Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
dmhu7oz5yP.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\Windows NT\Accessories\en-GB\upfc.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files (x86)\Windows NT\Accessories\en-GB\upfc.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Program Files\Windows NT\TableTextService\en-US\fontdrvhost.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Program Files\Windows NT\TableTextService\en-US\fontdrvhost.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Recovery\jnTUlYyDyuybgXdgxhTkT.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Recovery\jnTUlYyDyuybgXdgxhTkT.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\Default\RuntimeBroker.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\Default\RuntimeBroker.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\Public\Libraries\RuntimeBroker.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\dmhu7oz5yP.exe.log
|
CSV text
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\ZBWGzntvdU.bat
|
DOS batch file, ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Windows\Help\OEM\ContentStore\jnTUlYyDyuybgXdgxhTkT.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Media\WinStore.App.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Media\WinStore.App.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Windows\Migration\WTR\jnTUlYyDyuybgXdgxhTkT.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SoftwareDistribution\jnTUlYyDyuybgXdgxhTkT.exe
|
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
|
dropped
|
|
|
|
C:\Windows\SoftwareDistribution\jnTUlYyDyuybgXdgxhTkT.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Program Files (x86)\Windows NT\Accessories\en-GB\ea1d8f6d871115
|
ASCII text, with very long lines (530), with no line terminators
|
dropped
|
||
|
C:\Program Files\Windows NT\TableTextService\en-US\5b884080fd4f94
|
ASCII text, with very long lines (790), with no line terminators
|
dropped
|
||
|
C:\Recovery\7bcc3440f42388
|
ASCII text, with very long lines (578), with no line terminators
|
dropped
|
||
|
C:\Users\Default\9e8d7a4ca61bd9
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\Public\Libraries\9e8d7a4ca61bd9
|
ASCII text, with very long lines (508), with no line terminators
|
dropped
|
||
|
C:\Users\Public\Libraries\RuntimeBroker.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\RuntimeBroker.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\fontdrvhost.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\jnTUlYyDyuybgXdgxhTkT.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\upfc.exe.log
|
CSV text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\YswW7Dcfvg
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\Help\OEM\ContentStore\7bcc3440f42388
|
ASCII text, with very long lines (914), with no line terminators
|
dropped
|
||
|
C:\Windows\Help\OEM\ContentStore\jnTUlYyDyuybgXdgxhTkT.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Media\fd168b19609dff
|
ASCII text, with very long lines (590), with no line terminators
|
dropped
|
||
|
C:\Windows\Migration\WTR\7bcc3440f42388
|
ASCII text, with very long lines (670), with no line terminators
|
dropped
|
||
|
C:\Windows\Migration\WTR\jnTUlYyDyuybgXdgxhTkT.exe:Zone.Identifier
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\SoftwareDistribution\7bcc3440f42388
|
ASCII text, with very long lines (960), with no line terminators
|
dropped
|
||
|
\Device\Null
|
ASCII text
|
dropped
|
There are 26 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\dmhu7oz5yP.exe
|
"C:\Users\user\Desktop\dmhu7oz5yP.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "fontdrvhostf" /sc MINUTE /mo 8 /tr "'C:\Program Files\Windows NT\TableTextService\en-US\fontdrvhost.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "fontdrvhost" /sc ONLOGON /tr "'C:\Program Files\Windows NT\TableTextService\en-US\fontdrvhost.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "fontdrvhostf" /sc MINUTE /mo 9 /tr "'C:\Program Files\Windows NT\TableTextService\en-US\fontdrvhost.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "jnTUlYyDyuybgXdgxhTkTj" /sc MINUTE /mo 6 /tr "'C:\Recovery\jnTUlYyDyuybgXdgxhTkT.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "jnTUlYyDyuybgXdgxhTkT" /sc ONLOGON /tr "'C:\Recovery\jnTUlYyDyuybgXdgxhTkT.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "jnTUlYyDyuybgXdgxhTkTj" /sc MINUTE /mo 12 /tr "'C:\Recovery\jnTUlYyDyuybgXdgxhTkT.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "jnTUlYyDyuybgXdgxhTkTj" /sc MINUTE /mo 6 /tr "'C:\Windows\SoftwareDistribution\jnTUlYyDyuybgXdgxhTkT.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "jnTUlYyDyuybgXdgxhTkT" /sc ONLOGON /tr "'C:\Windows\SoftwareDistribution\jnTUlYyDyuybgXdgxhTkT.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "jnTUlYyDyuybgXdgxhTkTj" /sc MINUTE /mo 6 /tr "'C:\Windows\SoftwareDistribution\jnTUlYyDyuybgXdgxhTkT.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "RuntimeBrokerR" /sc MINUTE /mo 14 /tr "'C:\Users\Default User\RuntimeBroker.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "RuntimeBroker" /sc ONLOGON /tr "'C:\Users\Default User\RuntimeBroker.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "RuntimeBrokerR" /sc MINUTE /mo 10 /tr "'C:\Users\Default User\RuntimeBroker.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "RuntimeBrokerR" /sc MINUTE /mo 11 /tr "'C:\Users\Public\Libraries\RuntimeBroker.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "RuntimeBroker" /sc ONLOGON /tr "'C:\Users\Public\Libraries\RuntimeBroker.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "RuntimeBrokerR" /sc MINUTE /mo 9 /tr "'C:\Users\Public\Libraries\RuntimeBroker.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Program Files\Windows NT\TableTextService\en-US\fontdrvhost.exe
|
"C:\Program Files\Windows NT\TableTextService\en-US\fontdrvhost.exe"
|
|
|
|
C:\Program Files\Windows NT\TableTextService\en-US\fontdrvhost.exe
|
"C:\Program Files\Windows NT\TableTextService\en-US\fontdrvhost.exe"
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "upfcu" /sc MINUTE /mo 7 /tr "'C:\Program Files (x86)\windows nt\Accessories\en-GB\upfc.exe'" /f
|
|
|
|
C:\Windows\SoftwareDistribution\jnTUlYyDyuybgXdgxhTkT.exe
|
C:\Windows\SoftwareDistribution\jnTUlYyDyuybgXdgxhTkT.exe
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "upfc" /sc ONLOGON /tr "'C:\Program Files (x86)\windows nt\Accessories\en-GB\upfc.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\SoftwareDistribution\jnTUlYyDyuybgXdgxhTkT.exe
|
C:\Windows\SoftwareDistribution\jnTUlYyDyuybgXdgxhTkT.exe
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "upfcu" /sc MINUTE /mo 7 /tr "'C:\Program Files (x86)\windows nt\Accessories\en-GB\upfc.exe'" /rl
HIGHEST /f
|
|
|
|
C:\Users\Public\Libraries\RuntimeBroker.exe
|
C:\Users\Public\Libraries\RuntimeBroker.exe
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "jnTUlYyDyuybgXdgxhTkTj" /sc MINUTE /mo 11 /tr "'C:\Recovery\jnTUlYyDyuybgXdgxhTkT.exe'" /f
|
|
|
|
C:\Users\Public\Libraries\RuntimeBroker.exe
|
C:\Users\Public\Libraries\RuntimeBroker.exe
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "jnTUlYyDyuybgXdgxhTkT" /sc ONLOGON /tr "'C:\Recovery\jnTUlYyDyuybgXdgxhTkT.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "jnTUlYyDyuybgXdgxhTkTj" /sc MINUTE /mo 11 /tr "'C:\Recovery\jnTUlYyDyuybgXdgxhTkT.exe'" /rl HIGHEST
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "jnTUlYyDyuybgXdgxhTkTj" /sc MINUTE /mo 13 /tr "'C:\Windows\Help\OEM\ContentStore\jnTUlYyDyuybgXdgxhTkT.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "jnTUlYyDyuybgXdgxhTkT" /sc ONLOGON /tr "'C:\Windows\Help\OEM\ContentStore\jnTUlYyDyuybgXdgxhTkT.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "jnTUlYyDyuybgXdgxhTkTj" /sc MINUTE /mo 12 /tr "'C:\Windows\Help\OEM\ContentStore\jnTUlYyDyuybgXdgxhTkT.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "jnTUlYyDyuybgXdgxhTkTj" /sc MINUTE /mo 9 /tr "'C:\Windows\Migration\WTR\jnTUlYyDyuybgXdgxhTkT.exe'"
/f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "jnTUlYyDyuybgXdgxhTkT" /sc ONLOGON /tr "'C:\Windows\Migration\WTR\jnTUlYyDyuybgXdgxhTkT.exe'" /rl
HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "jnTUlYyDyuybgXdgxhTkTj" /sc MINUTE /mo 13 /tr "'C:\Windows\Migration\WTR\jnTUlYyDyuybgXdgxhTkT.exe'"
/rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "WinStore.AppW" /sc MINUTE /mo 6 /tr "'C:\Windows\Media\WinStore.App.exe'" /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "WinStore.App" /sc ONLOGON /tr "'C:\Windows\Media\WinStore.App.exe'" /rl HIGHEST /f
|
|
|
|
C:\Windows\System32\schtasks.exe
|
schtasks.exe /create /tn "WinStore.AppW" /sc MINUTE /mo 10 /tr "'C:\Windows\Media\WinStore.App.exe'" /rl HIGHEST /f
|
|
|
|
C:\Program Files (x86)\Windows NT\Accessories\en-GB\upfc.exe
|
"C:\Program Files (x86)\windows nt\Accessories\en-GB\upfc.exe"
|
|
|
|
C:\Program Files (x86)\Windows NT\Accessories\en-GB\upfc.exe
|
"C:\Program Files (x86)\windows nt\Accessories\en-GB\upfc.exe"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /C "C:\Users\user\AppData\Local\Temp\ZBWGzntvdU.bat"
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\w32tm.exe
|
w32tm /stripchart /computer:localhost /period:5 /dataonly /samples:2
|
There are 32 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
http://mioww.uebki.one/L1nc0In.php?LCTkyAhxuXJBDwmHP=RoIClfDarmNAWQEsEcAxbfeAz&AD=C45cXmCXIbxhYS4ktB27U&KGcUwJINkf9vpsRi9oBV5BN=CNkaF9HGT&79bfb28a16afb84a575d312c4453c517=f06eb19c95e712422ee4c585262cca64&5690ae1271d74814e0008b34a8c960fd=gY5QWY2UGO4EzYkRDO3MWO5YzYmRmY4YmYiJGO3cjZwMWY2I2YkJTY&LCTkyAhxuXJBDwmHP=RoIClfDarmNAWQEsEcAxbfeAz&AD=C45cXmCXIbxhYS4ktB27U&KGcUwJINkf9vpsRi9oBV5BN=CNkaF9HGT
|
188.114.97.3
|
|
|
|
http://mioww.uebki.one/@==gbJBzYuFDT
|
|
||
|
http://mioww.uebki.one/L1nc0In.php?QsfKvOP=TXQgCyjYJFryhCsJ4&90d447cfe691122545c39016b7ab78f9=4E2NmZDZlJDM2YWOkFTOzADOlRmZyIjNlJ2YkNjYlNTNzUWOyEGZmVTM0IzN3ETN1QTO1UTN&5690ae1271d74814e0008b34a8c960fd=wM1EDMzY2MzkDNmR2NhBDZyAzN2kTOyAzY5gDN4YDZiV2N5MmYlZTY&639581f8a680a8ebd5b9e74972d1a43d=d1nI5cjYhJzNiZDM4YGMyImM4EGMjNzY5MmYxQWOwQjMmhTNwUTNkdjM0IiOiETMiRDZkNjZiFjYzgDNwUzM3cTYxQTYkR2M1QTOyUWYiwiI1ADOlVDMwIGOmNWM1EDZwETOkJzM4EWOzImMjlDZ5IWY0IzNiFWYyIiOiUTOkR2MhBjN1IWZykDZ4IzMhlDZwAjZyYmZyUzN4M2Yis3W&84ccbc5ddc4286bb9be5ede77b20cbca=0VfiIiOiQ2YyQ2MmNzYzMmZ4czM5gTY1QWZhJDNkhTMzMTNmNmYiwiI5cjYhJzNiZDM4YGMyImM4EGMjNzY5MmYxQWOwQjMmhTNwUTNkdjM0IiOiETMiRDZkNjZiFjYzgDNwUzM3cTYxQTYkR2M1QTOyUWYiwiI1ADOlVDMwIGOmNWM1EDZwETOkJzM4EWOzImMjlDZ5IWY0IzNiFWYyIiOiUTOkR2MhBjN1IWZykDZ4IzMhlDZwAjZyYmZyUzN4M2YisHL9JCMY5kNJNEZxkzVaRHbHZ1dWdlWz5EbJNXS5pVdsd0YsZ1RiRlSp9UaNhFZwY0RkRFbIRGcahVYw40VRl2dplUeWJjWoVzVZ5kQTJGaKNjW2pESVl2bql0M5ckW1xmMWVlTVFVa3lWSPpUaPlGMXllaKdlWY5EWhl2dplkWKl2TpVVbiZHaHNmdKNTWwFDMjBnSDxUarlmYzkTbiJXNXZ1bBlmYzkTbiJXNXZVavpWSsFzVZ9kVGVFRKNETptWaiNTOtJmc1clVvFUaiNTOtJmc1clVp9maJxWMXl1TWZUVIp0QMl2aslkNJlmYwFzRaJkTYFWa3lWSp9maJhkRFZVa3lWSwwWbRdWUq50ZVJzYwpESjlnVHRWdWVUS3VERJpHZzI2a1cVYYpUaPlWSYp1V1cVYYp0QMljS5FWe5c1VmRGWa9UOTllas12YsFzVRl2bqlEb1IjY2Y1ViBnUul0cJNUT3FERNdXQqlkNJNkYoJ1MjZnQul0cJl3YsJFWZBjTGl0aWdEZwVzVWdGMDl0aWdVYtxmMZxmQzM2ZRNjYPpUaPl2YtNmdKNETpdmaOdXQqxEMjRFTz1kaNh3Yqx0dRpWS2kUeZZHetl0cJlXVWpUaPl2auNGM1cFZ25UbJNXS5FWe5c1VnNGWa9kSp9Ua0IjYwR2ValnSDxUaz12Y2xmRJNjVtRVavpWS1IFWhpmSDxUaNpXT11kaNhHNp5EM0M0Tp9maJdHbtl0NwpWS2pVbipkQYNVa3lWS6ZVbiZHctlkNJNlW0ZUbUlnVyMmVKNETp1keNFTWq1UeJl2TpV1VihWNwEVUKNETplkeNVXVqxEMJl2TplEWadlSYplMKhlWUp0QMlWT5FVavpWSsJEWlVlSYplMKhlWUpUelJiOiQ2YyQ2MmNzYzMmZ4czM5gTY1QWZhJDNkhTMzMTNmNmYiwiI4MjZkJzNyIGNmBTYiNjNjRDZ3cjYkFGN3QTYllTYzUWOiFDZhF2YjJiOiETMiRDZkNjZiFjYzgDNwUzM3cTYxQTYkR2M1QTOyUWYiwiI1ADOlVDMwIGOmNWM1EDZwETOkJzM4EWOzImMjlDZ5IWY0IzNiFWYyIiOiUTOkR2MhBjN1IWZykDZ4IzMhlDZwAjZyYmZyUzN4M2Yis3W
|
188.114.97.3
|
|
|
|
http://mioww.uebki.one/
|
unknown
|
|
|
|
http://mioww.uebki.one/L1nc0In.php?QsfKvOP=TXQgCyjYJFryhCsJ4&90d447cfe691122545c39016b7ab78f9=4E2NmZDZlJDM2YWOkFTOzADOlRmZyIjNlJ2YkNjYlNTNzUWOyEGZmVTM0IzN3ETN1QTO1UTN&5690ae1271d74814e0008b34a8c960fd=wM1EDMzY2MzkDNmR2NhBDZyAzN2kTOyAzY5gDN4YDZiV2N5MmYlZTY
|
188.114.97.3
|
|
|
|
http://mioww.uebki.one
|
unknown
|
|
|
|
http://mioww.uH
|
unknown
|
||
|
http://mioww.uHrF
|
unknown
|
||
|
http://mioww.uebki.one/L1nc0In.php?QsfKvOP=TXQgCyjYJFryhCsJ4&90d447cfe691122545c39016b7ab78f9=4E2NmZ
|
unknown
|
||
|
http://mioww.uebki.oneesda
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://mioww.uebki.one/L1nc0In.php?LCTkyAhxuXJBDwmHP=RoIClfDarmNAWQEsEcAxbfeAz&AD=C45cXmCXIbxhYS4ktB
|
unknown
|
There are 2 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
mioww.uebki.one
|
188.114.97.3
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
188.114.97.3
|
mioww.uebki.one
|
European Union
|
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\c4d28060f6ae749defc036568471132952b2bfd1
|
192f74819ef060d8623a020a13c757afbcbceb65
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
LangID
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\cmd.exe.FriendlyAppName
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
|
C:\Windows\System32\cmd.exe.ApplicationCompany
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\jnTUlYyDyuybgXdgxhTkT_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\jnTUlYyDyuybgXdgxhTkT_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\jnTUlYyDyuybgXdgxhTkT_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\jnTUlYyDyuybgXdgxhTkT_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\jnTUlYyDyuybgXdgxhTkT_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\jnTUlYyDyuybgXdgxhTkT_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\jnTUlYyDyuybgXdgxhTkT_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\jnTUlYyDyuybgXdgxhTkT_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\jnTUlYyDyuybgXdgxhTkT_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\jnTUlYyDyuybgXdgxhTkT_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\jnTUlYyDyuybgXdgxhTkT_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\jnTUlYyDyuybgXdgxhTkT_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\jnTUlYyDyuybgXdgxhTkT_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\jnTUlYyDyuybgXdgxhTkT_RASMANCS
|
FileDirectory
|
There are 8 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
2F2A000
|
trusted library allocation
|
page read and write
|
|
|
|
2EF5000
|
trusted library allocation
|
page read and write
|
|
|
|
2991000
|
trusted library allocation
|
page read and write
|
|
|
|
2E25000
|
trusted library allocation
|
page read and write
|
|
|
|
2B3B000
|
trusted library allocation
|
page read and write
|
|
|
|
2A99000
|
trusted library allocation
|
page read and write
|
|
|
|
2FCC000
|
trusted library allocation
|
page read and write
|
|
|
|
2E8B000
|
trusted library allocation
|
page read and write
|
|
|
|
2C4F000
|
trusted library allocation
|
page read and write
|
|
|
|
2EC0000
|
trusted library allocation
|
page read and write
|
|
|
|
2BD9000
|
trusted library allocation
|
page read and write
|
|
|
|
2C84000
|
trusted library allocation
|
page read and write
|
|
|
|
2DA1000
|
trusted library allocation
|
page read and write
|
|
|
|
2B70000
|
trusted library allocation
|
page read and write
|
|
|
|
2F93000
|
trusted library allocation
|
page read and write
|
|
|
|
2FFD000
|
trusted library allocation
|
page read and write
|
|
|
|
3301000
|
trusted library allocation
|
page read and write
|
|
|
|
3032000
|
trusted library allocation
|
page read and write
|
|
|
|
2DEC000
|
trusted library allocation
|
page read and write
|
|
|
|
2BA4000
|
trusted library allocation
|
page read and write
|
|
|
|
2CB9000
|
trusted library allocation
|
page read and write
|
|
|
|
2CD1000
|
trusted library allocation
|
page read and write
|
|
|
|
2CE1000
|
trusted library allocation
|
page read and write
|
|
|
|
310D000
|
trusted library allocation
|
page read and write
|
|
|
|
2D61000
|
trusted library allocation
|
page read and write
|
|
|
|
2E56000
|
trusted library allocation
|
page read and write
|
|
|
|
2D24000
|
trusted library allocation
|
page read and write
|
|
|
|
2BC1000
|
trusted library allocation
|
page read and write
|
|
|
|
2581000
|
trusted library allocation
|
page read and write
|
|
|
|
30D1000
|
trusted library allocation
|
page read and write
|
|
|
|
2B06000
|
trusted library allocation
|
page read and write
|
|
|
|
2CEF000
|
trusted library allocation
|
page read and write
|
|
|
|
2F5F000
|
trusted library allocation
|
page read and write
|
|
|
|
2AD1000
|
trusted library allocation
|
page read and write
|
|
|
|
2D96000
|
trusted library allocation
|
page read and write
|
|
|
|
2A60000
|
trusted library allocation
|
page read and write
|
|
|
|
26A1000
|
trusted library allocation
|
page read and write
|
|
|
|
278B000
|
trusted library allocation
|
page read and write
|
|
|
|
2B2000
|
unkown
|
page readonly
|
|
|
|
2DDC000
|
trusted library allocation
|
page read and write
|
||
|
B70000
|
heap
|
page read and write
|
||
|
1230000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
1BA4E000
|
stack
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
12CE8000
|
trusted library allocation
|
page read and write
|
||
|
DF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B952000
|
trusted library allocation
|
page read and write
|
||
|
12991000
|
trusted library allocation
|
page read and write
|
||
|
2AC1000
|
trusted library allocation
|
page read and write
|
||
|
1B030000
|
heap
|
page read and write
|
||
|
1B63E000
|
heap
|
page read and write
|
||
|
1B400000
|
heap
|
page read and write
|
||
|
12FB000
|
heap
|
page read and write
|
||
|
7FFD9B924000
|
trusted library allocation
|
page read and write
|
||
|
21275E27000
|
heap
|
page read and write
|
||
|
1B600000
|
heap
|
page read and write
|
||
|
7FFD9B7EC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B434000
|
stack
|
page read and write
|
||
|
7FFD9B932000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
E2D000
|
heap
|
page read and write
|
||
|
2EC0000
|
heap
|
page read and write
|
||
|
EF8000
|
heap
|
page read and write
|
||
|
7FFD9B764000
|
trusted library allocation
|
page read and write
|
||
|
1C890000
|
heap
|
page read and write
|
||
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
||
|
2B9E000
|
stack
|
page read and write
|
||
|
7FFD9B7A3000
|
trusted library allocation
|
page read and write
|
||
|
F88000
|
heap
|
page read and write
|
||
|
F25000
|
heap
|
page read and write
|
||
|
F4C000
|
heap
|
page read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
1C84D000
|
stack
|
page read and write
|
||
|
1BE8E000
|
stack
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page execute and read and write
|
||
|
143E000
|
heap
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B900000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B776000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B942000
|
trusted library allocation
|
page read and write
|
||
|
CF6000
|
stack
|
page read and write
|
||
|
1B720000
|
heap
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
269E000
|
stack
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
7FFD9B7CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
2F4F000
|
trusted library allocation
|
page read and write
|
||
|
1B7D3000
|
heap
|
page read and write
|
||
|
1B7C1000
|
heap
|
page read and write
|
||
|
B1A000
|
heap
|
page read and write
|
||
|
1645000
|
heap
|
page read and write
|
||
|
EB0000
|
heap
|
page read and write
|
||
|
AF1000
|
heap
|
page read and write
|
||
|
1B4D0000
|
heap
|
page execute and read and write
|
||
|
12591000
|
trusted library allocation
|
page read and write
|
||
|
CB0000
|
heap
|
page read and write
|
||
|
1BC02000
|
heap
|
page read and write
|
||
|
163F000
|
stack
|
page read and write
|
||
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
1425000
|
heap
|
page read and write
|
||
|
3D0000
|
heap
|
page read and write
|
||
|
12CD8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1640000
|
heap
|
page read and write
|
||
|
2770000
|
heap
|
page execute and read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B94A000
|
trusted library allocation
|
page read and write
|
||
|
30C0000
|
heap
|
page execute and read and write
|
||
|
21275DF0000
|
heap
|
page read and write
|
||
|
12A5B000
|
trusted library allocation
|
page read and write
|
||
|
1C545000
|
stack
|
page read and write
|
||
|
1190000
|
heap
|
page read and write
|
||
|
32FE000
|
stack
|
page read and write
|
||
|
B58000
|
heap
|
page read and write
|
||
|
7FFD9B8B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E7B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B84C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B804000
|
stack
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
9FE000
|
stack
|
page read and write
|
||
|
10AE000
|
heap
|
page read and write
|
||
|
7FFD9B962000
|
trusted library allocation
|
page read and write
|
||
|
73C000
|
heap
|
page read and write
|
||
|
1460000
|
heap
|
page execute and read and write
|
||
|
CB5000
|
heap
|
page read and write
|
||
|
1B65D000
|
stack
|
page read and write
|
||
|
1B658000
|
heap
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B816000
|
trusted library allocation
|
page read and write
|
||
|
274B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B856000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B890000
|
trusted library allocation
|
page execute and read and write
|
||
|
1902000
|
heap
|
page read and write
|
||
|
1B69E000
|
stack
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
7FFD9B850000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
7FFD9B919000
|
trusted library allocation
|
page read and write
|
||
|
2C74000
|
trusted library allocation
|
page read and write
|
||
|
1B640000
|
heap
|
page read and write
|
||
|
1B6D1000
|
heap
|
page read and write
|
||
|
2D86000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B778000
|
trusted library allocation
|
page read and write
|
||
|
1D1F4000
|
stack
|
page read and write
|
||
|
1BB10000
|
heap
|
page read and write
|
||
|
E4A000
|
heap
|
page read and write
|
||
|
E00000
|
heap
|
page read and write
|
||
|
2DB1000
|
trusted library allocation
|
page read and write
|
||
|
1B5E2000
|
heap
|
page read and write
|
||
|
E1F000
|
heap
|
page read and write
|
||
|
7FFD9B773000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BAF0000
|
heap
|
page execute and read and write
|
||
|
1B5FA000
|
stack
|
page read and write
|
||
|
7FFD9B773000
|
trusted library allocation
|
page read and write
|
||
|
1B702000
|
heap
|
page execute and read and write
|
||
|
149F000
|
heap
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
33AB000
|
trusted library allocation
|
page read and write
|
||
|
F96000
|
stack
|
page read and write
|
||
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
||
|
1BC83000
|
stack
|
page read and write
|
||
|
31B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B826000
|
trusted library allocation
|
page read and write
|
||
|
1B7F0000
|
heap
|
page read and write
|
||
|
1B07E000
|
stack
|
page read and write
|
||
|
1280000
|
heap
|
page execute and read and write
|
||
|
A10000
|
trusted library allocation
|
page read and write
|
||
|
E13000
|
heap
|
page read and write
|
||
|
2E50000
|
trusted library allocation
|
page read and write
|
||
|
F49000
|
heap
|
page read and write
|
||
|
1B15C000
|
stack
|
page read and write
|
||
|
1B6D7000
|
heap
|
page read and write
|
||
|
14AD000
|
heap
|
page read and write
|
||
|
1BA9F000
|
stack
|
page read and write
|
||
|
FD0000
|
heap
|
page read and write
|
||
|
7FFD9B91D000
|
trusted library allocation
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
21275E19000
|
heap
|
page read and write
|
||
|
1B79E000
|
heap
|
page read and write
|
||
|
1BB7E000
|
stack
|
page read and write
|
||
|
7FFD9B83C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B90E000
|
trusted library allocation
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
7FFD9B885000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B7F3000
|
stack
|
page read and write
|
||
|
1B32D000
|
stack
|
page read and write
|
||
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
||
|
12F6000
|
stack
|
page read and write
|
||
|
A90000
|
heap
|
page read and write
|
||
|
33B6000
|
trusted library allocation
|
page read and write
|
||
|
C3E000
|
stack
|
page read and write
|
||
|
7FFD9B763000
|
trusted library allocation
|
page execute and read and write
|
||
|
1140000
|
heap
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page read and write
|
||
|
1B89F000
|
stack
|
page read and write
|
||
|
1413000
|
heap
|
page read and write
|
||
|
3022000
|
trusted library allocation
|
page read and write
|
||
|
2CDE000
|
stack
|
page read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B333000
|
stack
|
page read and write
|
||
|
1347000
|
heap
|
page read and write
|
||
|
EC6000
|
heap
|
page read and write
|
||
|
7FFD9B909000
|
trusted library allocation
|
page read and write
|
||
|
E22000
|
heap
|
page read and write
|
||
|
FDE000
|
stack
|
page read and write
|
||
|
1B50E000
|
stack
|
page read and write
|
||
|
2E20000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
||
|
79E000
|
heap
|
page read and write
|
||
|
C11000
|
heap
|
page read and write
|
||
|
E45000
|
heap
|
page read and write
|
||
|
A50000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
11FF000
|
stack
|
page read and write
|
||
|
1ABF0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B773000
|
trusted library allocation
|
page read and write
|
||
|
E8F000
|
heap
|
page read and write
|
||
|
12DA8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7BB000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B330000
|
trusted library allocation
|
page read and write
|
||
|
1120000
|
heap
|
page read and write
|
||
|
14F3000
|
heap
|
page read and write
|
||
|
1B94F000
|
stack
|
page read and write
|
||
|
1442000
|
heap
|
page read and write
|
||
|
1100000
|
heap
|
page read and write
|
||
|
2BC9000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B90E000
|
trusted library allocation
|
page read and write
|
||
|
1B577000
|
heap
|
page read and write
|
||
|
1250000
|
heap
|
page read and write
|
||
|
CAF000
|
stack
|
page read and write
|
||
|
12CE3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B95A000
|
trusted library allocation
|
page read and write
|
||
|
1B673000
|
heap
|
page read and write
|
||
|
B16000
|
stack
|
page read and write
|
||
|
7FFD9B7AB000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
||
|
E26000
|
heap
|
page read and write
|
||
|
AB6000
|
heap
|
page read and write
|
||
|
1B5A5000
|
heap
|
page read and write
|
||
|
130D8000
|
trusted library allocation
|
page read and write
|
||
|
1D002000
|
heap
|
page read and write
|
||
|
12BC8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
12A04000
|
trusted library allocation
|
page read and write
|
||
|
17FF000
|
stack
|
page read and write
|
||
|
2F1A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B945000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B773000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B907000
|
trusted library allocation
|
page read and write
|
||
|
F8A000
|
heap
|
page read and write
|
||
|
12CD1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B772000
|
trusted library allocation
|
page read and write
|
||
|
2794000
|
trusted library allocation
|
page read and write
|
||
|
C50000
|
trusted library allocation
|
page read and write
|
||
|
1B100000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
1BD02000
|
heap
|
page execute and read and write
|
||
|
B1C000
|
heap
|
page read and write
|
||
|
1B5AE000
|
heap
|
page read and write
|
||
|
7FFD9B932000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B79B000
|
trusted library allocation
|
page execute and read and write
|
||
|
E23000
|
heap
|
page read and write
|
||
|
7FFD9B788000
|
trusted library allocation
|
page read and write
|
||
|
EC2000
|
heap
|
page read and write
|
||
|
1B92E000
|
stack
|
page read and write
|
||
|
7FFD9B7AB000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B876000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B778000
|
trusted library allocation
|
page read and write
|
||
|
2C26000
|
trusted library allocation
|
page read and write
|
||
|
2C77000
|
trusted library allocation
|
page read and write
|
||
|
9A0000
|
heap
|
page read and write
|
||
|
2AF6000
|
trusted library allocation
|
page read and write
|
||
|
12CD3000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AF4E000
|
stack
|
page read and write
|
||
|
E45000
|
heap
|
page read and write
|
||
|
2550000
|
heap
|
page execute and read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page read and write
|
||
|
1520000
|
heap
|
page read and write
|
||
|
1B79C000
|
heap
|
page read and write
|
||
|
12DAD000
|
trusted library allocation
|
page read and write
|
||
|
A80000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B890000
|
trusted library allocation
|
page execute and read and write
|
||
|
12BCD000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page execute and read and write
|
||
|
C3A000
|
heap
|
page read and write
|
||
|
E40000
|
heap
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C7A000
|
trusted library allocation
|
page read and write
|
||
|
9B6000
|
stack
|
page read and write
|
||
|
102B000
|
heap
|
page read and write
|
||
|
1477000
|
heap
|
page read and write
|
||
|
EEE000
|
heap
|
page read and write
|
||
|
1B745000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
7FFD9B90E000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B912000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B909000
|
trusted library allocation
|
page read and write
|
||
|
1485000
|
heap
|
page read and write
|
||
|
B8D000
|
heap
|
page read and write
|
||
|
1C07E000
|
stack
|
page read and write
|
||
|
1ADD0000
|
trusted library allocation
|
page read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
7FFD9B763000
|
trusted library allocation
|
page execute and read and write
|
||
|
BD6000
|
heap
|
page read and write
|
||
|
2DBC000
|
trusted library allocation
|
page read and write
|
||
|
1BA03000
|
stack
|
page read and write
|
||
|
12A25000
|
trusted library allocation
|
page read and write
|
||
|
1B0F0000
|
heap
|
page read and write
|
||
|
1B677000
|
heap
|
page read and write
|
||
|
2D82000
|
trusted library allocation
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B77B000
|
trusted library allocation
|
page read and write
|
||
|
12CE1000
|
trusted library allocation
|
page read and write
|
||
|
1D7A0000
|
heap
|
page read and write
|
||
|
2AC0000
|
heap
|
page execute and read and write
|
||
|
1494000
|
heap
|
page read and write
|
||
|
7FFD9B907000
|
trusted library allocation
|
page read and write
|
||
|
151F000
|
stack
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BD8E000
|
stack
|
page read and write
|
||
|
7FFD9B927000
|
trusted library allocation
|
page read and write
|
||
|
D60000
|
trusted library allocation
|
page read and write
|
||
|
1C29C000
|
stack
|
page read and write
|
||
|
E25000
|
heap
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7A4000
|
trusted library allocation
|
page read and write
|
||
|
E95000
|
heap
|
page read and write
|
||
|
D80000
|
trusted library allocation
|
page read and write
|
||
|
1A6D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B856000
|
trusted library allocation
|
page execute and read and write
|
||
|
1255000
|
heap
|
page read and write
|
||
|
772000
|
heap
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page execute and read and write
|
||
|
1C899000
|
heap
|
page read and write
|
||
|
298E000
|
stack
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
27C0000
|
heap
|
page execute and read and write
|
||
|
AEF000
|
heap
|
page read and write
|
||
|
130B000
|
heap
|
page read and write
|
||
|
12DA1000
|
trusted library allocation
|
page read and write
|
||
|
1B759000
|
heap
|
page read and write
|
||
|
1B1FE000
|
stack
|
page read and write
|
||
|
2D97000
|
trusted library allocation
|
page read and write
|
||
|
2F00000
|
heap
|
page read and write
|
||
|
1D4FE000
|
stack
|
page read and write
|
||
|
FC6000
|
heap
|
page read and write
|
||
|
5C0000
|
heap
|
page read and write
|
||
|
1BB44000
|
stack
|
page read and write
|
||
|
7FFD9B922000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B909000
|
trusted library allocation
|
page read and write
|
||
|
1400000
|
heap
|
page read and write
|
||
|
7FFD9B840000
|
trusted library allocation
|
page read and write
|
||
|
1AD10000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B942000
|
trusted library allocation
|
page read and write
|
||
|
13A0000
|
trusted library allocation
|
page read and write
|
||
|
1B6A2000
|
heap
|
page read and write
|
||
|
1B602000
|
heap
|
page read and write
|
||
|
1299D000
|
trusted library allocation
|
page read and write
|
||
|
300E000
|
stack
|
page read and write
|
||
|
7FFD9B919000
|
trusted library allocation
|
page read and write
|
||
|
2D49000
|
trusted library allocation
|
page read and write
|
||
|
1BD2E000
|
stack
|
page read and write
|
||
|
1B4E0000
|
trusted library allocation
|
page read and write
|
||
|
A35000
|
heap
|
page read and write
|
||
|
2B0000
|
unkown
|
page readonly
|
||
|
7FFD9B78B000
|
trusted library allocation
|
page execute and read and write
|
||
|
1308000
|
heap
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
1B5EE000
|
stack
|
page read and write
|
||
|
2BFB000
|
trusted library allocation
|
page read and write
|
||
|
1415000
|
heap
|
page read and write
|
||
|
1AD00000
|
trusted library allocation
|
page read and write
|
||
|
1D0FF000
|
stack
|
page read and write
|
||
|
21275E10000
|
heap
|
page read and write
|
||
|
2DB9000
|
trusted library allocation
|
page read and write
|
||
|
1A9C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B763000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BAC0000
|
heap
|
page read and write
|
||
|
3B0000
|
heap
|
page read and write
|
||
|
A95000
|
heap
|
page read and write
|
||
|
D10000
|
heap
|
page read and write
|
||
|
2D79000
|
trusted library allocation
|
page read and write
|
||
|
1BE4E000
|
stack
|
page read and write
|
||
|
1452000
|
heap
|
page read and write
|
||
|
129E000
|
stack
|
page read and write
|
||
|
AE0000
|
heap
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page execute and read and write
|
||
|
C80000
|
heap
|
page read and write
|
||
|
7FFD9B793000
|
trusted library allocation
|
page read and write
|
||
|
12581000
|
trusted library allocation
|
page read and write
|
||
|
2C74000
|
trusted library allocation
|
page read and write
|
||
|
1B5B7000
|
heap
|
page read and write
|
||
|
10A1000
|
heap
|
page read and write
|
||
|
2880000
|
heap
|
page read and write
|
||
|
21275CF0000
|
heap
|
page read and write
|
||
|
1447000
|
heap
|
page read and write
|
||
|
126A3000
|
trusted library allocation
|
page read and write
|
||
|
14CA000
|
heap
|
page read and write
|
||
|
1067000
|
heap
|
page read and write
|
||
|
2D7F000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B930000
|
trusted library allocation
|
page read and write
|
||
|
13D0000
|
heap
|
page read and write
|
||
|
1B548000
|
heap
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
B80000
|
heap
|
page read and write
|
||
|
31D0000
|
trusted library allocation
|
page read and write
|
||
|
1B993000
|
stack
|
page read and write
|
||
|
7FFD9B793000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B6CA000
|
heap
|
page read and write
|
||
|
7FFD9B885000
|
trusted library allocation
|
page execute and read and write
|
||
|
E77000
|
heap
|
page read and write
|
||
|
7FFD9B904000
|
trusted library allocation
|
page read and write
|
||
|
2CCE000
|
stack
|
page read and write
|
||
|
BDC000
|
heap
|
page read and write
|
||
|
1D602000
|
heap
|
page read and write
|
||
|
31F0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B540000
|
heap
|
page read and write
|
||
|
7FFD9B810000
|
trusted library allocation
|
page read and write
|
||
|
2D59000
|
trusted library allocation
|
page read and write
|
||
|
13308000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B778000
|
trusted library allocation
|
page read and write
|
||
|
2D90000
|
heap
|
page execute and read and write
|
||
|
2C3F000
|
trusted library allocation
|
page read and write
|
||
|
1B23E000
|
stack
|
page read and write
|
||
|
2B0000
|
unkown
|
page readonly
|
||
|
126AD000
|
trusted library allocation
|
page read and write
|
||
|
1B597000
|
heap
|
page read and write
|
||
|
2D7C000
|
trusted library allocation
|
page read and write
|
||
|
130DD000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
||
|
1BC24000
|
stack
|
page read and write
|
||
|
31E0000
|
heap
|
page read and write
|
||
|
2FC8000
|
trusted library allocation
|
page read and write
|
||
|
2CA9000
|
trusted library allocation
|
page read and write
|
||
|
1AF70000
|
heap
|
page execute and read and write
|
||
|
1B79E000
|
stack
|
page read and write
|
||
|
7FFD9B826000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B77B000
|
trusted library allocation
|
page read and write
|
||
|
1BE24000
|
stack
|
page read and write
|
||
|
14C5000
|
heap
|
page read and write
|
||
|
BC0000
|
heap
|
page read and write
|
||
|
1422000
|
heap
|
page read and write
|
||
|
131E000
|
heap
|
page read and write
|
||
|
7FFD9B960000
|
trusted library allocation
|
page execute and read and write
|
||
|
13E0000
|
heap
|
page read and write
|
||
|
142D000
|
heap
|
page read and write
|
||
|
EDE000
|
heap
|
page read and write
|
||
|
7FFD9B77B000
|
trusted library allocation
|
page read and write
|
||
|
1BD2E000
|
stack
|
page read and write
|
||
|
2D9D000
|
trusted library allocation
|
page read and write
|
||
|
131C000
|
heap
|
page read and write
|
||
|
1BA2E000
|
stack
|
page read and write
|
||
|
1B360000
|
heap
|
page read and write
|
||
|
1AD12000
|
heap
|
page read and write
|
||
|
B114CFE000
|
stack
|
page read and write
|
||
|
7FFD9B792000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B816000
|
trusted library allocation
|
page read and write
|
||
|
1B77B000
|
heap
|
page read and write
|
||
|
2CDF000
|
trusted library allocation
|
page read and write
|
||
|
2FED000
|
trusted library allocation
|
page read and write
|
||
|
2EE5000
|
trusted library allocation
|
page read and write
|
||
|
1B6B6000
|
heap
|
page read and write
|
||
|
7FFD9B782000
|
trusted library allocation
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
7FFD9B773000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B794000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B907000
|
trusted library allocation
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
A30000
|
trusted library allocation
|
page read and write
|
||
|
1B640000
|
heap
|
page read and write
|
||
|
12CDD000
|
trusted library allocation
|
page read and write
|
||
|
1C649000
|
stack
|
page read and write
|
||
|
7FFD9B760000
|
trusted library allocation
|
page read and write
|
||
|
1C650000
|
heap
|
page read and write
|
||
|
7FFD9B816000
|
trusted library allocation
|
page read and write
|
||
|
1AC3E000
|
stack
|
page read and write
|
||
|
1498000
|
heap
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
380000
|
heap
|
page read and write
|
||
|
AB0000
|
heap
|
page read and write
|
||
|
F46000
|
heap
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page read and write
|
||
|
8F6000
|
stack
|
page read and write
|
||
|
1BC43000
|
stack
|
page read and write
|
||
|
7FFD9B78B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B856000
|
trusted library allocation
|
page execute and read and write
|
||
|
11FF000
|
stack
|
page read and write
|
||
|
14A4000
|
heap
|
page read and write
|
||
|
7FFD9B764000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B942000
|
trusted library allocation
|
page read and write
|
||
|
1BE4E000
|
stack
|
page read and write
|
||
|
1B2FF000
|
stack
|
page read and write
|
||
|
1802000
|
heap
|
page read and write
|
||
|
7FFD9B932000
|
trusted library allocation
|
page read and write
|
||
|
255E000
|
stack
|
page read and write
|
||
|
1B59D000
|
heap
|
page read and write
|
||
|
7FFD9B772000
|
trusted library allocation
|
page read and write
|
||
|
1BE2E000
|
stack
|
page read and write
|
||
|
BA0000
|
heap
|
page read and write
|
||
|
1410000
|
heap
|
page read and write
|
||
|
7EF000
|
heap
|
page read and write
|
||
|
134B000
|
heap
|
page read and write
|
||
|
7FFD9B794000
|
trusted library allocation
|
page read and write
|
||
|
1BB07000
|
stack
|
page read and write
|
||
|
2BB0000
|
heap
|
page read and write
|
||
|
7FFD9B82C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D88000
|
trusted library allocation
|
page read and write
|
||
|
2D8B000
|
trusted library allocation
|
page read and write
|
||
|
2BD0000
|
heap
|
page execute and read and write
|
||
|
2F83000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
||
|
21275E27000
|
heap
|
page read and write
|
||
|
1B66C000
|
heap
|
page read and write
|
||
|
1BB00000
|
trusted library allocation
|
page read and write
|
||
|
1025000
|
heap
|
page read and write
|
||
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
||
|
1302000
|
heap
|
page read and write
|
||
|
26D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B816000
|
trusted library allocation
|
page read and write
|
||
|
1B7B9000
|
heap
|
page read and write
|
||
|
1B8FE000
|
stack
|
page read and write
|
||
|
E50000
|
heap
|
page read and write
|
||
|
1B84E000
|
stack
|
page read and write
|
||
|
1330D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B82C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B7AD000
|
trusted library allocation
|
page execute and read and write
|
||
|
F3C000
|
heap
|
page read and write
|
||
|
7FFD9B895000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BA9E000
|
stack
|
page read and write
|
||
|
1B56E000
|
heap
|
page read and write
|
||
|
7FFD9B937000
|
trusted library allocation
|
page read and write
|
||
|
33A8000
|
trusted library allocation
|
page read and write
|
||
|
1485000
|
heap
|
page read and write
|
||
|
B50000
|
heap
|
page read and write
|
||
|
2D9A000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B950000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B702000
|
heap
|
page read and write
|
||
|
1020000
|
heap
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B77B000
|
trusted library allocation
|
page read and write
|
||
|
1B7AA000
|
heap
|
page read and write
|
||
|
1BFFE000
|
stack
|
page read and write
|
||
|
1030000
|
heap
|
page read and write
|
||
|
CD0000
|
heap
|
page read and write
|
||
|
130D3000
|
trusted library allocation
|
page read and write
|
||
|
2C1C000
|
trusted library allocation
|
page read and write
|
||
|
1B82D000
|
heap
|
page read and write
|
||
|
B1149DB000
|
stack
|
page read and write
|
||
|
7FFD9B7BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B800000
|
heap
|
page read and write
|
||
|
7FFD9B79B000
|
trusted library allocation
|
page read and write
|
||
|
1BB23000
|
stack
|
page read and write
|
||
|
12BC1000
|
trusted library allocation
|
page read and write
|
||
|
21276100000
|
heap
|
page read and write
|
||
|
7FFD9B773000
|
trusted library allocation
|
page read and write
|
||
|
1B7FC000
|
heap
|
page read and write
|
||
|
2EB0000
|
trusted library allocation
|
page read and write
|
||
|
1B5DC000
|
heap
|
page read and write
|
||
|
2D92000
|
trusted library allocation
|
page read and write
|
||
|
EAA000
|
heap
|
page read and write
|
||
|
7FFD9B917000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
trusted library allocation
|
page read and write
|
||
|
1B82F000
|
heap
|
page read and write
|
||
|
7FFD9B76D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E46000
|
trusted library allocation
|
page read and write
|
||
|
750000
|
heap
|
page read and write
|
||
|
25E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1AB0D000
|
stack
|
page read and write
|
||
|
E47000
|
heap
|
page read and write
|
||
|
2E21000
|
trusted library allocation
|
page read and write
|
||
|
2DED000
|
trusted library allocation
|
page read and write
|
||
|
10C0000
|
heap
|
page read and write
|
||
|
7FFD9B846000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B907000
|
trusted library allocation
|
page read and write
|
||
|
1C34C000
|
stack
|
page read and write
|
||
|
14F7000
|
heap
|
page read and write
|
||
|
1C12E000
|
stack
|
page read and write
|
||
|
1B13E000
|
stack
|
page read and write
|
||
|
390000
|
heap
|
page read and write
|
||
|
7FFD9B91E000
|
trusted library allocation
|
page read and write
|
||
|
12588000
|
trusted library allocation
|
page read and write
|
||
|
10FF000
|
stack
|
page read and write
|
||
|
12CED000
|
trusted library allocation
|
page read and write
|
||
|
B3E000
|
stack
|
page read and write
|
||
|
13301000
|
trusted library allocation
|
page read and write
|
||
|
EFA000
|
heap
|
page read and write
|
||
|
12E0000
|
heap
|
page read and write
|
||
|
DE6000
|
heap
|
page read and write
|
||
|
7FFD9B922000
|
trusted library allocation
|
page read and write
|
||
|
2B2B000
|
trusted library allocation
|
page read and write
|
||
|
2570000
|
heap
|
page execute and read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
2D14000
|
trusted library allocation
|
page read and write
|
||
|
139F000
|
stack
|
page read and write
|
||
|
1C894000
|
heap
|
page read and write
|
||
|
1200000
|
trusted library allocation
|
page read and write
|
||
|
1B4F4000
|
stack
|
page read and write
|
||
|
1434000
|
heap
|
page read and write
|
||
|
75B000
|
heap
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
F03000
|
trusted library allocation
|
page read and write
|
||
|
1387000
|
heap
|
page read and write
|
||
|
284E000
|
stack
|
page read and write
|
||
|
2A78000
|
trusted library allocation
|
page read and write
|
||
|
2FB8000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page execute and read and write
|
||
|
2D29000
|
trusted library allocation
|
page read and write
|
||
|
DE0000
|
heap
|
page read and write
|
||
|
EF6000
|
stack
|
page read and write
|
||
|
EF0000
|
trusted library allocation
|
page read and write
|
||
|
1BB88000
|
heap
|
page read and write
|
||
|
1B090000
|
heap
|
page execute and read and write
|
||
|
7FFD9B7CC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B25C000
|
stack
|
page read and write
|
||
|
F5C000
|
heap
|
page read and write
|
||
|
736000
|
heap
|
page read and write
|
||
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
||
|
1D3F3000
|
stack
|
page read and write
|
||
|
1480000
|
heap
|
page read and write
|
||
|
1B653000
|
heap
|
page read and write
|
||
|
276E000
|
stack
|
page read and write
|
||
|
1B68B000
|
heap
|
page read and write
|
||
|
1B570000
|
heap
|
page execute and read and write
|
||
|
F28000
|
heap
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page read and write
|
||
|
13B4000
|
heap
|
page read and write
|
||
|
2590000
|
heap
|
page read and write
|
||
|
2850000
|
trusted library section
|
page read and write
|
||
|
103C000
|
heap
|
page read and write
|
||
|
1BB9E000
|
stack
|
page read and write
|
||
|
ABC000
|
heap
|
page read and write
|
||
|
ED0000
|
trusted library allocation
|
page read and write
|
||
|
1008000
|
heap
|
page read and write
|
||
|
DB0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B7BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
C0F000
|
heap
|
page read and write
|
||
|
2D94000
|
trusted library allocation
|
page read and write
|
||
|
1BB80000
|
heap
|
page read and write
|
||
|
12DA3000
|
trusted library allocation
|
page read and write
|
||
|
1B822000
|
heap
|
page read and write
|
||
|
1A5B0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
||
|
1BB52000
|
heap
|
page read and write
|
||
|
E8F000
|
heap
|
page read and write
|
||
|
BD0000
|
heap
|
page read and write
|
||
|
7FFD9B81C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2B94000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E00000
|
trusted library allocation
|
page read and write
|
||
|
720000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B820000
|
trusted library allocation
|
page read and write
|
||
|
1B9FF000
|
stack
|
page read and write
|
||
|
1B5F1000
|
heap
|
page read and write
|
||
|
7FFD9B7BD000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B912000
|
trusted library allocation
|
page read and write
|
||
|
1B53E000
|
stack
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page read and write
|
||
|
1BEFE000
|
stack
|
page read and write
|
||
|
7FFD9B932000
|
trusted library allocation
|
page read and write
|
||
|
F5E000
|
heap
|
page read and write
|
||
|
7FFD9B890000
|
trusted library allocation
|
page execute and read and write
|
||
|
13303000
|
trusted library allocation
|
page read and write
|
||
|
B95000
|
heap
|
page read and write
|
||
|
B114C7E000
|
stack
|
page read and write
|
||
|
1B599000
|
heap
|
page read and write
|
||
|
12E8000
|
heap
|
page read and write
|
||
|
1BB94000
|
heap
|
page read and write
|
||
|
7FF4E6AF0000
|
trusted library allocation
|
page execute and read and write
|
||
|
9E0000
|
heap
|
page read and write
|
||
|
7FFD9B79B000
|
trusted library allocation
|
page execute and read and write
|
||
|
130D1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B762000
|
trusted library allocation
|
page read and write
|
||
|
FC0000
|
heap
|
page read and write
|
||
|
1B6FE000
|
stack
|
page read and write
|
||
|
7AA000
|
heap
|
page read and write
|
||
|
2AE0000
|
heap
|
page execute and read and write
|
||
|
7FFD9B830000
|
trusted library allocation
|
page execute and read and write
|
||
|
E3E000
|
heap
|
page read and write
|
||
|
1B77E000
|
stack
|
page read and write
|
||
|
302000
|
unkown
|
page readonly
|
||
|
2B60000
|
trusted library allocation
|
page read and write
|
||
|
1C14A000
|
stack
|
page read and write
|
||
|
2A88000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
||
|
21275DD0000
|
heap
|
page read and write
|
||
|
1BC2E000
|
stack
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B80D000
|
heap
|
page read and write
|
||
|
1B82E000
|
stack
|
page read and write
|
||
|
12BC3000
|
trusted library allocation
|
page read and write
|
||
|
13F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B773000
|
trusted library allocation
|
page execute and read and write
|
||
|
1444000
|
heap
|
page read and write
|
||
|
2D2F000
|
stack
|
page read and write
|
||
|
7FFD9B78B000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
||
|
F00000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B836000
|
trusted library allocation
|
page read and write
|
||
|
1BB44000
|
stack
|
page read and write
|
||
|
2BC0000
|
heap
|
page read and write
|
||
|
7FFD9B763000
|
trusted library allocation
|
page execute and read and write
|
||
|
2C07000
|
trusted library allocation
|
page read and write
|
||
|
B60000
|
heap
|
page read and write
|
||
|
11CF000
|
stack
|
page read and write
|
||
|
7FFD9B7BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B72C000
|
heap
|
page read and write
|
||
|
6F6000
|
stack
|
page read and write
|
||
|
1BB45000
|
heap
|
page read and write
|
||
|
7FFD9B783000
|
trusted library allocation
|
page read and write
|
||
|
EB5000
|
heap
|
page read and write
|
||
|
103E000
|
heap
|
page read and write
|
||
|
1202000
|
heap
|
page read and write
|
||
|
1BB8F000
|
heap
|
page read and write
|
||
|
7FFD9B7BC000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BB20000
|
heap
|
page execute and read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
12E5000
|
heap
|
page read and write
|
||
|
7FFD9B7B0000
|
trusted library allocation
|
page read and write
|
||
|
CF0000
|
heap
|
page read and write
|
||
|
E51000
|
heap
|
page read and write
|
||
|
1195000
|
heap
|
page read and write
|
||
|
25CA000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B917000
|
trusted library allocation
|
page read and write
|
||
|
1D7B3000
|
heap
|
page read and write
|
||
|
1BD4E000
|
stack
|
page read and write
|
||
|
9D0000
|
heap
|
page read and write
|
||
|
1C02E000
|
stack
|
page read and write
|
||
|
126A8000
|
trusted library allocation
|
page read and write
|
||
|
10C5000
|
heap
|
page read and write
|
||
|
1BC9E000
|
stack
|
page read and write
|
||
|
1D2FB000
|
stack
|
page read and write
|
||
|
2D76000
|
trusted library allocation
|
page read and write
|
||
|
E33000
|
heap
|
page read and write
|
||
|
1B15E000
|
stack
|
page read and write
|
||
|
EF6000
|
stack
|
page read and write
|
||
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
||
|
B5B000
|
heap
|
page read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B00E000
|
stack
|
page read and write
|
||
|
7FFD9B826000
|
trusted library allocation
|
page read and write
|
||
|
DE9000
|
heap
|
page read and write
|
||
|
2BB0000
|
trusted library allocation
|
page read and write
|
||
|
FE0000
|
heap
|
page read and write
|
||
|
1B3FF000
|
stack
|
page read and write
|
||
|
126A1000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B880000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
||
|
102F000
|
heap
|
page read and write
|
||
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
||
|
16FF000
|
stack
|
page read and write
|
||
|
1B4A0000
|
heap
|
page read and write
|
||
|
7FFD9B895000
|
trusted library allocation
|
page execute and read and write
|
||
|
1B722000
|
heap
|
page read and write
|
||
|
7FFD9B885000
|
trusted library allocation
|
page execute and read and write
|
||
|
13C0000
|
trusted library allocation
|
page read and write
|
||
|
9F0000
|
heap
|
page read and write
|
||
|
2E11000
|
trusted library allocation
|
page read and write
|
||
|
A30000
|
heap
|
page read and write
|
||
|
1AF1D000
|
stack
|
page read and write
|
||
|
E11000
|
heap
|
page read and write
|
||
|
F02000
|
heap
|
page read and write
|
||
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
||
|
1BF23000
|
stack
|
page read and write
|
||
|
F20000
|
heap
|
page read and write
|
||
|
730000
|
heap
|
page read and write
|
||
|
1B71C000
|
heap
|
page read and write
|
||
|
1B5F8000
|
heap
|
page read and write
|
||
|
7FFD9B912000
|
trusted library allocation
|
page read and write
|
||
|
1305000
|
heap
|
page read and write
|
||
|
1502000
|
heap
|
page read and write
|
||
|
1258D000
|
trusted library allocation
|
page read and write
|
||
|
770000
|
heap
|
page read and write
|
||
|
1BB97000
|
heap
|
page read and write
|
||
|
1B5C9000
|
heap
|
page read and write
|
||
|
1B74E000
|
stack
|
page read and write
|
||
|
7FFD9B766000
|
trusted library allocation
|
page read and write
|
There are 786 hidden memdumps, click here to show them.