70000
heap
page read and write
790000
heap
page read and write
55B0000
heap
page execute and read and write
6EB0000
heap
page read and write
4BF000
unkown
page execute and read and write
35EF000
stack
page read and write
50B1000
heap
page read and write
446E000
stack
page read and write
56D0000
direct allocation
page execute and read and write
4BD0000
direct allocation
page execute and read and write
6C7000
unkown
page execute and write copy
255C000
stack
page read and write
4A0C000
stack
page read and write
4591000
heap
page read and write
47E0000
direct allocation
page execute and read and write
121F000
unkown
page execute and write copy
2F3E000
stack
page read and write
4D60000
direct allocation
page execute and read and write
56D7000
trusted library allocation
page read and write
4B90000
direct allocation
page execute and read and write
3BAE000
stack
page read and write
16D4000
heap
page read and write
85A000
unkown
page execute and read and write
5782000
trusted library allocation
page read and write
5773000
trusted library allocation
page read and write
468F000
stack
page read and write
73C70000
unkown
page readonly
3A5F000
stack
page read and write
1D1A4000
heap
page read and write
1D1AD000
heap
page read and write
559000
heap
page read and write
88F000
heap
page read and write
31EC000
stack
page read and write
915000
heap
page read and write
5782000
trusted library allocation
page read and write
3A2F000
stack
page read and write
C74000
heap
page read and write
56D8000
trusted library allocation
page read and write
432E000
stack
page read and write
4581000
heap
page read and write
5C4000
heap
page read and write
819000
unkown
page execute and read and write
50C0000
direct allocation
page execute and read and write
3A3F000
stack
page read and write
49F000
unkown
page execute and read and write
F44000
unkown
page execute and write copy
56EE000
trusted library allocation
page read and write
4A8E000
stack
page read and write
56E7000
trusted library allocation
page read and write
1CD5F000
stack
page read and write
5731000
trusted library allocation
page read and write
1D71F000
stack
page read and write
47CF000
stack
page read and write
5C4000
heap
page read and write
8CA000
unkown
page execute and write copy
660000
direct allocation
page read and write
5A81000
trusted library allocation
page read and write
4591000
heap
page read and write
C70000
heap
page read and write
480E000
stack
page read and write
41CE000
stack
page read and write
5725000
trusted library allocation
page read and write
4BC0000
direct allocation
page execute and read and write
3A0F000
stack
page read and write
4E0000
unkown
page execute and read and write
2FFE000
stack
page read and write
906000
unkown
page execute and read and write
73C8F000
unkown
page readonly
4B70000
direct allocation
page execute and read and write
314F000
stack
page read and write
462000
unkown
page execute and read and write
5F0000
direct allocation
page read and write
511000
heap
page read and write
16E0000
direct allocation
page read and write
73C71000
unkown
page execute read
4591000
heap
page read and write
9A4000
heap
page read and write
893000
unkown
page execute and read and write
4581000
heap
page read and write
56E5000
trusted library allocation
page read and write
5724000
trusted library allocation
page read and write
1D1AD000
heap
page read and write
935000
unkown
page execute and write copy
4581000
heap
page read and write
500E000
stack
page read and write
3F9F000
stack
page read and write
DD2000
heap
page read and write
4F8000
stack
page read and write
1D07D000
stack
page read and write
53AD000
stack
page read and write
4D1000
unkown
page execute and read and write
5C4000
heap
page read and write
5F0000
direct allocation
page read and write
56B0000
direct allocation
page execute and read and write
4581000
heap
page read and write
DCD000
heap
page read and write
8A7000
unkown
page execute and read and write
41E1000
heap
page read and write
4A4F000
stack
page read and write
443F000
stack
page read and write
1DB6E000
stack
page read and write
1D1D1000
heap
page read and write
378F000
stack
page read and write
576D000
trusted library allocation
page read and write
8C0000
unkown
page execute and write copy
4A74000
heap
page read and write
417E000
stack
page read and write
52AE000
stack
page read and write
1FA000
stack
page read and write
56E0000
direct allocation
page execute and read and write
5C4000
heap
page read and write
2390000
heap
page read and write
8F2000
heap
page read and write
4771000
heap
page read and write
4591000
heap
page read and write
5738000
trusted library allocation
page read and write
386F000
stack
page read and write
32AE000
stack
page read and write
8EB000
unkown
page execute and read and write
56C0000
heap
page read and write
F35000
unkown
page execute and write copy
6B2000
unkown
page execute and read and write
E34000
heap
page read and write
42CF000
stack
page read and write
D4F000
stack
page read and write
4591000
heap
page read and write
4591000
heap
page read and write
6B9000
unkown
page write copy
12C0000
direct allocation
page read and write
4771000
heap
page read and write
48B000
unkown
page execute and read and write
FA6000
unkown
page execute and write copy
4D40000
direct allocation
page execute and read and write
459000
unkown
page execute and write copy
5D3E000
stack
page read and write
57B000
unkown
page execute and write copy
5C4000
heap
page read and write
4581000
heap
page read and write
2F0E000
stack
page read and write
1D192000
heap
page read and write
E34000
heap
page read and write
935000
unkown
page execute and write copy
48A3000
trusted library allocation
page read and write
E0A000
heap
page read and write
4581000
heap
page read and write
FE2000
unkown
page execute and write copy
5C4000
heap
page read and write
5C4000
heap
page read and write
56EE000
trusted library allocation
page read and write
1D19B000
heap
page read and write
4581000
heap
page read and write
1697000
heap
page read and write
4660000
direct allocation
page read and write
FB1000
unkown
page execute and write copy
4E0000
unkown
page execute and read and write
1D186000
heap
page read and write
557000
unkown
page execute and write copy
4571000
heap
page read and write
3D6F000
stack
page read and write
5C4000
heap
page read and write
660000
direct allocation
page read and write
631000
unkown
page execute and write copy
5550000
direct allocation
page read and write
F5B000
unkown
page execute and read and write
5722000
trusted library allocation
page read and write
5CFF000
stack
page read and write
432E000
stack
page read and write
83CE000
stack
page read and write
94A000
unkown
page execute and write copy
78D0000
trusted library allocation
page read and write
620000
direct allocation
page read and write
8C0000
unkown
page execute and write copy
1D1BD000
heap
page read and write
1D1C3000
heap
page read and write
37CE000
stack
page read and write
81B000
unkown
page execute and write copy
50B1000
heap
page read and write
50B1000
heap
page read and write
5360000
trusted library allocation
page read and write
558E000
stack
page read and write
56E1000
trusted library allocation
page read and write
271000
unkown
page execute and read and write
8C2000
unkown
page execute and write copy
1604000
heap
page read and write
56DA000
trusted library allocation
page read and write
488000
unkown
page execute and write copy
260000
heap
page read and write
5C4000
heap
page read and write
1CB0E000
stack
page read and write
3B6F000
stack
page read and write
12A0000
heap
page read and write
5547000
trusted library allocation
page execute and read and write
327C000
stack
page read and write
50A0000
direct allocation
page execute and read and write
235C000
stack
page read and write
50B1000
heap
page read and write
2EEF000
stack
page read and write
392E000
stack
page read and write
4800000
direct allocation
page execute and read and write
554B000
trusted library allocation
page execute and read and write
571B000
trusted library allocation
page read and write
5739000
trusted library allocation
page read and write
159E000
unkown
page execute and read and write
FE5000
unkown
page execute and read and write
1604000
heap
page read and write
1D1D1000
heap
page read and write
490F000
stack
page read and write
5890000
heap
page read and write
684000
heap
page read and write
4581000
heap
page read and write
5C4000
heap
page read and write
8F2000
heap
page read and write
4800000
direct allocation
page execute and read and write
6CF31000
unkown
page execute read
3A9E000
stack
page read and write
5C4000
heap
page read and write
103D000
unkown
page execute and write copy
2ECF000
stack
page read and write
9A4000
heap
page read and write
DB0000
direct allocation
page read and write
56EF000
trusted library allocation
page read and write
1168000
unkown
page execute and read and write
E34000
heap
page read and write
5745000
trusted library allocation
page read and write
495000
unkown
page execute and read and write
E10000
heap
page read and write
6B9000
unkown
page write copy
E34000
heap
page read and write
8A8000
unkown
page execute and write copy
239E000
heap
page read and write
5708000
trusted library allocation
page read and write
35FF000
stack
page read and write
3B9F000
stack
page read and write
418F000
stack
page read and write
57B000
unkown
page execute and read and write
279F000
stack
page read and write
56F9000
trusted library allocation
page read and write
868000
unkown
page execute and write copy
4591000
heap
page read and write
60D000
stack
page read and write
1610000
heap
page read and write
13BE000
stack
page read and write
630000
unkown
page read and write
5725000
trusted library allocation
page read and write
93B000
unkown
page execute and write copy
108E000
unkown
page execute and write copy
4FA3000
trusted library allocation
page read and write
FB4000
unkown
page execute and read and write
935000
unkown
page execute and read and write
2351B000
heap
page read and write
4771000
heap
page read and write
8C7000
unkown
page execute and read and write
8BD000
unkown
page execute and write copy
5AA9000
trusted library allocation
page read and write
5C4000
heap
page read and write
5C4000
heap
page read and write
E20000
direct allocation
page read and write
3DFF000
stack
page read and write
47F0000
direct allocation
page execute and read and write
D48000
heap
page read and write
1D1B2000
heap
page read and write
2A5E000
stack
page read and write
8AF000
unkown
page execute and read and write
E34000
heap
page read and write
6BB000
unkown
page execute and write copy
1CEDD000
stack
page read and write
259F000
stack
page read and write
3A0F000
stack
page read and write
82A000
unkown
page execute and write copy
50B1000
heap
page read and write
1661000
heap
page read and write
925000
unkown
page execute and write copy
4221000
heap
page read and write
47E0000
direct allocation
page execute and read and write
345F000
stack
page read and write
4C40000
direct allocation
page execute and read and write
684000
heap
page read and write
31F0000
direct allocation
page read and write
4CF000
heap
page read and write
4580000
heap
page read and write
4650000
remote allocation
page read and write
4BB0000
heap
page read and write
41E1000
heap
page read and write
5808000
trusted library allocation
page read and write
8C8000
unkown
page execute and write copy
620000
direct allocation
page read and write
140F000
unkown
page execute and write copy
4591000
heap
page read and write
326E000
stack
page read and write
1604000
heap
page read and write
FC3000
unkown
page execute and read and write
98E000
stack
page read and write
5C4000
heap
page read and write
91B000
unkown
page execute and write copy
2D87000
heap
page read and write
DF6000
heap
page read and write
1008000
unkown
page execute and write copy
5090000
direct allocation
page execute and read and write
3A6E000
stack
page read and write
33CF000
stack
page read and write
56FF000
trusted library allocation
page read and write
D7C000
heap
page read and write
1D1B9000
heap
page read and write
12C0000
direct allocation
page read and write
3B6F000
stack
page read and write
4220000
heap
page read and write
2CB000
unkown
page execute and read and write
1056000
unkown
page execute and write copy
4E4000
unkown
page execute and write copy
3030000
heap
page read and write
3CCE000
stack
page read and write
95B000
stack
page read and write
4A4F000
stack
page read and write
564000
unkown
page execute and read and write
4591000
heap
page read and write
94B000
unkown
page execute and write copy
4880000
direct allocation
page execute and read and write
2BDE000
stack
page read and write
494E000
stack
page read and write
8BD000
unkown
page execute and read and write
17DF000
stack
page read and write
31F0000
direct allocation
page read and write
1D19B000
heap
page read and write
DFE000
heap
page read and write
286E000
stack
page read and write
4581000
heap
page read and write
5C4000
heap
page read and write
5716000
trusted library allocation
page read and write
354E000
stack
page read and write
409F000
stack
page read and write
3EEE000
stack
page read and write
5771000
trusted library allocation
page read and write
4FCF000
stack
page read and write
6237000
heap
page read and write
8AA000
heap
page read and write
DE8000
unkown
page execute and read and write
4C8000
unkown
page execute and read and write
1D180000
heap
page read and write
3FFF000
stack
page read and write
121E000
unkown
page execute and read and write
F34000
unkown
page execute and read and write
1D1B5000
heap
page read and write
42CF000
stack
page read and write
4BF000
heap
page read and write
2D6F000
stack
page read and write
E20000
direct allocation
page read and write
5C4000
heap
page read and write
C74000
heap
page read and write
5718000
trusted library allocation
page read and write
1D1B5000
heap
page read and write
573F000
trusted library allocation
page read and write
23513000
heap
page read and write
4591000
heap
page read and write
4FAF000
stack
page read and write
1D1D1000
heap
page read and write
418F000
stack
page read and write
295E000
stack
page read and write
DB0000
direct allocation
page read and write
92A000
unkown
page execute and read and write
4D0E000
stack
page read and write
4581000
heap
page read and write
2C9000
unkown
page write copy
54F0000
heap
page read and write
2FAF000
stack
page read and write
1048000
unkown
page execute and write copy
660000
direct allocation
page read and write
500F000
stack
page read and write
4571000
heap
page read and write
599C000
stack
page read and write
3EAF000
stack
page read and write
2920000
heap
page read and write
5C5000
heap
page read and write
3FDE000
stack
page read and write
534000
heap
page read and write
C74000
heap
page read and write
C6E000
stack
page read and write
564000
unkown
page execute and write copy
38AE000
stack
page read and write
4BA0000
direct allocation
page execute and read and write
5712000
trusted library allocation
page read and write
1D1C3000
heap
page read and write
4581000
heap
page read and write
539000
unkown
page execute and read and write
D5E000
heap
page read and write
2D6000
unkown
page execute and read and write
4D80000
direct allocation
page execute and read and write
50F0000
direct allocation
page execute and read and write
4E3000
unkown
page execute and read and write
927000
unkown
page execute and write copy
4C2B000
stack
page read and write
936000
unkown
page execute and write copy
440F000
stack
page read and write
939000
unkown
page execute and read and write
48A0000
direct allocation
page execute and read and write
8C0000
unkown
page execute and write copy
5C4000
heap
page read and write
43EE000
stack
page read and write
82F000
unkown
page execute and read and write
5C4000
heap
page read and write
5C4000
heap
page read and write
838C000
stack
page read and write
7E2000
heap
page read and write
684000
heap
page read and write
6BB000
unkown
page execute and read and write
6C6000
unkown
page execute and read and write
1D1A7000
heap
page read and write
F90000
heap
page read and write
5C4000
heap
page read and write
56D000
unkown
page execute and write copy
4FEE000
stack
page read and write
DA0000
unkown
page read and write
5704000
trusted library allocation
page read and write
82A000
unkown
page execute and read and write
31F0000
direct allocation
page read and write
50B1000
heap
page read and write
404F000
stack
page read and write
3CAF000
stack
page read and write
4FC000
unkown
page execute and write copy
6A5000
unkown
page execute and write copy
3DEF000
stack
page read and write
4B60000
direct allocation
page execute and read and write
C74000
heap
page read and write
629A000
heap
page read and write
159F000
unkown
page execute and write copy
620000
direct allocation
page read and write
93B000
unkown
page execute and write copy
2A16C000
stack
page read and write
4C8000
unkown
page execute and read and write
446E000
stack
page read and write
2B2F000
stack
page read and write
56DA000
trusted library allocation
page read and write
5C4000
heap
page read and write
47E000
heap
page read and write
4D60000
direct allocation
page execute and read and write
4BA0000
direct allocation
page execute and read and write
160000
heap
page read and write
4690000
trusted library allocation
page read and write
4591000
heap
page read and write
5C4000
heap
page read and write
650000
heap
page read and write
C74000
heap
page read and write
906000
unkown
page execute and read and write
59E0000
trusted library allocation
page read and write
836000
unkown
page execute and write copy
5C4000
heap
page read and write
4570000
heap
page read and write
497E000
stack
page read and write
620000
direct allocation
page read and write
40DF000
stack
page read and write
9A4000
heap
page read and write
4890000
direct allocation
page execute and read and write
4581000
heap
page read and write
6B2000
unkown
page execute and read and write
50B1000
heap
page read and write
1D1B5000
heap
page read and write
5C4000
heap
page read and write
F4E000
stack
page read and write
660000
direct allocation
page read and write
5BF6000
heap
page read and write
620000
direct allocation
page read and write
5728000
trusted library allocation
page read and write
4581000
heap
page read and write
873000
unkown
page execute and read and write
6CF30000
unkown
page readonly
5250000
direct allocation
page read and write
4D60000
direct allocation
page execute and read and write
1600000
heap
page read and write
5C5000
heap
page read and write
479F000
stack
page read and write
270000
unkown
page readonly
5C4000
heap
page read and write
4BE0000
remote allocation
page read and write
1D1D1000
heap
page read and write
4581000
heap
page read and write
94B000
unkown
page execute and write copy
38EF000
stack
page read and write
4581000
heap
page read and write
436000
unkown
page execute and read and write
4F0000
heap
page read and write
684000
heap
page read and write
497000
unkown
page execute and write copy
516E000
stack
page read and write
6BB000
unkown
page execute and write copy
3F6E000
stack
page read and write
50B1000
heap
page read and write
447E000
stack
page read and write
925000
unkown
page execute and write copy
DA0000
heap
page read and write
9A4000
heap
page read and write
43FE000
stack
page read and write
1D4DE000
stack
page read and write
E20000
direct allocation
page read and write
1D2AB000
heap
page read and write
5C4000
heap
page read and write
684000
heap
page read and write
50B1000
heap
page read and write
69B000
unkown
page execute and read and write
23251000
heap
page read and write
916000
unkown
page execute and write copy
23528000
heap
page read and write
78B0000
trusted library allocation
page execute and read and write
4571000
heap
page read and write
57B000
unkown
page execute and write copy
89C000
unkown
page execute and read and write
927000
unkown
page execute and write copy
56F9000
trusted library allocation
page read and write
660000
direct allocation
page read and write
4BF0000
direct allocation
page execute and read and write
41CE000
stack
page read and write
12DE000
heap
page read and write
23278000
heap
page read and write
894000
unkown
page execute and write copy
5712000
trusted library allocation
page read and write
5C4000
heap
page read and write
1D5DF000
stack
page read and write
502E000
stack
page read and write
4591000
heap
page read and write
684000
heap
page read and write
4570000
heap
page read and write
4591000
heap
page read and write
F71000
unkown
page execute and write copy
1D1B5000
heap
page read and write
FEA000
unkown
page execute and read and write
5C4000
heap
page read and write
E34000
heap
page read and write
2BBF000
stack
page read and write
E20000
direct allocation
page read and write
1D1CE000
heap
page read and write
1097000
unkown
page execute and read and write
56EE000
trusted library allocation
page read and write
5704000
trusted library allocation
page read and write
526F000
stack
page read and write
2CB000
unkown
page execute and read and write
4591000
heap
page read and write
3020000
direct allocation
page read and write
2A2F000
stack
page read and write
93B000
unkown
page execute and write copy
372F000
stack
page read and write
5C4000
heap
page read and write
408E000
stack
page read and write
50B1000
heap
page read and write
56D1000
trusted library allocation
page read and write
4A20000
direct allocation
page read and write
282D000
heap
page read and write
4C00000
direct allocation
page execute and read and write
846000
unkown
page execute and write copy
281E000
stack
page read and write
819000
unkown
page execute and read and write
5586000
direct allocation
page read and write
8BD000
unkown
page execute and write copy
38CF000
stack
page read and write
5C4000
heap
page read and write
684000
heap
page read and write
15CE000
stack
page read and write
4591000
heap
page read and write
42AE000
stack
page read and write
939000
unkown
page execute and read and write
4591000
heap
page read and write
5F0000
direct allocation
page read and write
9A4000
heap
page read and write
45A9000
heap
page read and write
9A4000
heap
page read and write
56E7000
trusted library allocation
page read and write
460000
heap
page read and write
413F000
stack
page read and write
94B000
unkown
page execute and write copy
61ECD000
direct allocation
page readonly
9A4000
heap
page read and write
42EF000
stack
page read and write
5C4000
heap
page read and write
5C4000
heap
page read and write
9A4000
heap
page read and write
4591000
heap
page read and write
8A6000
unkown
page execute and write copy
5707000
trusted library allocation
page read and write
12C0000
direct allocation
page read and write
BB0000
unkown
page readonly
104A000
unkown
page execute and read and write
1D182000
heap
page read and write
5C4000
heap
page read and write
5C4000
heap
page read and write
5250000
direct allocation
page read and write
5C4000
heap
page read and write
9A4000
heap
page read and write
542000
heap
page read and write
54EC000
stack
page read and write
DE6000
heap
page read and write
376E000
stack
page read and write
56E6000
trusted library allocation
page read and write
4591000
heap
page read and write
462F000
stack
page read and write
4B4000
unkown
page execute and write copy
292F000
stack
page read and write
5C4000
heap
page read and write
57B000
unkown
page execute and read and write
1D1B2000
heap
page read and write
906000
unkown
page execute and read and write
660000
direct allocation
page read and write
406F000
stack
page read and write
1678000
heap
page read and write
4591000
heap
page read and write
2CB000
unkown
page execute and write copy
56D3000
trusted library allocation
page read and write
41E1000
heap
page read and write
650000
unkown
page readonly
36AE000
stack
page read and write
9A4000
heap
page read and write
364F000
stack
page read and write
4590000
heap
page read and write
545000
heap
page read and write
5707000
trusted library allocation
page read and write
C74000
heap
page read and write
554D000
stack
page read and write
8DD000
unkown
page execute and read and write
47E0000
direct allocation
page execute and read and write
5261000
heap
page read and write
5C4000
heap
page read and write
16E0000
direct allocation
page read and write
620000
direct allocation
page read and write
4581000
heap
page read and write
F75000
unkown
page execute and read and write
56FA000
trusted library allocation
page read and write
4CFF000
stack
page read and write
56E1000
trusted library allocation
page read and write
868000
unkown
page execute and write copy
108E000
unkown
page execute and read and write
50B1000
heap
page read and write
12C0000
direct allocation
page read and write
539000
heap
page read and write
5260000
heap
page read and write
2CB000
unkown
page execute and write copy
2CBF000
stack
page read and write
1D1C9000
heap
page read and write
630000
unkown
page readonly
8BD000
unkown
page execute and write copy
E30000
heap
page read and write
4581000
heap
page read and write
2FBE000
stack
page read and write
4E8F000
stack
page read and write
D1E000
heap
page read and write
836000
unkown
page execute and write copy
4B70000
direct allocation
page execute and read and write
14C3000
heap
page read and write
E1F000
stack
page read and write
1D1AD000
heap
page read and write
542000
heap
page read and write
2D2F000
stack
page read and write
939000
unkown
page execute and read and write
1056000
unkown
page execute and read and write
5AAE000
heap
page read and write
E1E000
heap
page read and write
315E000
stack
page read and write
5C4000
heap
page read and write
56D5000
trusted library allocation
page read and write
440F000
stack
page read and write
16D4000
heap
page read and write
568F000
stack
page read and write
4820000
direct allocation
page execute and read and write
356E000
stack
page read and write
1604000
heap
page read and write
23210000
trusted library allocation
page read and write
5261000
heap
page read and write
48FE000
stack
page read and write
4B70000
direct allocation
page execute and read and write
13F6000
unkown
page execute and read and write
BB0000
unkown
page readonly
50B1000
heap
page read and write
488000
unkown
page execute and write copy
4591000
heap
page read and write
6BB000
unkown
page execute and read and write
684000
heap
page read and write
1116000
heap
page read and write
1CACF000
stack
page read and write
8DC000
unkown
page execute and write copy
5C4000
heap
page read and write
5C4000
heap
page read and write
4591000
heap
page read and write
9A4000
heap
page read and write
47DF000
stack
page read and write
87A000
unkown
page execute and read and write
816000
unkown
page execute and read and write
4581000
heap
page read and write
1604000
heap
page read and write
56F0000
direct allocation
page execute and read and write
4591000
heap
page read and write
AFE000
stack
page read and write
8C6000
unkown
page execute and write copy
57EE000
trusted library allocation
page read and write
8C4000
unkown
page execute and read and write
57D0000
trusted library allocation
page read and write
4B70000
direct allocation
page execute and read and write
48A000
unkown
page execute and write copy
1604000
heap
page read and write
576B000
trusted library allocation
page read and write
103F000
unkown
page execute and write copy
5250000
direct allocation
page read and write
27DF000
stack
page read and write
49C0000
trusted library allocation
page read and write
4620000
heap
page read and write
3A4E000
stack
page read and write
1D1D1000
heap
page read and write
3037000
heap
page read and write
6B2000
unkown
page execute and write copy
309E000
stack
page read and write
5736000
trusted library allocation
page read and write
5F0000
direct allocation
page read and write
650000
unkown
page read and write
50B1000
heap
page read and write
5C4000
heap
page read and write
5739000
trusted library allocation
page read and write
2D80000
heap
page read and write
26DE000
stack
page read and write
571B000
trusted library allocation
page read and write
3EBF000
stack
page read and write
4591000
heap
page read and write
511000
heap
page read and write
4F0E000
stack
page read and write
5C4000
heap
page read and write
56E9000
trusted library allocation
page read and write
1070000
heap
page read and write
917000
heap
page read and write
4A36000
direct allocation
page read and write
56E1000
trusted library allocation
page read and write
33EF000
stack
page read and write
3F9E000
stack
page read and write
3CAF000
stack
page read and write
F9A000
unkown
page execute and write copy
270000
unkown
page read and write
9A4000
heap
page read and write
390E000
stack
page read and write
684000
heap
page read and write
620000
direct allocation
page read and write
1D1B8000
heap
page read and write
1710000
heap
page read and write
1D1B5000
heap
page read and write
1D1B3000
heap
page read and write
4BA0000
direct allocation
page execute and read and write
41BF000
stack
page read and write
4591000
heap
page read and write
5C4000
heap
page read and write
89F000
unkown
page execute and read and write
407F000
stack
page read and write
660000
direct allocation
page read and write
5C5000
heap
page read and write
4BC0000
direct allocation
page execute and read and write
10EC000
stack
page read and write
2D6E000
stack
page read and write
6D20000
heap
page read and write
8C8000
unkown
page execute and write copy
56A0000
direct allocation
page execute and read and write
4C10000
direct allocation
page execute and read and write
508F000
stack
page read and write
4E1000
unkown
page execute and write copy
61EB7000
direct allocation
page readonly
684000
heap
page read and write
5500000
trusted library allocation
page read and write
79A000
heap
page read and write
FD8000
unkown
page execute and read and write
C74000
heap
page read and write
4C0000
unkown
page execute and write copy
6BB000
unkown
page execute and read and write
650000
unkown
page read and write
1D1A7000
heap
page read and write
5250000
direct allocation
page read and write
232D2000
heap
page read and write
5711000
trusted library allocation
page read and write
5C4000
heap
page read and write
FFF000
unkown
page execute and read and write
F4A000
unkown
page execute and write copy
23271000
heap
page read and write
D8E000
stack
page read and write
F49000
unkown
page execute and read and write
32DF000
stack
page read and write
2A5F000
stack
page read and write
650000
unkown
page readonly
412F000
stack
page read and write
1D1B5000
heap
page read and write
490F000
stack
page read and write
3E5E000
stack
page read and write
10C000
stack
page read and write
44E000
unkown
page execute and write copy
5A11000
trusted library allocation
page read and write
1604000
heap
page read and write
14BB000
heap
page read and write
5C4000
heap
page read and write
4591000
heap
page read and write
4810000
direct allocation
page execute and read and write
5261000
heap
page read and write
16E0000
direct allocation
page read and write
4B90000
direct allocation
page execute and read and write
6B2000
unkown
page execute and write copy
5E3F000
stack
page read and write
456F000
stack
page read and write
5C4000
heap
page read and write
5C4000
heap
page read and write
4C30000
direct allocation
page execute and read and write
1D1A9000
heap
page read and write
5524000
trusted library allocation
page read and write
4B8F000
stack
page read and write
1058000
unkown
page execute and write copy
56D6000
trusted library allocation
page read and write
2F5E000
stack
page read and write
6B9000
unkown
page write copy
50B1000
heap
page read and write
62AF000
heap
page read and write
9A4000
heap
page read and write
4581000
heap
page read and write
56D000
unkown
page execute and write copy
368E000
stack
page read and write
35DE000
stack
page read and write
5708000
trusted library allocation
page read and write
4591000
heap
page read and write
511000
heap
page read and write
866000
unkown
page execute and write copy
404F000
stack
page read and write
927000
unkown
page execute and write copy
12C0000
direct allocation
page read and write
1D1D1000
heap
page read and write
BB0000
unkown
page read and write
4230000
heap
page read and write
E20000
direct allocation
page read and write
893000
unkown
page execute and read and write
341F000
stack
page read and write
4ED0000
direct allocation
page read and write
3B7F000
stack
page read and write
4591000
heap
page read and write
3E9E000
stack
page read and write
5261000
heap
page read and write
5C4000
heap
page read and write
60E000
stack
page read and write
3D1F000
stack
page read and write
684000
heap
page read and write
5C4000
heap
page read and write
5731000
trusted library allocation
page read and write
894000
unkown
page execute and write copy
684000
heap
page read and write
684000
heap
page read and write
6230000
heap
page read and write
2C9000
unkown
page write copy
4D60000
direct allocation
page execute and read and write
4D60000
direct allocation
page execute and read and write
5712000
trusted library allocation
page read and write
5C4000
heap
page read and write
660000
direct allocation
page read and write
F1B000
unkown
page execute and write copy
650000
unkown
page read and write
47BE000
stack
page read and write
41AF000
stack
page read and write
684000
heap
page read and write
E20000
direct allocation
page read and write
50B1000
heap
page read and write
1D1AD000
heap
page read and write
5716000
trusted library allocation
page read and write
4BA0000
direct allocation
page execute and read and write
8BA000
heap
page read and write
2DDF000
stack
page read and write
684000
heap
page read and write
F40000
unkown
page execute and read and write
3F3F000
stack
page read and write
E3B000
heap
page read and write
367F000
stack
page read and write
692000
unkown
page execute and write copy
5F0000
direct allocation
page read and write
13CA000
unkown
page execute and read and write
87C000
unkown
page execute and read and write
5701000
trusted library allocation
page read and write
651000
unkown
page execute and write copy
1D1AD000
heap
page read and write
CFA000
stack
page read and write
56F9000
trusted library allocation
page read and write
1D1C3000
heap
page read and write
47C0000
direct allocation
page execute and read and write
6CE91000
unkown
page execute read
5C4000
heap
page read and write
140E000
unkown
page execute and write copy
50B1000
heap
page read and write
230000
heap
page read and write
50B1000
heap
page read and write
684000
heap
page read and write
1D1AD000
heap
page read and write
684000
heap
page read and write
DB0000
direct allocation
page read and write
5AAE000
heap
page read and write
2347E000
stack
page read and write
23273000
heap
page read and write
61E00000
direct allocation
page execute and read and write
1D1AD000
heap
page read and write
459000
unkown
page execute and write copy
E25000
heap
page read and write
1CB000
stack
page read and write
1D191000
heap
page read and write
291F000
stack
page read and write
4591000
heap
page read and write
511000
heap
page read and write
50B1000
heap
page read and write
5C4000
heap
page read and write
53EE000
stack
page read and write
4A00000
direct allocation
page read and write
3C3F000
stack
page read and write
466E000
stack
page read and write
6BB000
unkown
page execute and write copy
5760000
heap
page read and write
836000
unkown
page execute and write copy
56EE000
trusted library allocation
page read and write
2C9000
unkown
page write copy
6520000
trusted library allocation
page read and write
50B1000
heap
page read and write
45D000
unkown
page execute and write copy
8B3000
unkown
page execute and write copy
31DE000
stack
page read and write
4591000
heap
page read and write
2337E000
stack
page read and write
848000
unkown
page execute and write copy
12C0000
direct allocation
page read and write
5C4000
heap
page read and write
1D19B000
heap
page read and write
3FEF000
stack
page read and write
5C4000
heap
page read and write
47B0000
direct allocation
page execute and read and write
2B6E000
stack
page read and write
5715000
trusted library allocation
page read and write
4591000
heap
page read and write
452E000
stack
page read and write
50B1000
heap
page read and write
82A000
unkown
page execute and read and write
4591000
heap
page read and write
DFC000
heap
page read and write
4B70000
direct allocation
page execute and read and write
E34000
heap
page read and write
4D8E000
stack
page read and write
4221000
heap
page read and write
57D8000
trusted library allocation
page read and write
16D4000
heap
page read and write
4820000
direct allocation
page execute and read and write
1D1AD000
heap
page read and write
343E000
stack
page read and write
1CD9D000
stack
page read and write
8CF000
unkown
page execute and read and write
42FF000
stack
page read and write
56EE000
trusted library allocation
page read and write
1450000
heap
page read and write
2F9E000
stack
page read and write
366F000
stack
page read and write
31F0000
direct allocation
page read and write
564000
unkown
page execute and write copy
5C4000
heap
page read and write
94A000
unkown
page execute and read and write
28CF000
stack
page read and write
577A000
trusted library allocation
page read and write
391F000
stack
page read and write
4E4E000
stack
page read and write
FB0000
unkown
page execute and read and write
4FC000
unkown
page execute and write copy
F19000
unkown
page execute and read and write
4581000
heap
page read and write
50B1000
heap
page read and write
1D1D1000
heap
page read and write
4EAD000
stack
page read and write
4CBE000
stack
page read and write
5020000
direct allocation
page execute and read and write
36BE000
stack
page read and write
364F000
stack
page read and write
5270000
heap
page read and write
50B1000
heap
page read and write
E03000
heap
page read and write
3BDF000
stack
page read and write
2910000
direct allocation
page read and write
87A000
unkown
page execute and read and write
2370000
direct allocation
page read and write
1CC0F000
stack
page read and write
57D1000
trusted library allocation
page read and write
6C5000
unkown
page execute and write copy
915000
unkown
page execute and write copy
5F0000
direct allocation
page read and write
4B60000
direct allocation
page execute and read and write
50B1000
heap
page read and write
E34000
heap
page read and write
9A4000
heap
page read and write
4B52000
trusted library allocation
page read and write
5C4000
heap
page read and write
371E000
stack
page read and write
381E000
stack
page read and write
1D1B5000
heap
page read and write
91B000
unkown
page execute and write copy
866000
unkown
page execute and write copy
5C4000
heap
page read and write
5360000
heap
page read and write
1D1B5000
heap
page read and write
1CFDD000
stack
page read and write
83E000
stack
page read and write
E34000
heap
page read and write
4E3000
unkown
page execute and read and write
16E0000
direct allocation
page read and write
4A31000
trusted library allocation
page read and write
4591000
heap
page read and write
3F4E000
stack
page read and write
1D19B000
heap
page read and write
23310000
trusted library allocation
page read and write
5C4000
heap
page read and write
FD3000
unkown
page execute and write copy
484A000
trusted library allocation
page read and write
5C4000
heap
page read and write
1D1B3000
heap
page read and write
5C5000
heap
page read and write
850000
heap
page read and write
893000
unkown
page execute and read and write
5C4000
heap
page read and write
94A000
unkown
page execute and write copy
840000
heap
page read and write
3200000
heap
page read and write
5800000
trusted library allocation
page read and write
10DE000
stack
page read and write
270000
unkown
page readonly
50B1000
heap
page read and write
231E000
stack
page read and write
E34000
heap
page read and write
684000
heap
page read and write
572B000
trusted library allocation
page read and write
41E1000
heap
page read and write
459000
unkown
page execute and read and write
330F000
stack
page read and write
4591000
heap
page read and write
291E000
stack
page read and write
1604000
heap
page read and write
53A0000
trusted library allocation
page read and write
E34000
heap
page read and write
56EE000
trusted library allocation
page read and write
88F000
unkown
page execute and write copy
313F000
stack
page read and write
E20000
direct allocation
page read and write
328F000
stack
page read and write
4650000
remote allocation
page read and write
5C4000
heap
page read and write
5C4000
heap
page read and write
56FA000
trusted library allocation
page read and write
F4B000
unkown
page execute and read and write
5261000
heap
page read and write
4A51000
heap
page read and write
620000
direct allocation
page read and write
42E0000
trusted library allocation
page read and write
50B1000
heap
page read and write
DB0000
direct allocation
page read and write
1D1C3000
heap
page read and write
2D5000
unkown
page execute and write copy
F83000
unkown
page execute and read and write
23210000
heap
page read and write
684000
heap
page read and write
DFC000
unkown
page execute and read and write
5F0000
direct allocation
page read and write
463E000
stack
page read and write
3C7E000
stack
page read and write
C74000
heap
page read and write
4771000
heap
page read and write
1604000
heap
page read and write
4D2000
unkown
page execute and write copy
55AE000
stack
page read and write
5C4000
heap
page read and write
73C8F000
unkown
page readonly
30DE000
stack
page read and write
5040000
direct allocation
page execute and read and write
1604000
heap
page read and write
555000
unkown
page execute and write copy
4E3E000
stack
page read and write
13FE000
unkown
page execute and read and write
9A4000
heap
page read and write
3D7F000
stack
page read and write
45F000
unkown
page execute and read and write
1D61E000
stack
page read and write
56FD000
trusted library allocation
page read and write
2CAE000
stack
page read and write
84A000
unkown
page execute and write copy
8B3000
unkown
page execute and write copy
1D191000
heap
page read and write
9A4000
heap
page read and write
269E000
stack
page read and write
38EF000
stack
page read and write
894000
unkown
page execute and write copy
9A4000
heap
page read and write
2FEE000
stack
page read and write
45B0000
heap
page read and write
4A51000
heap
page read and write
5070000
direct allocation
page execute and read and write
84F000
unkown
page execute and read and write
2DBF000
stack
page read and write
4591000
heap
page read and write
F37000
unkown
page execute and read and write
41E1000
heap
page read and write
1D1A3000
heap
page read and write
4ABE000
stack
page read and write
320B000
heap
page read and write
4A5C000
stack
page read and write
46CE000
stack
page read and write
684000
heap
page read and write
4591000
heap
page read and write
2397000
heap
page read and write
4581000
heap
page read and write
323F000
stack
page read and write
14AF000
heap
page read and write
C4E000
stack
page read and write
453E000
stack
page read and write
3B4F000
stack
page read and write
4A51000
heap
page read and write
16D4000
heap
page read and write
4D3E000
stack
page read and write
628A000
heap
page read and write
438000
unkown
page execute and write copy
4B4000
unkown
page execute and write copy
4A51000
heap
page read and write
117C000
unkown
page execute and read and write
5F0000
direct allocation
page read and write
12C0000
direct allocation
page read and write
48C000
unkown
page execute and write copy
56D000
unkown
page execute and write copy
4DC000
unkown
page execute and write copy
BE7000
unkown
page execute and read and write
392E000
stack
page read and write
901000
heap
page read and write
38FF000
stack
page read and write
E20000
direct allocation
page read and write
FA9000
unkown
page execute and write copy
4581000
heap
page read and write
4BE0000
direct allocation
page execute and read and write
4B70000
direct allocation
page execute and read and write
147A000
heap
page read and write
4DFE000
stack
page read and write
8EA000
unkown
page execute and write copy
620000
direct allocation
page read and write
12C0000
direct allocation
page read and write
836000
unkown
page execute and write copy
D71000
heap
page read and write
6EB1000
heap
page read and write
1D1C1000
heap
page read and write
4800000
direct allocation
page execute and read and write
2F2E000
stack
page read and write
545000
heap
page read and write
94A000
unkown
page execute and read and write
1D1AB000
heap
page read and write
D1A000
heap
page read and write
47E0000
direct allocation
page execute and read and write
1058000
unkown
page execute and write copy
2A9E000
stack
page read and write
816000
heap
page read and write
56E7000
trusted library allocation
page read and write
DAA000
unkown
page execute and read and write
E20000
direct allocation
page read and write
23520000
heap
page read and write
4840000
direct allocation
page execute and read and write
3F2F000
stack
page read and write
16E0000
direct allocation
page read and write
4581000
heap
page read and write
650000
unkown
page readonly
45D000
unkown
page execute and write copy
5707000
trusted library allocation
page read and write
357E000
stack
page read and write
4D60000
direct allocation
page execute and read and write
37AF000
stack
page read and write
34FE000
stack
page read and write
6B9000
unkown
page write copy
3BAD000
stack
page read and write
4B50000
heap
page read and write
650000
unkown
page readonly
4320000
trusted library allocation
page read and write
8AA000
heap
page read and write
624C000
heap
page read and write
9A4000
heap
page read and write
E34000
heap
page read and write
1D1C3000
heap
page read and write
559000
heap
page read and write
469C000
stack
page read and write
F86000
unkown
page execute and read and write
557E000
stack
page read and write
4591000
heap
page read and write
77AD000
stack
page read and write
2EEF000
stack
page read and write
5250000
direct allocation
page read and write
31AE000
stack
page read and write
2E5E000
stack
page read and write
8EA000
unkown
page execute and write copy
5700000
trusted library allocation
page read and write
4870000
trusted library allocation
page read and write
349E000
stack
page read and write
3DCF000
stack
page read and write
4BA0000
direct allocation
page execute and read and write
395E000
stack
page read and write
8BA000
heap
page read and write
121F000
stack
page read and write
6CF1E000
unkown
page read and write
3AFF000
stack
page read and write
3CEE000
stack
page read and write
4771000
heap
page read and write
E20000
direct allocation
page read and write
4C20000
direct allocation
page execute and read and write
50B1000
heap
page read and write
50A1000
heap
page read and write
1604000
heap
page read and write
FFD000
unkown
page execute and write copy
29FC0000
heap
page read and write
1D8CE000
stack
page read and write
427F000
stack
page read and write
E34000
heap
page read and write
2C2F000
stack
page read and write
1D1AD000
heap
page read and write
41E0000
heap
page read and write
56EE000
trusted library allocation
page read and write
2C9F000
stack
page read and write
23230000
heap
page read and write
E20000
direct allocation
page read and write
500000
unkown
page execute and read and write
12C0000
direct allocation
page read and write
680000
heap
page read and write
5050000
direct allocation
page execute and read and write
895000
heap
page read and write
867000
unkown
page execute and read and write
78AD000
stack
page read and write
50B0000
direct allocation
page execute and read and write
6C7000
unkown
page execute and write copy
37AF000
stack
page read and write
4BB0000
direct allocation
page execute and read and write
5C4000
heap
page read and write
4F1000
unkown
page execute and write copy
458E000
stack
page read and write
1048000
unkown
page execute and write copy
342E000
stack
page read and write
F30000
unkown
page read and write
340F000
stack
page read and write
4591000
heap
page read and write
50B1000
heap
page read and write
56D000
unkown
page execute and write copy
F1E000
stack
page read and write
3BBE000
stack
page read and write
44D000
unkown
page execute and read and write
5050000
direct allocation
page execute and read and write
684000
heap
page read and write
39BF000
stack
page read and write
C00000
heap
page read and write
790E000
stack
page read and write
5380000
unclassified section
page read and write
4591000
heap
page read and write
E34000
heap
page read and write
470000
heap
page read and write
5810000
trusted library allocation
page read and write
9A4000
heap
page read and write
5702000
trusted library allocation
page read and write
31F0000
direct allocation
page read and write
37EE000
stack
page read and write
5C4000
heap
page read and write
670000
heap
page read and write
4B45000
trusted library allocation
page read and write
5710000
trusted library allocation
page read and write
4B90000
direct allocation
page execute and read and write
6C6000
unkown
page execute and read and write
684000
heap
page read and write
3E3E000
stack
page read and write
8B5000
unkown
page execute and read and write
4D6D000
stack
page read and write
1D1AB000
heap
page read and write
2E6F000
stack
page read and write
5C4000
heap
page read and write
50B1000
heap
page read and write
557000
unkown
page execute and write copy
5747000
trusted library allocation
page read and write
468F000
stack
page read and write
2370000
direct allocation
page read and write
5701000
trusted library allocation
page read and write
50B1000
heap
page read and write
27DC000
stack
page read and write
543000
heap
page read and write
5C4000
heap
page read and write
651000
unkown
page execute and write copy
There are 2519 hidden memdumps, click here to show them.