Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
XPC5PMKegV.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\xMLVfJVxhYAkoCJ.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\xMLVfJVxhYAkoCJ.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Program Files (x86)\Microsoft.NET\System.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Microsoft.NET\System.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Program Files (x86)\Windows Defender\StartMenuExperienceHost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Windows Defender\StartMenuExperienceHost.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Program Files\Microsoft Office 15\ClientX64\Registry.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Microsoft Office 15\ClientX64\Registry.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Recovery\xMLVfJVxhYAkoCJ.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts\xMLVfJVxhYAkoCJ.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\XPC5PMKegV.exe.log
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\yrs7rIEeUp.bat
|
DOS batch file, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Windows\IdentityCRL\production\xMLVfJVxhYAkoCJ.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Microsoft.NET\27d1bcfc3c54e0
|
ASCII text, with very long lines (776), with no line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\51c080b3bf3cc1
|
ASCII text, with very long lines (770), with no line terminators
|
dropped
|
||
|
C:\Program Files (x86)\Windows Defender\55b276f4edf653
|
ASCII text, with very long lines (712), with no line terminators
|
dropped
|
||
|
C:\Program Files\Microsoft Office 15\ClientX64\ee2ad38f3d4382
|
ASCII text, with very long lines (728), with no line terminators
|
dropped
|
||
|
C:\Recovery\51c080b3bf3cc1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Recovery\xMLVfJVxhYAkoCJ.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts\51c080b3bf3cc1
|
ASCII text, with very long lines (539), with no line terminators
|
dropped
|
||
|
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts\xMLVfJVxhYAkoCJ.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\Registry.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\StartMenuExperienceHost.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\System.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\xMLVfJVxhYAkoCJ.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\bNV1sCNsUH
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\IdentityCRL\production\51c080b3bf3cc1
|
ASCII text, with very long lines (509), with no line terminators
|
dropped
|
||
|
C:\Windows\IdentityCRL\production\xMLVfJVxhYAkoCJ.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
\Device\Null
|
ASCII text
|
dropped
|
There are 20 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\XPC5PMKegV.exe
|
"C:\Users\user\Desktop\XPC5PMKegV.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "xMLVfJVxhYAkoCJx" /sc MINUTE /mo 9 /tr "'C:\Recovery\xMLVfJVxhYAkoCJ.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "xMLVfJVxhYAkoCJ" /sc ONLOGON /tr "'C:\Recovery\xMLVfJVxhYAkoCJ.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "xMLVfJVxhYAkoCJx" /sc MINUTE /mo 5 /tr "'C:\Recovery\xMLVfJVxhYAkoCJ.exe'" /rl HIGHEST /f
|
|
|
|
C:\Recovery\xMLVfJVxhYAkoCJ.exe
|
C:\Recovery\xMLVfJVxhYAkoCJ.exe
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "xMLVfJVxhYAkoCJx" /sc MINUTE /mo 11 /tr "'C:\Windows\IdentityCRL\production\xMLVfJVxhYAkoCJ.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "xMLVfJVxhYAkoCJ" /sc ONLOGON /tr "'C:\Windows\IdentityCRL\production\xMLVfJVxhYAkoCJ.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "xMLVfJVxhYAkoCJx" /sc MINUTE /mo 11 /tr "'C:\Windows\IdentityCRL\production\xMLVfJVxhYAkoCJ.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "RegistryR" /sc MINUTE /mo 6 /tr "'C:\Program Files\Microsoft Office 15\ClientX64\Registry.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "Registry" /sc ONLOGON /tr "'C:\Program Files\Microsoft Office 15\ClientX64\Registry.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "RegistryR" /sc MINUTE /mo 5 /tr "'C:\Program Files\Microsoft Office 15\ClientX64\Registry.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "StartMenuExperienceHostS" /sc MINUTE /mo 5 /tr "'C:\Program Files (x86)\windows defender\StartMenuExperienceHost.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "StartMenuExperienceHost" /sc ONLOGON /tr "'C:\Program Files (x86)\windows defender\StartMenuExperienceHost.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "StartMenuExperienceHostS" /sc MINUTE /mo 5 /tr "'C:\Program Files (x86)\windows defender\StartMenuExperienceHost.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "SystemS" /sc MINUTE /mo 10 /tr "'C:\Program Files (x86)\microsoft.net\System.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "System" /sc ONLOGON /tr "'C:\Program Files (x86)\microsoft.net\System.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "SystemS" /sc MINUTE /mo 11 /tr "'C:\Program Files (x86)\microsoft.net\System.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "xMLVfJVxhYAkoCJx" /sc MINUTE /mo 10 /tr "'C:\Users\Default\NetHood\xMLVfJVxhYAkoCJ.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "xMLVfJVxhYAkoCJ" /sc ONLOGON /tr "'C:\Users\Default\NetHood\xMLVfJVxhYAkoCJ.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "xMLVfJVxhYAkoCJx" /sc MINUTE /mo 6 /tr "'C:\Users\Default\NetHood\xMLVfJVxhYAkoCJ.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "xMLVfJVxhYAkoCJx" /sc MINUTE /mo 11 /tr "'C:\Program Files (x86)\microsoft.net\Primary Interop Assemblies\xMLVfJVxhYAkoCJ.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "xMLVfJVxhYAkoCJ" /sc ONLOGON /tr "'C:\Program Files (x86)\microsoft.net\Primary Interop Assemblies\xMLVfJVxhYAkoCJ.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "xMLVfJVxhYAkoCJx" /sc MINUTE /mo 12 /tr "'C:\Program Files (x86)\microsoft.net\Primary Interop Assemblies\xMLVfJVxhYAkoCJ.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Program Files\Microsoft Office 15\ClientX64\Registry.exe
|
"C:\Program Files\Microsoft Office 15\ClientX64\Registry.exe"
|
|
|
|
C:\Program Files\Microsoft Office 15\ClientX64\Registry.exe
|
"C:\Program Files\Microsoft Office 15\ClientX64\Registry.exe"
|
|
|
|
C:\Program Files (x86)\Windows Defender\StartMenuExperienceHost.exe
|
"C:\Program Files (x86)\windows defender\StartMenuExperienceHost.exe"
|
|
|
|
C:\Program Files (x86)\Windows Defender\StartMenuExperienceHost.exe
|
"C:\Program Files (x86)\windows defender\StartMenuExperienceHost.exe"
|
|
|
|
C:\Program Files (x86)\Microsoft.NET\System.exe
|
"C:\Program Files (x86)\microsoft.net\System.exe"
|
|
|
|
C:\Program Files (x86)\Microsoft.NET\System.exe
|
"C:\Program Files (x86)\microsoft.net\System.exe"
|
|
|
|
C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\xMLVfJVxhYAkoCJ.exe
|
"C:\Program Files (x86)\microsoft.net\Primary Interop Assemblies\xMLVfJVxhYAkoCJ.exe"
|
|
|
|
C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\xMLVfJVxhYAkoCJ.exe
|
"C:\Program Files (x86)\microsoft.net\Primary Interop Assemblies\xMLVfJVxhYAkoCJ.exe"
|
|
|
|
C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\xMLVfJVxhYAkoCJ.exe
|
"C:\Program Files (x86)\microsoft.net\Primary Interop Assemblies\xMLVfJVxhYAkoCJ.exe"
|
|
|
|
C:\Program Files\Microsoft Office 15\ClientX64\Registry.exe
|
"C:\Program Files\Microsoft Office 15\ClientX64\Registry.exe"
|
|
|
|
C:\Program Files (x86)\Windows Defender\StartMenuExperienceHost.exe
|
"C:\Program Files (x86)\windows defender\StartMenuExperienceHost.exe"
|
|
|
|
C:\Program Files (x86)\Microsoft.NET\System.exe
|
"C:\Program Files (x86)\microsoft.net\System.exe"
|
|
|
|
C:\Program Files (x86)\Microsoft.NET\Primary Interop Assemblies\xMLVfJVxhYAkoCJ.exe
|
"C:\Program Files (x86)\microsoft.net\Primary Interop Assemblies\xMLVfJVxhYAkoCJ.exe"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /C "C:\Users\user\AppData\Local\Temp\yrs7rIEeUp.bat"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\w32tm.exe
|
w32tm /stripchart /computer:localhost /period:5 /dataonly /samples:2
|
There are 29 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://92.63.98.227/Voiddb/public/TempbaseProcess/Db6centrallongpoll/publicWordpress/wordpress/Universalsqlvoiddbpipe/local/3public/Line/Packet/CentrallongpollTestLinux/Wordpress/vm8/ProtonDb/TrackGeoCentral/async/Authvoiddbdb/tempimage9/imageCpuLocal.php?wsYGO6h0LRmQYvXEN53p=7MnpAezzgxv3Du1Mk5sQ2lfTWuMSKWM&wmzfuaObrApe1XUBf1mAKZHV=TSPRgpJkAGa4WcJrQi16Bc&959480b0b628e0e0f7e21ad37808361f=145978ce6cedf15746edd31db8133721&1378154f7d7081a582cfedd1d437892d=gZ4IjY5IDNyMTM1gDO0YjYhVjZkdTN4YTYxImY0gTYyE2MxMjM0QmN&wsYGO6h0LRmQYvXEN53p=7MnpAezzgxv3Du1Mk5sQ2lfTWuMSKWM&wmzfuaObrApe1XUBf1mAKZHV=TSPRgpJkAGa4WcJrQi16Bc
|
92.63.98.227
|
|
|
|
http://92.63.98.227/Voiddb/public/TempbaseProcess/Db6centrallongpoll/publicWordpress/wordpress/Universalsqlvoiddbpipe/local/3public/Line/Packet/CentrallongpollTestLinux/Wordpress/vm8/ProtonDb/TrackGeoCentral/async/Authvoiddbdb/tempimage9/imageCpuLocal.php?2Axq4KFgntH6pOhfkXM061hX=JBth00EchN&959480b0b628e0e0f7e21ad37808361f=145978ce6cedf15746edd31db8133721&1378154f7d7081a582cfedd1d437892d=gZ4IjY5IDNyMTM1gDO0YjYhVjZkdTN4YTYxImY0gTYyE2MxMjM0QmN&2Axq4KFgntH6pOhfkXM061hX=JBth00EchN
|
92.63.98.227
|
|
|
|
http://92.63.98.227/Voiddb/public/TempbaseProcess/Db6centrallongpoll/publicWordpress/wordpress/Universalsqlvoiddbpipe/local/3public/Line/Packet/CentrallongpollTestLinux/Wordpress/vm8/ProtonDb/TrackGeoCentral/async/Authvoiddbdb/tempimage9/imageCpuLocal.php?LCTkyAhxuXJBDwmHP=RoIClfDarmNAWQEsEcAxbfeAz&AD=C45cXmCXIbxhYS4ktB27U&KGcUwJINkf9vpsRi9oBV5BN=CNkaF9HGT&959480b0b628e0e0f7e21ad37808361f=145978ce6cedf15746edd31db8133721&1378154f7d7081a582cfedd1d437892d=gZ4IjY5IDNyMTM1gDO0YjYhVjZkdTN4YTYxImY0gTYyE2MxMjM0QmN&LCTkyAhxuXJBDwmHP=RoIClfDarmNAWQEsEcAxbfeAz&AD=C45cXmCXIbxhYS4ktB27U&KGcUwJINkf9vpsRi9oBV5BN=CNkaF9HGT
|
92.63.98.227
|
|
|
|
http://92.63.98.227/Voiddb/public/TempbaseProcess/Db6centrallongpoll/publicWordpress/wordpress/Universalsqlvoiddbpipe/local/3public/Line/Packet/CentrallongpollTestLinux/Wordpress/vm8/ProtonDb/TrackGeoCentral/async/Authvoiddbdb/tempimage9/imageCpuLocal.php?wQNh6iKcIXveOYBNXdtL1aU9x=pRoMvshtb4vs48yjOeFXOMwTBTU44&959480b0b628e0e0f7e21ad37808361f=145978ce6cedf15746edd31db8133721&1378154f7d7081a582cfedd1d437892d=gZ4IjY5IDNyMTM1gDO0YjYhVjZkdTN4YTYxImY0gTYyE2MxMjM0QmN&wQNh6iKcIXveOYBNXdtL1aU9x=pRoMvshtb4vs48yjOeFXOMwTBTU44
|
92.63.98.227
|
|
|
|
http://92.63.98.227/Voiddb/public/TempbaseProcess/Db6centrallongpoll/publicWordpress/wordpress/Universalsqlvoiddbpipe/local/3public/Line/Packet/CentrallongpollTestLinux/Wordpress/vm8/ProtonDb/TrackGeoCentral/async/Authvoiddbdb/tempimage9/imageCpuLocal.php?4DpgykXUnYal=5pRDw8u&VEaEdbRUQLKbDAyInpMt9jQQ58K=tH6x0e&959480b0b628e0e0f7e21ad37808361f=145978ce6cedf15746edd31db8133721&1378154f7d7081a582cfedd1d437892d=gZ4IjY5IDNyMTM1gDO0YjYhVjZkdTN4YTYxImY0gTYyE2MxMjM0QmN&4DpgykXUnYal=5pRDw8u&VEaEdbRUQLKbDAyInpMt9jQQ58K=tH6x0e
|
92.63.98.227
|
|
|
|
http://92.63.98.227/Voiddb/public/TempbaseProcess/Db6centrallongpoll/publicWordpress/wordpress/Universalsqlvoiddbpipe/local/3public/Line/Packet/CentrallongpollTestLinux/Wordpress/vm8/ProtonDb/TrackGeoCentral/async/Authvoiddbdb/tempimage9/imageCpuLocal.php?Kn=9wPdEYVChygSjocnzmqZ&hgvNjsg=VxIIw02dGT&kpm8m=fLo31XdN&959480b0b628e0e0f7e21ad37808361f=145978ce6cedf15746edd31db8133721&1378154f7d7081a582cfedd1d437892d=gZ4IjY5IDNyMTM1gDO0YjYhVjZkdTN4YTYxImY0gTYyE2MxMjM0QmN&Kn=9wPdEYVChygSjocnzmqZ&hgvNjsg=VxIIw02dGT&kpm8m=fLo31XdN
|
92.63.98.227
|
|
|
|
http://92.63.98.227/Voiddb/public/TempbaseProcess/Db6centrallongpoll/publicWordpress/wordpress/Universalsqlvoiddbpipe/local/3public/Line/Packet/CentrallongpollTestLinux/Wordpress/vm8/ProtonDb/TrackGeoCentral/async/Authvoiddbdb/tempimage9/imageCpuLocal.php?EF2LbGexCHI8Z7Jo=b0ysiqYJ8wKaTOIDjK5xIcrgA&959480b0b628e0e0f7e21ad37808361f=145978ce6cedf15746edd31db8133721&1378154f7d7081a582cfedd1d437892d=gZ4IjY5IDNyMTM1gDO0YjYhVjZkdTN4YTYxImY0gTYyE2MxMjM0QmN&EF2LbGexCHI8Z7Jo=b0ysiqYJ8wKaTOIDjK5xIcrgA
|
92.63.98.227
|
|
|
|
http://92.63.98.227/Voiddb/public/TempbaseProcess/Db6centrallongpoll/publicWordpress/wordpress/Universalsqlvoiddbpipe/local/3public/Line/Packet/CentrallongpollTestLinux/Wordpress/vm8/ProtonDb/TrackGeoCentral/async/Authvoiddbdb/tempimage9/imageCpuLocal.php?krK453gzkbHwQekvew09meNQ2x=b0r&959480b0b628e0e0f7e21ad37808361f=145978ce6cedf15746edd31db8133721&1378154f7d7081a582cfedd1d437892d=gZ4IjY5IDNyMTM1gDO0YjYhVjZkdTN4YTYxImY0gTYyE2MxMjM0QmN&krK453gzkbHwQekvew09meNQ2x=b0r
|
92.63.98.227
|
|
|
|
http://92.63.98.227/Voiddb/public/TempbaseProcess/Db6centrallongpoll/publicWordpress/wordpress/Universalsqlvoiddbpipe/local/3public/Line/Packet/CentrallongpollTestLinux/Wordpress/vm8/ProtonDb/TrackGeoCentral/async/Authvoiddbdb/tempimage9/imageCpuLocal.php?WuSiaDMYqv7WyHwlbBxUC=q8B8QMBG2uLAIvUeiK7j&e9sh7XbF5VpmuDThbw9Xk2MKx8BQ7dm=cmM9SbTzkA7Zg&YrB7GY8MYlwht=WLIctSJI0UOAdKwk5xnZkTPAWOYPNlM&959480b0b628e0e0f7e21ad37808361f=145978ce6cedf15746edd31db8133721&1378154f7d7081a582cfedd1d437892d=gZ4IjY5IDNyMTM1gDO0YjYhVjZkdTN4YTYxImY0gTYyE2MxMjM0QmN&WuSiaDMYqv7WyHwlbBxUC=q8B8QMBG2uLAIvUeiK7j&e9sh7XbF5VpmuDThbw9Xk2MKx8BQ7dm=cmM9SbTzkA7Zg&YrB7GY8MYlwht=WLIctSJI0UOAdKwk5xnZkTPAWOYPNlM
|
92.63.98.227
|
|
|
|
http://92.63.98.227/Voiddb/public/TempbaseProcess/Db6centrallongpoll/publicWordpress/wordpress/Unive
|
unknown
|
||
|
http://92.63.98.227
|
unknown
|
||
|
http://92.63.98.227(
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://go.mic5
|
unknown
|
There are 4 hidden URLs, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
92.63.98.227
|
unknown
|
Russian Federation
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
xMLVfJVxhYAkoCJ
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
xMLVfJVxhYAkoCJ
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Registry
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
Registry
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
StartMenuExperienceHost
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
StartMenuExperienceHost
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
System
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
xMLVfJVxhYAkoCJ
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
xMLVfJVxhYAkoCJ
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
xMLVfJVxhYAkoCJ
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
xMLVfJVxhYAkoCJ
|
|
|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
|
Shell
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\a6d1b75e21995032ed39524e016aeca1222e1f75
|
2a09507f70bca0791aa833e304333a7f3954b5a1
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\cmd.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\cmd.exe.ApplicationCompany
|
||
|
HKEY_CURRENT_USER\SOFTWARE\8b985742ffea0c9efe853e692e0b59ea
|
8b985742ffea0c9efe853e692e0b59ea
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Registry_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Registry_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Registry_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Registry_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Registry_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Registry_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Registry_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Registry_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Registry_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Registry_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Registry_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Registry_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Registry_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Registry_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\StartMenuExperienceHost_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\System_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\System_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\System_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\System_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\System_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\System_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\System_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\System_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\System_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\System_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\System_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\System_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\System_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\System_RASMANCS
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\xMLVfJVxhYAkoCJ_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\xMLVfJVxhYAkoCJ_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\xMLVfJVxhYAkoCJ_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\xMLVfJVxhYAkoCJ_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\xMLVfJVxhYAkoCJ_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\xMLVfJVxhYAkoCJ_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\xMLVfJVxhYAkoCJ_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\xMLVfJVxhYAkoCJ_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\xMLVfJVxhYAkoCJ_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\xMLVfJVxhYAkoCJ_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\xMLVfJVxhYAkoCJ_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\xMLVfJVxhYAkoCJ_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\xMLVfJVxhYAkoCJ_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\xMLVfJVxhYAkoCJ_RASMANCS
|
FileDirectory
|
There are 69 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
315F000
|
trusted library allocation
|
page read and write
|
|
|
|
28A1000
|
trusted library allocation
|
page read and write
|
|
|
|
2E61000
|
trusted library allocation
|
page read and write
|
|
|
|
12E6F000
|
trusted library allocation
|
page read and write
|
|
|
|
2EFF000
|
trusted library allocation
|
page read and write
|
|
|
|
32E1000
|
trusted library allocation
|
page read and write
|
|
|
|
2981000
|
trusted library allocation
|
page read and write
|
|
|
|
25ED000
|
trusted library allocation
|
page read and write
|
|
|
|
2E5F000
|
trusted library allocation
|
page read and write
|
|
|
|
2F41000
|
trusted library allocation
|
page read and write
|
|
|
|
29BF000
|
trusted library allocation
|
page read and write
|
|
|
|
2AF1000
|
trusted library allocation
|
page read and write
|
|
|
|
331F000
|
trusted library allocation
|
page read and write
|
|
|
|
2E2F000
|
trusted library allocation
|
page read and write
|
|
|
|
2EC1000
|
trusted library allocation
|
page read and write
|
|
|
|
2981000
|
trusted library allocation
|
page read and write
|
|
|
|
3143000
|
trusted library allocation
|
page read and write
|
|
|
|
2E21000
|
trusted library allocation
|
page read and write
|
|
|
|
2DF1000
|
trusted library allocation
|
page read and write
|
|
|
|
2F61000
|
trusted library allocation
|
page read and write
|
|
|
|
2F7F000
|
trusted library allocation
|
page read and write
|
|
|
|
FDD000
|
heap
|
page read and write
|
||
|
1BD97000
|
heap
|
page read and write
|
||
|
1304D000
|
trusted library allocation
|
page read and write
|
||
|
BB0000
|
heap
|
page read and write
|
||
|
1C0A5000
|
heap
|
page read and write
|
||
|
1BCD7000
|
heap
|
page read and write
|
||
|
FEC000
|
heap
|
page read and write
|
||
|
125EF000
|
trusted library allocation
|
page read and write
|
||
|
12DF1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34667000
|
trusted library allocation
|
page read and write
|
||
|
7FFD348E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B6F7000
|
heap
|
page read and write
|
||
|
131E000
|
heap
|
page read and write
|
||
|
1B4BE000
|
stack
|
page read and write
|
||
|
1BD45000
|
heap
|
page read and write
|
||
|
1C37D000
|
stack
|
page read and write
|
||
|
124F000
|
stack
|
page read and write
|
||
|
12BC000
|
heap
|
page read and write
|
||
|
EEB000
|
heap
|
page read and write
|
||
|
7FFD34820000
|
trusted library allocation
|
page read and write
|
||
|
2C92000
|
trusted library allocation
|
page read and write
|
||
|
1030000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34893000
|
trusted library allocation
|
page read and write
|
||
|
12BA000
|
heap
|
page read and write
|
||
|
D22000
|
heap
|
page read and write
|
||
|
142E000
|
stack
|
page read and write
|
||
|
7FFD347FC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34643000
|
trusted library allocation
|
page execute and read and write
|
||
|
12DFD000
|
trusted library allocation
|
page read and write
|
||
|
1B720000
|
heap
|
page execute and read and write
|
||
|
7FFD34653000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34770000
|
trusted library allocation
|
page execute and read and write
|
||
|
12EC3000
|
trusted library allocation
|
page read and write
|
||
|
8F6000
|
stack
|
page read and write
|
||
|
12F4D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34870000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34831000
|
trusted library allocation
|
page read and write
|
||
|
1B63E2D7000
|
heap
|
page read and write
|
||
|
1195000
|
heap
|
page read and write
|
||
|
7FFD34673000
|
trusted library allocation
|
page execute and read and write
|
||
|
E5C000
|
heap
|
page read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
2961000
|
trusted library allocation
|
page read and write
|
||
|
B66000
|
unkown
|
page readonly
|
||
|
7FFD34820000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34677000
|
trusted library allocation
|
page read and write
|
||
|
12F0C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34880000
|
trusted library allocation
|
page read and write
|
||
|
12E31000
|
trusted library allocation
|
page read and write
|
||
|
1515000
|
heap
|
page read and write
|
||
|
CC6000
|
heap
|
page read and write
|
||
|
7FFD34756000
|
trusted library allocation
|
page execute and read and write
|
||
|
2FFF000
|
trusted library allocation
|
page read and write
|
||
|
1BCBE000
|
stack
|
page read and write
|
||
|
1BB1E000
|
stack
|
page read and write
|
||
|
1B740000
|
heap
|
page read and write
|
||
|
7FFD347F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3468D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34784000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34756000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD347A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BD00000
|
heap
|
page read and write
|
||
|
101E000
|
stack
|
page read and write
|
||
|
7FFD34803000
|
trusted library allocation
|
page read and write
|
||
|
2A90000
|
trusted library allocation
|
page read and write
|
||
|
1AE2D000
|
stack
|
page read and write
|
||
|
2DD0000
|
heap
|
page execute and read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
7FFD348A0000
|
trusted library allocation
|
page read and write
|
||
|
1058000
|
heap
|
page read and write
|
||
|
1B8BE000
|
stack
|
page read and write
|
||
|
CFF000
|
heap
|
page read and write
|
||
|
7FFD34663000
|
trusted library allocation
|
page read and write
|
||
|
7FFD346AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BBB4000
|
stack
|
page read and write
|
||
|
7FFD346DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1077000
|
heap
|
page read and write
|
||
|
7FFD34890000
|
trusted library allocation
|
page read and write
|
||
|
1BD6E000
|
stack
|
page read and write
|
||
|
3002000
|
trusted library allocation
|
page read and write
|
||
|
7FFD348BF000
|
trusted library allocation
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
7FFD34816000
|
trusted library allocation
|
page read and write
|
||
|
30C4000
|
trusted library allocation
|
page read and write
|
||
|
2955000
|
trusted library allocation
|
page read and write
|
||
|
1B3EC000
|
stack
|
page read and write
|
||
|
1B9E0000
|
heap
|
page execute and read and write
|
||
|
7FFD34780000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34740000
|
trusted library allocation
|
page execute and read and write
|
||
|
A25000
|
heap
|
page read and write
|
||
|
1B82E000
|
stack
|
page read and write
|
||
|
1C3BD000
|
stack
|
page read and write
|
||
|
171E000
|
stack
|
page read and write
|
||
|
A10000
|
heap
|
page read and write
|
||
|
30A5000
|
trusted library allocation
|
page read and write
|
||
|
DC1000
|
heap
|
page read and write
|
||
|
7FFD3481C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34830000
|
trusted library allocation
|
page read and write
|
||
|
128AD000
|
trusted library allocation
|
page read and write
|
||
|
2EDF000
|
stack
|
page read and write
|
||
|
7FFD34806000
|
trusted library allocation
|
page read and write
|
||
|
1B7EE000
|
stack
|
page read and write
|
||
|
1B6DD000
|
heap
|
page read and write
|
||
|
7FFD3489E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34684000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34868000
|
trusted library allocation
|
page read and write
|
||
|
2C66000
|
trusted library allocation
|
page read and write
|
||
|
7FFD347A2000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C2BD000
|
stack
|
page read and write
|
||
|
7FFD3466C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3465D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34800000
|
trusted library allocation
|
page read and write
|
||
|
1B37C000
|
stack
|
page read and write
|
||
|
7FFD347B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C001000
|
heap
|
page read and write
|
||
|
1BC1E000
|
stack
|
page read and write
|
||
|
2F0F000
|
stack
|
page read and write
|
||
|
12850000
|
trusted library allocation
|
page read and write
|
||
|
7FFD348D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
30EB000
|
trusted library allocation
|
page read and write
|
||
|
110B000
|
heap
|
page read and write
|
||
|
3169000
|
trusted library allocation
|
page read and write
|
||
|
12F6F000
|
trusted library allocation
|
page read and write
|
||
|
12D60000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34663000
|
trusted library allocation
|
page read and write
|
||
|
1C01B000
|
heap
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
12C83000
|
trusted library allocation
|
page read and write
|
||
|
12E6D000
|
trusted library allocation
|
page read and write
|
||
|
1BB2E000
|
stack
|
page read and write
|
||
|
128A8000
|
trusted library allocation
|
page read and write
|
||
|
1BA9F000
|
stack
|
page read and write
|
||
|
7FFD347FC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3480B000
|
trusted library allocation
|
page read and write
|
||
|
1B81E000
|
stack
|
page read and write
|
||
|
87A000
|
heap
|
page read and write
|
||
|
D4B000
|
heap
|
page read and write
|
||
|
1250000
|
trusted library allocation
|
page read and write
|
||
|
7FFD347FE000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
14E5000
|
heap
|
page read and write
|
||
|
DA2000
|
heap
|
page read and write
|
||
|
17D5000
|
heap
|
page read and write
|
||
|
2C85000
|
trusted library allocation
|
page read and write
|
||
|
A38000
|
heap
|
page read and write
|
||
|
1B613000
|
stack
|
page read and write
|
||
|
7FFD3488E000
|
trusted library allocation
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
7FFD346F6000
|
trusted library allocation
|
page read and write
|
||
|
30D2000
|
trusted library allocation
|
page read and write
|
||
|
12773000
|
trusted library allocation
|
page read and write
|
||
|
7FFD346AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD347FC000
|
trusted library allocation
|
page read and write
|
||
|
1BC65000
|
heap
|
page read and write
|
||
|
1BC30000
|
heap
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
7FFD3469B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1280000
|
trusted library allocation
|
page read and write
|
||
|
E8C000
|
heap
|
page read and write
|
||
|
7FFD348A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34664000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34860000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34663000
|
trusted library allocation
|
page execute and read and write
|
||
|
F60000
|
heap
|
page read and write
|
||
|
7FFD34706000
|
trusted library allocation
|
page read and write
|
||
|
D20000
|
heap
|
page read and write
|
||
|
EF6000
|
stack
|
page read and write
|
||
|
1BBB3000
|
stack
|
page read and write
|
||
|
2A39000
|
trusted library allocation
|
page read and write
|
||
|
1C0FE000
|
stack
|
page read and write
|
||
|
EF6000
|
stack
|
page read and write
|
||
|
7FFD3466D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BC57000
|
heap
|
page read and write
|
||
|
8FA000
|
heap
|
page read and write
|
||
|
1335F000
|
trusted library allocation
|
page read and write
|
||
|
1BCF0000
|
heap
|
page read and write
|
||
|
1520000
|
heap
|
page read and write
|
||
|
12E21000
|
trusted library allocation
|
page read and write
|
||
|
1C020000
|
heap
|
page read and write
|
||
|
A32000
|
unkown
|
page readonly
|
||
|
12B5F000
|
trusted library allocation
|
page read and write
|
||
|
294C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34870000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34672000
|
trusted library allocation
|
page read and write
|
||
|
1C48E000
|
stack
|
page read and write
|
||
|
B62000
|
unkown
|
page readonly
|
||
|
7FFD34820000
|
trusted library allocation
|
page read and write
|
||
|
12991000
|
trusted library allocation
|
page read and write
|
||
|
7FF46B300000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34813000
|
trusted library allocation
|
page read and write
|
||
|
7FFD346DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D90000
|
trusted library allocation
|
page read and write
|
||
|
30F3000
|
trusted library allocation
|
page read and write
|
||
|
1BDB3000
|
stack
|
page read and write
|
||
|
7FFD34674000
|
trusted library allocation
|
page read and write
|
||
|
EF6000
|
stack
|
page read and write
|
||
|
2890000
|
heap
|
page execute and read and write
|
||
|
144F000
|
stack
|
page read and write
|
||
|
1B63E2C0000
|
heap
|
page read and write
|
||
|
12E5000
|
heap
|
page read and write
|
||
|
7FFD34663000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34653000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD346AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
30A7000
|
trusted library allocation
|
page read and write
|
||
|
7FFD346AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
29C1000
|
trusted library allocation
|
page read and write
|
||
|
1172000
|
heap
|
page read and write
|
||
|
12E6F000
|
trusted library allocation
|
page read and write
|
||
|
108F000
|
heap
|
page read and write
|
||
|
7FFD34890000
|
trusted library allocation
|
page read and write
|
||
|
F9E000
|
heap
|
page read and write
|
||
|
1B2C0000
|
heap
|
page read and write
|
||
|
7FFD34823000
|
trusted library allocation
|
page read and write
|
||
|
1BFF3000
|
stack
|
page read and write
|
||
|
7FFD34823000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34810000
|
trusted library allocation
|
page read and write
|
||
|
1BEBE000
|
stack
|
page read and write
|
||
|
1BD3B000
|
heap
|
page read and write
|
||
|
1BE1B000
|
stack
|
page read and write
|
||
|
1B0AE000
|
stack
|
page read and write
|
||
|
CEA000
|
heap
|
page read and write
|
||
|
7FFD34663000
|
trusted library allocation
|
page read and write
|
||
|
EC0000
|
heap
|
page execute and read and write
|
||
|
EF6000
|
stack
|
page read and write
|
||
|
7FFD34863000
|
trusted library allocation
|
page read and write
|
||
|
7FFD347F3000
|
trusted library allocation
|
page read and write
|
||
|
1BFE2000
|
heap
|
page read and write
|
||
|
7FFD34652000
|
trusted library allocation
|
page read and write
|
||
|
1BA50000
|
heap
|
page read and write
|
||
|
A20000
|
heap
|
page read and write
|
||
|
1B00F000
|
stack
|
page read and write
|
||
|
12B64000
|
trusted library allocation
|
page read and write
|
||
|
7FFD348A4000
|
trusted library allocation
|
page read and write
|
||
|
E5E000
|
heap
|
page read and write
|
||
|
126F000
|
stack
|
page read and write
|
||
|
129FF000
|
trusted library allocation
|
page read and write
|
||
|
1553000
|
heap
|
page read and write
|
||
|
2B6E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3468D000
|
trusted library allocation
|
page execute and read and write
|
||
|
F71000
|
heap
|
page read and write
|
||
|
7FFD34830000
|
trusted library allocation
|
page read and write
|
||
|
12F48000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
1050000
|
heap
|
page read and write
|
||
|
7FFD3483C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD347FA000
|
trusted library allocation
|
page read and write
|
||
|
B80000
|
trusted library allocation
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
7FFD34660000
|
trusted library allocation
|
page read and write
|
||
|
30C8000
|
trusted library allocation
|
page read and write
|
||
|
1710000
|
trusted library allocation
|
page read and write
|
||
|
29D1000
|
trusted library allocation
|
page read and write
|
||
|
1BB3E000
|
stack
|
page read and write
|
||
|
1137000
|
heap
|
page read and write
|
||
|
1B870000
|
trusted library section
|
page read and write
|
||
|
1AE90000
|
trusted library allocation
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
1BFDE000
|
stack
|
page read and write
|
||
|
2C37000
|
trusted library allocation
|
page read and write
|
||
|
1B51E000
|
stack
|
page read and write
|
||
|
1BFE6000
|
heap
|
page read and write
|
||
|
1291F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34746000
|
trusted library allocation
|
page execute and read and write
|
||
|
2CCE000
|
stack
|
page read and write
|
||
|
7FFD3472C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1327000
|
heap
|
page read and write
|
||
|
12F61000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34800000
|
trusted library allocation
|
page read and write
|
||
|
2F30000
|
heap
|
page read and write
|
||
|
11A0000
|
trusted library allocation
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
7FFD346F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3466C000
|
trusted library allocation
|
page read and write
|
||
|
1323000
|
heap
|
page read and write
|
||
|
7FFD3469D000
|
trusted library allocation
|
page execute and read and write
|
||
|
12770000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3471C000
|
trusted library allocation
|
page execute and read and write
|
||
|
A30000
|
unkown
|
page readonly
|
||
|
1073000
|
heap
|
page read and write
|
||
|
B2E000
|
stack
|
page read and write
|
||
|
7FFD34806000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34894000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34840000
|
trusted library allocation
|
page read and write
|
||
|
1210000
|
heap
|
page read and write
|
||
|
125ED000
|
trusted library allocation
|
page read and write
|
||
|
12981000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34667000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34850000
|
trusted library allocation
|
page read and write
|
||
|
2FAB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3481E000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
12C5000
|
heap
|
page read and write
|
||
|
1BD0A000
|
heap
|
page read and write
|
||
|
532F6FE000
|
stack
|
page read and write
|
||
|
1BD36000
|
heap
|
page read and write
|
||
|
13CE000
|
stack
|
page read and write
|
||
|
FF1000
|
heap
|
page read and write
|
||
|
12E8F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34790000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD3466D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1336000
|
stack
|
page read and write
|
||
|
1510000
|
heap
|
page read and write
|
||
|
7FFD34766000
|
trusted library allocation
|
page execute and read and write
|
||
|
2952000
|
trusted library allocation
|
page read and write
|
||
|
129E000
|
heap
|
page read and write
|
||
|
125E1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3467B000
|
trusted library allocation
|
page execute and read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
D0F000
|
stack
|
page read and write
|
||
|
154B000
|
heap
|
page read and write
|
||
|
7FFD34674000
|
trusted library allocation
|
page read and write
|
||
|
1B6AB000
|
stack
|
page read and write
|
||
|
12983000
|
trusted library allocation
|
page read and write
|
||
|
B00000
|
heap
|
page read and write
|
||
|
12E28000
|
trusted library allocation
|
page read and write
|
||
|
1C054000
|
heap
|
page read and write
|
||
|
1288000
|
heap
|
page read and write
|
||
|
FBF000
|
heap
|
page read and write
|
||
|
30C6000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3466D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD347A5000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B6D6000
|
heap
|
page read and write
|
||
|
7FFD348B5000
|
trusted library allocation
|
page read and write
|
||
|
7FFD346A0000
|
trusted library allocation
|
page read and write
|
||
|
FA8000
|
heap
|
page read and write
|
||
|
7FFD34820000
|
trusted library allocation
|
page read and write
|
||
|
32D0000
|
heap
|
page execute and read and write
|
||
|
1C044000
|
heap
|
page read and write
|
||
|
1BC2B000
|
stack
|
page read and write
|
||
|
7FFD34810000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34826000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34674000
|
trusted library allocation
|
page read and write
|
||
|
C05000
|
heap
|
page read and write
|
||
|
7FFD34820000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34706000
|
trusted library allocation
|
page read and write
|
||
|
2C68000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34860000
|
trusted library allocation
|
page read and write
|
||
|
1B739000
|
heap
|
page read and write
|
||
|
12AFD000
|
trusted library allocation
|
page read and write
|
||
|
7FFD348B0000
|
trusted library allocation
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
1C0C0000
|
heap
|
page read and write
|
||
|
1C05F000
|
heap
|
page read and write
|
||
|
30A7000
|
trusted library allocation
|
page read and write
|
||
|
1116000
|
stack
|
page read and write
|
||
|
12ECD000
|
trusted library allocation
|
page read and write
|
||
|
2FF6000
|
trusted library allocation
|
page read and write
|
||
|
131DD000
|
trusted library allocation
|
page read and write
|
||
|
2B30000
|
heap
|
page execute and read and write
|
||
|
2C27000
|
trusted library allocation
|
page read and write
|
||
|
1B07D000
|
stack
|
page read and write
|
||
|
10DF000
|
heap
|
page read and write
|
||
|
1B65F000
|
stack
|
page read and write
|
||
|
7FFD34640000
|
trusted library allocation
|
page read and write
|
||
|
1BBB0000
|
heap
|
page read and write
|
||
|
12D6D000
|
trusted library allocation
|
page read and write
|
||
|
CD0000
|
trusted library allocation
|
page read and write
|
||
|
1B9CE000
|
stack
|
page read and write
|
||
|
F40000
|
heap
|
page read and write
|
||
|
1BCE8000
|
heap
|
page read and write
|
||
|
7FFD34801000
|
trusted library allocation
|
page read and write
|
||
|
532F67C000
|
stack
|
page read and write
|
||
|
1270E000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
7FFD34684000
|
trusted library allocation
|
page read and write
|
||
|
12AF1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD346AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD347FE000
|
trusted library allocation
|
page read and write
|
||
|
FA0000
|
heap
|
page read and write
|
||
|
2C29000
|
trusted library allocation
|
page read and write
|
||
|
1BC5D000
|
heap
|
page read and write
|
||
|
2C39000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34706000
|
trusted library allocation
|
page read and write
|
||
|
1BABE000
|
stack
|
page read and write
|
||
|
7FFD3468D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C58000
|
trusted library allocation
|
page read and write
|
||
|
1BF50000
|
heap
|
page read and write
|
||
|
DE5000
|
heap
|
page read and write
|
||
|
7FFD3466D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD3466B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD3468D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD3464D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34842000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3466D000
|
trusted library allocation
|
page execute and read and write
|
||
|
312B000
|
trusted library allocation
|
page read and write
|
||
|
1B1AE000
|
stack
|
page read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
1B850000
|
trusted library section
|
page read and write
|
||
|
2D30000
|
heap
|
page read and write
|
||
|
7FFD34683000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F0D000
|
trusted library allocation
|
page read and write
|
||
|
13CF000
|
stack
|
page read and write
|
||
|
7FFD34890000
|
trusted library allocation
|
page read and write
|
||
|
F15000
|
heap
|
page read and write
|
||
|
7FFD34720000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34840000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34870000
|
trusted library allocation
|
page read and write
|
||
|
12CE000
|
stack
|
page read and write
|
||
|
1220000
|
heap
|
page execute and read and write
|
||
|
7FFD347FE000
|
trusted library allocation
|
page read and write
|
||
|
12DF3000
|
trusted library allocation
|
page read and write
|
||
|
1BC6F000
|
heap
|
page read and write
|
||
|
7FFD34884000
|
trusted library allocation
|
page read and write
|
||
|
1260000
|
heap
|
page read and write
|
||
|
7FFD34746000
|
trusted library allocation
|
page execute and read and write
|
||
|
1526000
|
heap
|
page read and write
|
||
|
7FFD3466D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1563000
|
heap
|
page read and write
|
||
|
1B6C4000
|
stack
|
page read and write
|
||
|
29BD000
|
trusted library allocation
|
page read and write
|
||
|
1B71E000
|
stack
|
page read and write
|
||
|
1C57D000
|
stack
|
page read and write
|
||
|
D4D000
|
heap
|
page read and write
|
||
|
7FFD3467C000
|
trusted library allocation
|
page read and write
|
||
|
2EB0000
|
heap
|
page execute and read and write
|
||
|
11B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34670000
|
trusted library allocation
|
page read and write
|
||
|
1B7EE000
|
stack
|
page read and write
|
||
|
11F0000
|
heap
|
page read and write
|
||
|
7FFD348D0000
|
trusted library allocation
|
page read and write
|
||
|
1BC6B000
|
stack
|
page read and write
|
||
|
7FFD3467D000
|
trusted library allocation
|
page execute and read and write
|
||
|
E88000
|
heap
|
page read and write
|
||
|
126F8000
|
trusted library allocation
|
page read and write
|
||
|
1BCAB000
|
heap
|
page read and write
|
||
|
7FFD34650000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34823000
|
trusted library allocation
|
page read and write
|
||
|
1314000
|
heap
|
page read and write
|
||
|
1B2AE000
|
stack
|
page read and write
|
||
|
7FFD34680000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34881000
|
trusted library allocation
|
page read and write
|
||
|
1BFCF000
|
heap
|
page read and write
|
||
|
7FFD34730000
|
trusted library allocation
|
page execute and read and write
|
||
|
132E1000
|
trusted library allocation
|
page read and write
|
||
|
1B9D0000
|
heap
|
page read and write
|
||
|
1C200000
|
heap
|
page read and write
|
||
|
1B6EE000
|
heap
|
page read and write
|
||
|
273A000
|
trusted library allocation
|
page read and write
|
||
|
2A80000
|
heap
|
page execute and read and write
|
||
|
1B63E5B0000
|
heap
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
1BEC0000
|
heap
|
page read and write
|
||
|
7FFD34850000
|
trusted library allocation
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
7FFD34887000
|
trusted library allocation
|
page read and write
|
||
|
12B00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3469C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B890000
|
heap
|
page read and write
|
||
|
6F6000
|
stack
|
page read and write
|
||
|
2C10000
|
heap
|
page read and write
|
||
|
7FFD3468B000
|
trusted library allocation
|
page execute and read and write
|
||
|
25D0000
|
heap
|
page execute and read and write
|
||
|
7FFD3480C000
|
trusted library allocation
|
page read and write
|
||
|
CA0000
|
heap
|
page read and write
|
||
|
7FFD34850000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3469D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34674000
|
trusted library allocation
|
page read and write
|
||
|
129C000
|
heap
|
page read and write
|
||
|
D01000
|
heap
|
page read and write
|
||
|
AD3000
|
heap
|
page read and write
|
||
|
7FFD34736000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E5E000
|
stack
|
page read and write
|
||
|
1B7C3000
|
stack
|
page read and write
|
||
|
1BD6D000
|
heap
|
page read and write
|
||
|
1BA4E000
|
stack
|
page read and write
|
||
|
87C000
|
heap
|
page read and write
|
||
|
F10000
|
heap
|
page read and write
|
||
|
E86000
|
heap
|
page read and write
|
||
|
DF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34736000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B72F000
|
heap
|
page read and write
|
||
|
ED0000
|
heap
|
page read and write
|
||
|
10F6000
|
stack
|
page read and write
|
||
|
129FF000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34820000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34720000
|
trusted library allocation
|
page read and write
|
||
|
154E000
|
heap
|
page read and write
|
||
|
7FFD34790000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34697000
|
trusted library allocation
|
page read and write
|
||
|
1BCD4000
|
stack
|
page read and write
|
||
|
12BDD000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34831000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34813000
|
trusted library allocation
|
page read and write
|
||
|
1BDBB000
|
stack
|
page read and write
|
||
|
1B44F000
|
stack
|
page read and write
|
||
|
10BA000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
1BFA3000
|
heap
|
page read and write
|
||
|
1AF70000
|
trusted library allocation
|
page read and write
|
||
|
1298D000
|
trusted library allocation
|
page read and write
|
||
|
2CC0000
|
heap
|
page read and write
|
||
|
7FFD3472C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B3CE000
|
stack
|
page read and write
|
||
|
12ED1000
|
trusted library allocation
|
page read and write
|
||
|
2BE2000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34730000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34780000
|
trusted library allocation
|
page execute and read and write
|
||
|
123C000
|
heap
|
page read and write
|
||
|
7FFD3468C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34684000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34716000
|
trusted library allocation
|
page read and write
|
||
|
532F77E000
|
stack
|
page read and write
|
||
|
1015000
|
heap
|
page read and write
|
||
|
A6C000
|
heap
|
page read and write
|
||
|
7FFD346AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1465000
|
heap
|
page read and write
|
||
|
31A0000
|
heap
|
page read and write
|
||
|
CEC000
|
heap
|
page read and write
|
||
|
7FFD34850000
|
trusted library allocation
|
page read and write
|
||
|
1230000
|
heap
|
page read and write
|
||
|
1500000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34656000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34674000
|
trusted library allocation
|
page read and write
|
||
|
1B75C000
|
stack
|
page read and write
|
||
|
7FFD3484B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34766000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BD75000
|
heap
|
page read and write
|
||
|
7FFD3486A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3465D000
|
trusted library allocation
|
page execute and read and write
|
||
|
D94000
|
heap
|
page read and write
|
||
|
7FFD34790000
|
trusted library allocation
|
page execute and read and write
|
||
|
17EF000
|
stack
|
page read and write
|
||
|
1B550000
|
heap
|
page read and write
|
||
|
FA6000
|
heap
|
page read and write
|
||
|
1A9B0000
|
trusted library allocation
|
page read and write
|
||
|
1BDBE000
|
stack
|
page read and write
|
||
|
3097000
|
trusted library allocation
|
page read and write
|
||
|
1BE7D000
|
stack
|
page read and write
|
||
|
FDB000
|
heap
|
page read and write
|
||
|
1BC3E000
|
stack
|
page read and write
|
||
|
14C0000
|
heap
|
page read and write
|
||
|
11D0000
|
heap
|
page read and write
|
||
|
7FFD34670000
|
trusted library allocation
|
page read and write
|
||
|
12E9F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34736000
|
trusted library allocation
|
page execute and read and write
|
||
|
12E23000
|
trusted library allocation
|
page read and write
|
||
|
7FFD346AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1125000
|
heap
|
page read and write
|
||
|
2D60000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34830000
|
trusted library allocation
|
page read and write
|
||
|
1273000
|
heap
|
page read and write
|
||
|
130AB000
|
trusted library allocation
|
page read and write
|
||
|
1B310000
|
heap
|
page read and write
|
||
|
10D0000
|
heap
|
page read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
2C56000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34836000
|
trusted library allocation
|
page read and write
|
||
|
3051000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34674000
|
trusted library allocation
|
page read and write
|
||
|
29C4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34868000
|
trusted library allocation
|
page read and write
|
||
|
1170000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34890000
|
trusted library allocation
|
page read and write
|
||
|
C20000
|
heap
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
7FFD3481A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34900000
|
trusted library allocation
|
page read and write
|
||
|
1BFE0000
|
heap
|
page read and write
|
||
|
7FFD34838000
|
trusted library allocation
|
page read and write
|
||
|
14C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD346BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
BB0000
|
trusted library allocation
|
page read and write
|
||
|
1A9B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD348A0000
|
trusted library allocation
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
A9B000
|
heap
|
page read and write
|
||
|
12983000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34813000
|
trusted library allocation
|
page read and write
|
||
|
CC0000
|
heap
|
page read and write
|
||
|
1C7BF000
|
stack
|
page read and write
|
||
|
12E01000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3465D000
|
trusted library allocation
|
page execute and read and write
|
||
|
A30000
|
unkown
|
page readonly
|
||
|
7FFD34843000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34726000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34694000
|
trusted library allocation
|
page read and write
|
||
|
13283000
|
trusted library allocation
|
page read and write
|
||
|
7FFD348E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B310000
|
trusted library allocation
|
page read and write
|
||
|
1BE3D000
|
stack
|
page read and write
|
||
|
7FFD347FC000
|
trusted library allocation
|
page read and write
|
||
|
BE0000
|
heap
|
page read and write
|
||
|
1BCC5000
|
heap
|
page read and write
|
||
|
1290000
|
trusted library allocation
|
page read and write
|
||
|
7FFD347A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD3480C000
|
trusted library allocation
|
page read and write
|
||
|
1BCBA000
|
stack
|
page read and write
|
||
|
2716000
|
trusted library allocation
|
page read and write
|
||
|
110E000
|
heap
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
1220000
|
trusted library allocation
|
page read and write
|
||
|
118F000
|
heap
|
page read and write
|
||
|
1081000
|
heap
|
page read and write
|
||
|
152C000
|
heap
|
page read and write
|
||
|
7FFD34653000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F19000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3469B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD347FC000
|
trusted library allocation
|
page read and write
|
||
|
1410000
|
trusted library allocation
|
page read and write
|
||
|
A4F000
|
heap
|
page read and write
|
||
|
7FFD347EC000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34690000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34810000
|
trusted library allocation
|
page read and write
|
||
|
12745000
|
trusted library allocation
|
page read and write
|
||
|
1138000
|
heap
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
132E8000
|
trusted library allocation
|
page read and write
|
||
|
2FFC000
|
trusted library allocation
|
page read and write
|
||
|
986000
|
stack
|
page read and write
|
||
|
1B4ED000
|
stack
|
page read and write
|
||
|
7FFD34780000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD3481B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34880000
|
trusted library allocation
|
page read and write
|
||
|
277A000
|
trusted library allocation
|
page read and write
|
||
|
1B91E000
|
stack
|
page read and write
|
||
|
14E0000
|
heap
|
page read and write
|
||
|
2970000
|
heap
|
page execute and read and write
|
||
|
7FFD346CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34710000
|
trusted library allocation
|
page read and write
|
||
|
1B6E9000
|
heap
|
page read and write
|
||
|
12F6D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34680000
|
trusted library allocation
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
1C013000
|
heap
|
page read and write
|
||
|
1AF0D000
|
stack
|
page read and write
|
||
|
7FFD3482C000
|
trusted library allocation
|
page read and write
|
||
|
2F91000
|
trusted library allocation
|
page read and write
|
||
|
11C0000
|
heap
|
page read and write
|
||
|
317E000
|
stack
|
page read and write
|
||
|
105F000
|
heap
|
page read and write
|
||
|
7FFD346CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
29D1000
|
trusted library allocation
|
page read and write
|
||
|
D2A000
|
heap
|
page read and write
|
||
|
3050000
|
trusted library allocation
|
page read and write
|
||
|
F4F000
|
heap
|
page read and write
|
||
|
1551000
|
heap
|
page read and write
|
||
|
14C5000
|
heap
|
page read and write
|
||
|
7FFD34813000
|
trusted library allocation
|
page read and write
|
||
|
1BFD5000
|
heap
|
page read and write
|
||
|
1B9BE000
|
stack
|
page read and write
|
||
|
1B63E490000
|
heap
|
page read and write
|
||
|
1B90F000
|
stack
|
page read and write
|
||
|
F65000
|
heap
|
page read and write
|
||
|
7FFD34736000
|
trusted library allocation
|
page execute and read and write
|
||
|
E80000
|
heap
|
page read and write
|
||
|
7FFD34706000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34650000
|
trusted library allocation
|
page read and write
|
||
|
29C6000
|
trusted library allocation
|
page read and write
|
||
|
30D0000
|
trusted library allocation
|
page read and write
|
||
|
129FC000
|
trusted library allocation
|
page read and write
|
||
|
12857000
|
trusted library allocation
|
page read and write
|
||
|
1B23F000
|
stack
|
page read and write
|
||
|
F73000
|
heap
|
page read and write
|
||
|
12991000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34736000
|
trusted library allocation
|
page read and write
|
||
|
CE0000
|
heap
|
page read and write
|
||
|
26A0000
|
heap
|
page read and write
|
||
|
15B4000
|
heap
|
page read and write
|
||
|
1B7B0000
|
heap
|
page execute and read and write
|
||
|
7FFD34843000
|
trusted library allocation
|
page read and write
|
||
|
C00000
|
heap
|
page read and write
|
||
|
1BCBF000
|
stack
|
page read and write
|
||
|
1B843000
|
stack
|
page read and write
|
||
|
7FFD3473C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C5A000
|
trusted library allocation
|
page read and write
|
||
|
1B3A1000
|
stack
|
page read and write
|
||
|
1C78E000
|
stack
|
page read and write
|
||
|
7FFD3469D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F50000
|
heap
|
page execute and read and write
|
||
|
7FFD348D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3466C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3470C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34898000
|
trusted library allocation
|
page read and write
|
||
|
131B000
|
heap
|
page read and write
|
||
|
12F89000
|
trusted library allocation
|
page read and write
|
||
|
2F97000
|
trusted library allocation
|
page read and write
|
||
|
1BF1E000
|
stack
|
page read and write
|
||
|
7FFD34830000
|
trusted library allocation
|
page read and write
|
||
|
2680000
|
heap
|
page execute and read and write
|
||
|
2AEE000
|
stack
|
page read and write
|
||
|
10D8000
|
heap
|
page read and write
|
||
|
1B8CE000
|
stack
|
page read and write
|
||
|
1BA2E000
|
stack
|
page read and write
|
||
|
7FFD34837000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3481B000
|
trusted library allocation
|
page read and write
|
||
|
25E1000
|
trusted library allocation
|
page read and write
|
||
|
5F0000
|
heap
|
page read and write
|
||
|
790000
|
heap
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
7FFD34740000
|
trusted library allocation
|
page execute and read and write
|
||
|
12AFF000
|
trusted library allocation
|
page read and write
|
||
|
8A5000
|
heap
|
page read and write
|
||
|
10EE000
|
heap
|
page read and write
|
||
|
2C4D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34674000
|
trusted library allocation
|
page read and write
|
||
|
710000
|
heap
|
page read and write
|
||
|
2ED8000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
heap
|
page read and write
|
||
|
7FFD34841000
|
trusted library allocation
|
page read and write
|
||
|
12FBF000
|
trusted library allocation
|
page read and write
|
||
|
103A000
|
heap
|
page read and write
|
||
|
1BC95000
|
stack
|
page read and write
|
||
|
1740000
|
heap
|
page read and write
|
||
|
7FFD34726000
|
trusted library allocation
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
2F6F000
|
trusted library allocation
|
page read and write
|
||
|
1597000
|
heap
|
page read and write
|
||
|
115E000
|
stack
|
page read and write
|
||
|
7FFD34653000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD3482E000
|
trusted library allocation
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
1B5AB000
|
stack
|
page read and write
|
||
|
12DF8000
|
trusted library allocation
|
page read and write
|
||
|
1BD0D000
|
heap
|
page read and write
|
||
|
8EE000
|
heap
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
1266000
|
heap
|
page read and write
|
||
|
1AA5E000
|
stack
|
page read and write
|
||
|
A6E000
|
heap
|
page read and write
|
||
|
7FFD34840000
|
trusted library allocation
|
page read and write
|
||
|
1BDD3000
|
stack
|
page read and write
|
||
|
7FFD34810000
|
trusted library allocation
|
page read and write
|
||
|
E85000
|
heap
|
page read and write
|
||
|
7FFD34810000
|
trusted library allocation
|
page read and write
|
||
|
1B8B0000
|
heap
|
page execute and read and write
|
||
|
1B26F000
|
stack
|
page read and write
|
||
|
7FFD34683000
|
trusted library allocation
|
page read and write
|
||
|
9A0000
|
trusted library allocation
|
page read and write
|
||
|
12EC8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34800000
|
trusted library allocation
|
page read and write
|
||
|
11CE000
|
heap
|
page read and write
|
||
|
12D29000
|
trusted library allocation
|
page read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
7FFD347A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
131D7000
|
trusted library allocation
|
page read and write
|
||
|
1ADFD000
|
stack
|
page read and write
|
||
|
DF0000
|
heap
|
page read and write
|
||
|
7FFD34813000
|
trusted library allocation
|
page read and write
|
||
|
2DC0000
|
trusted library allocation
|
page read and write
|
||
|
1BB64000
|
stack
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
158D000
|
heap
|
page read and write
|
||
|
7FFD34690000
|
trusted library allocation
|
page read and write
|
||
|
27AE000
|
stack
|
page read and write
|
||
|
1271000
|
heap
|
page read and write
|
||
|
FC6000
|
heap
|
page read and write
|
||
|
1C01E000
|
stack
|
page read and write
|
||
|
159A000
|
heap
|
page read and write
|
||
|
7FFD34868000
|
trusted library allocation
|
page read and write
|
||
|
F55000
|
heap
|
page read and write
|
||
|
7FFD346A4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34840000
|
trusted library allocation
|
page read and write
|
||
|
1AE50000
|
trusted library allocation
|
page read and write
|
||
|
1740000
|
trusted library allocation
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
1AEF0000
|
trusted library allocation
|
page read and write
|
||
|
12DC000
|
heap
|
page read and write
|
||
|
12E61000
|
trusted library allocation
|
page read and write
|
||
|
1C68D000
|
stack
|
page read and write
|
||
|
7FFD34642000
|
trusted library allocation
|
page read and write
|
||
|
1B240000
|
heap
|
page execute and read and write
|
||
|
10F7000
|
heap
|
page read and write
|
||
|
7FFD34860000
|
trusted library allocation
|
page read and write
|
||
|
3167000
|
trusted library allocation
|
page read and write
|
||
|
12B6F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34883000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3468D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1150000
|
trusted library allocation
|
page read and write
|
||
|
3000000
|
trusted library allocation
|
page read and write
|
||
|
1C3FE000
|
stack
|
page read and write
|
||
|
12988000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3483B000
|
trusted library allocation
|
page read and write
|
||
|
2E1F000
|
stack
|
page read and write
|
||
|
7FFD348C0000
|
trusted library allocation
|
page read and write
|
||
|
2F84000
|
trusted library allocation
|
page read and write
|
||
|
D00000
|
heap
|
page read and write
|
||
|
7FFD34682000
|
trusted library allocation
|
page read and write
|
||
|
1490000
|
heap
|
page read and write
|
||
|
E25000
|
heap
|
page read and write
|
||
|
2810000
|
heap
|
page read and write
|
||
|
7FFD34898000
|
trusted library allocation
|
page read and write
|
||
|
D11000
|
heap
|
page read and write
|
||
|
8F0000
|
heap
|
page read and write
|
||
|
7FFD346BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
11E0000
|
trusted library allocation
|
page read and write
|
||
|
12903000
|
trusted library allocation
|
page read and write
|
||
|
1BA6E000
|
stack
|
page read and write
|
||
|
1B6E1000
|
heap
|
page read and write
|
||
|
7FFD34830000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34847000
|
trusted library allocation
|
page read and write
|
||
|
D2C000
|
heap
|
page read and write
|
||
|
2ECF000
|
stack
|
page read and write
|
||
|
7FFD346AC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1180000
|
trusted library allocation
|
page read and write
|
||
|
1285D000
|
trusted library allocation
|
page read and write
|
||
|
3390000
|
trusted library allocation
|
page read and write
|
||
|
1AF90000
|
trusted library allocation
|
page read and write
|
||
|
1B63E2D8000
|
heap
|
page read and write
|
||
|
12C0000
|
heap
|
page read and write
|
||
|
26D0000
|
trusted library allocation
|
page read and write
|
||
|
1560000
|
heap
|
page read and write
|
||
|
D94000
|
heap
|
page read and write
|
||
|
7FFD34850000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34706000
|
trusted library allocation
|
page read and write
|
||
|
980000
|
trusted library allocation
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
7FFD34716000
|
trusted library allocation
|
page read and write
|
||
|
1BD57000
|
heap
|
page read and write
|
||
|
7FFD34870000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34673000
|
trusted library allocation
|
page read and write
|
||
|
1BD3D000
|
stack
|
page read and write
|
||
|
1450000
|
heap
|
page read and write
|
||
|
135D6000
|
trusted library allocation
|
page read and write
|
||
|
12FD4000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3481B000
|
trusted library allocation
|
page read and write
|
||
|
12EC1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3467C000
|
trusted library allocation
|
page read and write
|
||
|
DD0000
|
heap
|
page read and write
|
||
|
7FFD34700000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34884000
|
trusted library allocation
|
page read and write
|
||
|
1BB9E000
|
stack
|
page read and write
|
||
|
7FFD3482A000
|
trusted library allocation
|
page read and write
|
||
|
1B99E000
|
stack
|
page read and write
|
||
|
7FFD348C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
111E000
|
stack
|
page read and write
|
||
|
7FFD34683000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34726000
|
trusted library allocation
|
page read and write
|
||
|
12E3000
|
heap
|
page read and write
|
||
|
128A3000
|
trusted library allocation
|
page read and write
|
||
|
1B4CE000
|
stack
|
page read and write
|
||
|
A56000
|
heap
|
page read and write
|
||
|
2D0E000
|
stack
|
page read and write
|
||
|
7FFD348D0000
|
trusted library allocation
|
page read and write
|
||
|
1B700000
|
heap
|
page read and write
|
||
|
132F1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34720000
|
trusted library allocation
|
page read and write
|
||
|
E0F000
|
stack
|
page read and write
|
||
|
AF6000
|
stack
|
page read and write
|
||
|
132E3000
|
trusted library allocation
|
page read and write
|
||
|
157E000
|
stack
|
page read and write
|
||
|
B60000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34694000
|
trusted library allocation
|
page read and write
|
||
|
12E3000
|
heap
|
page read and write
|
||
|
1B921000
|
stack
|
page read and write
|
||
|
1298D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3467D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD346A0000
|
trusted library allocation
|
page read and write
|
||
|
1C08B000
|
heap
|
page read and write
|
||
|
F36000
|
heap
|
page read and write
|
||
|
7FFD34644000
|
trusted library allocation
|
page read and write
|
||
|
7B0000
|
heap
|
page read and write
|
||
|
7FFD34680000
|
trusted library allocation
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
28DE000
|
trusted library allocation
|
page read and write
|
||
|
1BFB8000
|
heap
|
page read and write
|
||
|
CE6000
|
heap
|
page read and write
|
||
|
7FFD34657000
|
trusted library allocation
|
page read and write
|
||
|
1B4CD000
|
stack
|
page read and write
|
||
|
8A3000
|
heap
|
page read and write
|
||
|
7FFD3483B000
|
trusted library allocation
|
page read and write
|
||
|
1B830000
|
trusted library section
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
7FFD3467D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2DC0000
|
heap
|
page read and write
|
||
|
1B64E000
|
stack
|
page read and write
|
||
|
D50000
|
heap
|
page read and write
|
||
|
7FFD34840000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34770000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BD12000
|
stack
|
page read and write
|
||
|
1325000
|
heap
|
page read and write
|
||
|
7FFD34670000
|
trusted library allocation
|
page read and write
|
||
|
1245000
|
heap
|
page read and write
|
||
|
12F51000
|
trusted library allocation
|
page read and write
|
||
|
7FFD348E0000
|
trusted library allocation
|
page read and write
|
||
|
1AC6D000
|
stack
|
page read and write
|
||
|
7FFD34863000
|
trusted library allocation
|
page read and write
|
||
|
125C000
|
heap
|
page read and write
|
||
|
7FFD34684000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34770000
|
trusted library allocation
|
page execute and read and write
|
||
|
CCC000
|
heap
|
page read and write
|
||
|
1B9BE000
|
stack
|
page read and write
|
||
|
1C1BE000
|
stack
|
page read and write
|
||
|
2CBD000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34806000
|
trusted library allocation
|
page read and write
|
||
|
12F3F000
|
trusted library allocation
|
page read and write
|
||
|
A61000
|
heap
|
page read and write
|
||
|
2BA9000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34673000
|
trusted library allocation
|
page read and write
|
||
|
2CA9000
|
trusted library allocation
|
page read and write
|
||
|
1309D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34801000
|
trusted library allocation
|
page read and write
|
||
|
1C38E000
|
stack
|
page read and write
|
||
|
7FFD34736000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34860000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34654000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34780000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD3481C000
|
trusted library allocation
|
page read and write
|
||
|
F50000
|
heap
|
page read and write
|
||
|
E28000
|
heap
|
page read and write
|
||
|
11AE000
|
heap
|
page read and write
|
||
|
1BFBC000
|
heap
|
page read and write
|
||
|
7FFD34667000
|
trusted library allocation
|
page read and write
|
||
|
12A0000
|
heap
|
page read and write
|
||
|
2724000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3467D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD346A4000
|
trusted library allocation
|
page read and write
|
||
|
1BF6B000
|
heap
|
page read and write
|
||
|
7FFD34687000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3469C000
|
trusted library allocation
|
page read and write
|
||
|
1A610000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34784000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD3467D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34810000
|
trusted library allocation
|
page read and write
|
||
|
12654000
|
trusted library allocation
|
page read and write
|
||
|
1B82E000
|
stack
|
page read and write
|
||
|
1A8D0000
|
trusted library allocation
|
page read and write
|
||
|
126CD000
|
trusted library allocation
|
page read and write
|
||
|
254E000
|
stack
|
page read and write
|
||
|
1297F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34662000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34770000
|
trusted library allocation
|
page execute and read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
7FFD34653000
|
trusted library allocation
|
page execute and read and write
|
||
|
128B1000
|
trusted library allocation
|
page read and write
|
||
|
11D5000
|
heap
|
page read and write
|
||
|
2F84000
|
trusted library allocation
|
page read and write
|
||
|
1C050000
|
heap
|
page read and write
|
||
|
7FFD3478D000
|
trusted library allocation
|
page execute and read and write
|
||
|
13382000
|
trusted library allocation
|
page read and write
|
||
|
1C9AC000
|
stack
|
page read and write
|
||
|
7FFD3466C000
|
trusted library allocation
|
page read and write
|
||
|
1B3AE000
|
stack
|
page read and write
|
||
|
10FB000
|
heap
|
page read and write
|
||
|
30C2000
|
trusted library allocation
|
page read and write
|
||
|
10BE000
|
heap
|
page read and write
|
||
|
332F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34794000
|
trusted library allocation
|
page execute and read and write
|
||
|
12A1000
|
heap
|
page read and write
|
||
|
7FFD3467D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C066000
|
heap
|
page read and write
|
||
|
1B9D0000
|
heap
|
page read and write
|
||
|
7FFD347E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34663000
|
trusted library allocation
|
page execute and read and write
|
||
|
12988000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34820000
|
trusted library allocation
|
page read and write
|
||
|
1B8FD000
|
stack
|
page read and write
|
||
|
1BEC0000
|
heap
|
page read and write
|
||
|
7FFD348B4000
|
trusted library allocation
|
page read and write
|
||
|
1265F000
|
trusted library allocation
|
page read and write
|
||
|
1C0BF000
|
stack
|
page read and write
|
||
|
10CF000
|
stack
|
page read and write
|
||
|
132ED000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3466D000
|
trusted library allocation
|
page execute and read and write
|
||
|
12F41000
|
trusted library allocation
|
page read and write
|
||
|
F5B000
|
heap
|
page read and write
|
||
|
7FFD34653000
|
trusted library allocation
|
page read and write
|
||
|
108C000
|
heap
|
page read and write
|
||
|
1B860000
|
heap
|
page read and write
|
||
|
C9E000
|
stack
|
page read and write
|
||
|
1440000
|
heap
|
page read and write
|
||
|
2C54000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34820000
|
trusted library allocation
|
page read and write
|
||
|
1745000
|
heap
|
page read and write
|
||
|
1B5CE000
|
stack
|
page read and write
|
||
|
7FFD34801000
|
trusted library allocation
|
page read and write
|
||
|
1BABF000
|
stack
|
page read and write
|
||
|
2D1F000
|
stack
|
page read and write
|
||
|
10B8000
|
heap
|
page read and write
|
||
|
1AE20000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34693000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34830000
|
trusted library allocation
|
page read and write
|
||
|
12E2D000
|
trusted library allocation
|
page read and write
|
||
|
1320000
|
heap
|
page read and write
|
||
|
1B63E2C9000
|
heap
|
page read and write
|
||
|
C60000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34813000
|
trusted library allocation
|
page read and write
|
||
|
1BEBB000
|
stack
|
page read and write
|
||
|
1BD2F000
|
heap
|
page read and write
|
||
|
1255000
|
heap
|
page read and write
|
||
|
14E0000
|
trusted library allocation
|
page read and write
|
||
|
C50000
|
heap
|
page execute and read and write
|
||
|
1470000
|
heap
|
page read and write
|
||
|
7FFD34660000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3465D000
|
trusted library allocation
|
page execute and read and write
|
||
|
13151000
|
trusted library allocation
|
page read and write
|
||
|
CCF000
|
stack
|
page read and write
|
||
|
105F000
|
stack
|
page read and write
|
||
|
17D0000
|
heap
|
page read and write
|
||
|
128A1000
|
trusted library allocation
|
page read and write
|
||
|
1AB20000
|
trusted library allocation
|
page read and write
|
||
|
1B63E2B0000
|
heap
|
page read and write
|
||
|
1B9C0000
|
heap
|
page execute and read and write
|
||
|
30FF000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34880000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3489A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD348C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD3465D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1490000
|
heap
|
page read and write
|
||
|
7FFD34683000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C50000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34840000
|
trusted library allocation
|
page read and write
|
||
|
1B84F000
|
stack
|
page read and write
|
||
|
1B6B1000
|
heap
|
page read and write
|
||
|
7F0000
|
heap
|
page read and write
|
||
|
D0B000
|
heap
|
page read and write
|
||
|
2D50000
|
heap
|
page execute and read and write
|
||
|
CA5000
|
heap
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
1BD52000
|
heap
|
page read and write
|
||
|
7FFD346FC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34736000
|
trusted library allocation
|
page read and write
|
||
|
1B92F000
|
stack
|
page read and write
|
||
|
7FFD347FB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34654000
|
trusted library allocation
|
page read and write
|
||
|
1310000
|
heap
|
page read and write
|
||
|
7FFD348F0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD348A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
301A000
|
trusted library allocation
|
page read and write
|
||
|
1188000
|
heap
|
page read and write
|
||
|
2DE0000
|
heap
|
page execute and read and write
|
||
|
1445000
|
heap
|
page read and write
|
||
|
14CF000
|
stack
|
page read and write
|
||
|
2FF9000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34667000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3465C000
|
trusted library allocation
|
page read and write
|
||
|
1BADE000
|
stack
|
page read and write
|
||
|
12819000
|
trusted library allocation
|
page read and write
|
||
|
7FFD347FE000
|
trusted library allocation
|
page read and write
|
||
|
1B41F000
|
stack
|
page read and write
|
||
|
1250000
|
trusted library allocation
|
page read and write
|
||
|
1430000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34833000
|
trusted library allocation
|
page read and write
|
||
|
1BCF4000
|
heap
|
page read and write
|
||
|
2F86000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34760000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD3469D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34664000
|
trusted library allocation
|
page read and write
|
||
|
1240000
|
heap
|
page read and write
|
||
|
1C67E000
|
stack
|
page read and write
|
||
|
7FFD34817000
|
trusted library allocation
|
page read and write
|
||
|
7FFD348B0000
|
trusted library allocation
|
page read and write
|
||
|
1BBDF000
|
stack
|
page read and write
|
||
|
12A79000
|
trusted library allocation
|
page read and write
|
||
|
1BD80000
|
heap
|
page read and write
|
||
|
17A0000
|
heap
|
page execute and read and write
|
||
|
1BFF1000
|
heap
|
page read and write
|
||
|
3116000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3486D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3469C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34806000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34858000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
2D40000
|
trusted library section
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
12FDF000
|
trusted library allocation
|
page read and write
|
||
|
1260000
|
trusted library allocation
|
page read and write
|
||
|
11C5000
|
heap
|
page read and write
|
||
|
12F43000
|
trusted library allocation
|
page read and write
|
||
|
1C076000
|
heap
|
page read and write
|
||
|
7FFD348B3000
|
trusted library allocation
|
page read and write
|
||
|
E20000
|
heap
|
page read and write
|
||
|
C80000
|
trusted library allocation
|
page read and write
|
||
|
7FFD347F0000
|
trusted library allocation
|
page read and write
|
||
|
1B744000
|
stack
|
page read and write
|
||
|
7FFD34730000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34673000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BD63000
|
stack
|
page read and write
|
||
|
7FFD34831000
|
trusted library allocation
|
page read and write
|
||
|
7FFD346AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34833000
|
trusted library allocation
|
page read and write
|
||
|
1245000
|
heap
|
page read and write
|
||
|
1170000
|
heap
|
page execute and read and write
|
||
|
866000
|
heap
|
page read and write
|
||
|
1236000
|
heap
|
page read and write
|
||
|
29C6000
|
trusted library allocation
|
page read and write
|
||
|
D99000
|
heap
|
page read and write
|
||
|
7FFD34676000
|
trusted library allocation
|
page read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
2D6F000
|
stack
|
page read and write
|
||
|
7FFD34910000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34710000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD3466D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BE6E000
|
stack
|
page read and write
|
||
|
1007000
|
heap
|
page read and write
|
||
|
158F000
|
heap
|
page read and write
|
||
|
7FFD3483E000
|
trusted library allocation
|
page read and write
|
||
|
D97000
|
heap
|
page read and write
|
||
|
2EA0000
|
trusted library allocation
|
page read and write
|
||
|
1B63E4B0000
|
heap
|
page read and write
|
||
|
7FFD347F0000
|
trusted library allocation
|
page read and write
|
||
|
1BF66000
|
heap
|
page read and write
|
||
|
2D30000
|
heap
|
page execute and read and write
|
||
|
1BCA1000
|
heap
|
page read and write
|
||
|
7FFD34850000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34710000
|
trusted library allocation
|
page execute and read and write
|
||
|
30BB000
|
trusted library allocation
|
page read and write
|
||
|
30BE000
|
trusted library allocation
|
page read and write
|
||
|
1B33D000
|
stack
|
page read and write
|
||
|
2791000
|
trusted library allocation
|
page read and write
|
||
|
294F000
|
trusted library allocation
|
page read and write
|
||
|
1C47E000
|
stack
|
page read and write
|
||
|
7FFD3465D000
|
trusted library allocation
|
page execute and read and write
|
||
|
F30000
|
heap
|
page read and write
|
||
|
12981000
|
trusted library allocation
|
page read and write
|
||
|
1B54F000
|
stack
|
page read and write
|
||
|
7FFD348B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD3468C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34670000
|
trusted library allocation
|
page read and write
|
||
|
A97000
|
heap
|
page read and write
|
||
|
7FFD34811000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34654000
|
trusted library allocation
|
page read and write
|
||
|
1C02F000
|
heap
|
page read and write
|
||
|
1C1FE000
|
stack
|
page read and write
|
||
|
7FFD348C0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34830000
|
trusted library allocation
|
page read and write
|
||
|
1BB93000
|
stack
|
page read and write
|
||
|
7FFD34693000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34700000
|
trusted library allocation
|
page execute and read and write
|
||
|
276E000
|
trusted library allocation
|
page read and write
|
||
|
12E68000
|
trusted library allocation
|
page read and write
|
||
|
280F000
|
stack
|
page read and write
|
||
|
7FFD34686000
|
trusted library allocation
|
page read and write
|
||
|
12D67000
|
trusted library allocation
|
page read and write
|
||
|
1460000
|
heap
|
page read and write
|
||
|
7FFD348B7000
|
trusted library allocation
|
page read and write
|
||
|
1BEFD000
|
stack
|
page read and write
|
||
|
1B96F000
|
stack
|
page read and write
|
||
|
18DE000
|
stack
|
page read and write
|
||
|
CF6000
|
stack
|
page read and write
|
||
|
7FFD3466C000
|
trusted library allocation
|
page read and write
|
||
|
12E13000
|
trusted library allocation
|
page read and write
|
||
|
810000
|
heap
|
page read and write
|
||
|
1BEBE000
|
stack
|
page read and write
|
||
|
7FFD34784000
|
trusted library allocation
|
page execute and read and write
|
||
|
2726000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34770000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C77D000
|
stack
|
page read and write
|
||
|
1280000
|
heap
|
page read and write
|
||
|
7FFD34730000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD3480E000
|
trusted library allocation
|
page read and write
|
||
|
760000
|
heap
|
page read and write
|
||
|
1BA10000
|
heap
|
page read and write
|
||
|
7FFD34800000
|
trusted library allocation
|
page read and write
|
||
|
1BEDE000
|
stack
|
page read and write
|
||
|
7FFD34663000
|
trusted library allocation
|
page read and write
|
||
|
147E000
|
stack
|
page read and write
|
||
|
7FFD34780000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B94E000
|
stack
|
page read and write
|
||
|
1B4AE000
|
stack
|
page read and write
|
||
|
DBD000
|
heap
|
page read and write
|
||
|
7FFD3467B000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD3482C000
|
trusted library allocation
|
page read and write
|
||
|
7FFD34780000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD34700000
|
trusted library allocation
|
page read and write
|
There are 1167 hidden memdumps, click here to show them.