Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
SecuriteInfo.com.Win64.TrojanX-gen.20834.9882.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\svchost.exe
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\Crypto\Cipher\_Salsa20.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\Crypto\Cipher\_raw_aes.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\Crypto\Cipher\_raw_aesni.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\Crypto\Cipher\_raw_cbc.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\Crypto\Cipher\_raw_cfb.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\Crypto\Cipher\_raw_ctr.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\Crypto\Cipher\_raw_ecb.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\Crypto\Cipher\_raw_eksblowfish.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\Crypto\Cipher\_raw_ocb.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\Crypto\Cipher\_raw_ofb.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\Crypto\Hash\_BLAKE2s.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\Crypto\Hash\_MD5.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\Crypto\Hash\_SHA1.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\Crypto\Hash\_SHA224.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\Crypto\Hash\_SHA256.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\Crypto\Hash\_SHA384.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\Crypto\Hash\_SHA512.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\Crypto\Hash\_ghash_clmul.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\Crypto\Hash\_ghash_portable.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\Crypto\Hash\_keccak.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\Crypto\Protocol\_scrypt.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\Crypto\Util\_cpuid_c.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\Crypto\Util\_strxor.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\PIL\_imaging.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\PIL\_imagingcms.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\PIL\_imagingmath.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\PIL\_webp.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\_asyncio.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\_bz2.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\_cffi_backend.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\_ctypes.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\_decimal.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\_hashlib.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\_lzma.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\_multiprocessing.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\_overlapped.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\_queue.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\_socket.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\_sqlite3.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\_ssl.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\certifi\cacert.pem
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\charset_normalizer\md.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\charset_normalizer\md__mypyc.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\cryptography\hazmat\bindings\_rust.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\libcrypto-1_1.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\libffi-7.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\libssl-1_1.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\pyexpat.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\python3.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\python39.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\select.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\sqlite3.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\unicodedata.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\vcruntime140.dll
|
PE32+ executable (DLL) (console) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\zstandard\_cffi.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\zstandard\backend_c.pyd
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
There are 48 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.20834.9882.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.20834.9882.exe"
|
|
|
|
C:\Users\user\AppData\Local\Temp\onefile_3916_133720417332478140\svchost.exe
|
"C:\Users\user\Desktop\SecuriteInfo.com.Win64.TrojanX-gen.20834.9882.exe"
|
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-108r1.pdf
|
unknown
|
||
|
http://repository.swisssign.com/0=0;
|
unknown
|
||
|
http://www.dabeaz.com/ply)
|
unknown
|
||
|
https://github.com/pyca/cryptography/issues/8996
|
unknown
|
||
|
https://web.archive.org/web/20240227115053/https://exiv2.org/tags.html)
|
unknown
|
||
|
https://www.python.org/dev/peps/pep-0506/
|
unknown
|
||
|
https://github.com/urllib3/urllib3/issues/2168
|
unknown
|
||
|
https://web.archive.org/web/20170802060935/http://oss.sgi.com/projects/ogl-sample/registry/EXT/textu
|
unknown
|
||
|
http://www.python.org/download/releases/2.3/mro/.
|
unknown
|
||
|
https://tools.ietf.org/html/rfc2388#section-4.4
|
unknown
|
||
|
https://www.ibm.com/
|
unknown
|
||
|
http://cffi.readthedocs.io/en/latest/cdef.html#ffi-cdef-limitations
|
unknown
|
||
|
https://github.com/urllib3/urllib3/issues/2192#issuecomment-821832963
|
unknown
|
||
|
http://docs.python.org/3/library/subprocess#subprocess.Popen.kill
|
unknown
|
||
|
https://www.littlecms.com
|
unknown
|
||
|
https://tools.ietf.org/html/rfc3610
|
unknown
|
||
|
http://crl.dhimyotis.com/certignarootca.crl
|
unknown
|
||
|
http://curl.haxx.se/rfc/cookie_spec.html
|
unknown
|
||
|
http://ocsp.accv.es
|
unknown
|
||
|
http://speleotrove.com/decimal/decarith.html
|
unknown
|
||
|
http://www.python.org/dev/peps/pep-0205/
|
unknown
|
||
|
http://docs.python.org/3/library/subprocess#subprocess.Popen.returncode
|
unknown
|
||
|
https://github.com/urllib3/urllib3/issues/3020
|
unknown
|
||
|
https://urllib3.readthedocs.io/en/latest/advanced-usage.html#socks-proxies
|
unknown
|
||
|
http://json.org
|
unknown
|
||
|
https://urllib3.readthedocs.io/en/latest/advanced-usage.html#https-proxy-error-http-proxy
|
unknown
|
||
|
https://httpbin.org/get
|
unknown
|
||
|
https://github.com/python-pillow/Pillow/
|
unknown
|
||
|
https://wwww.certigna.fr/autorites/0m
|
unknown
|
||
|
https://httpbin.org/
|
unknown
|
||
|
https://rentry.co/icboq6gb/raw
|
unknown
|
||
|
https://wwww.certigna.fr/autorites/
|
unknown
|
||
|
https://cryptography.io/en/latest/faq/#why-can-t-i-import-my-pem-file
|
unknown
|
||
|
http://www.cl.cam.ac.uk/~mgk25/iso-time.html
|
unknown
|
||
|
https://github.com/pypa/packagingz
|
unknown
|
||
|
http://hg.python.org/cpython/file/603b4d593758/Lib/socket.py#l535
|
unknown
|
||
|
https://www.mia.uni-saarland.de/Publications/gwosdek-ssvm11.pdf
|
unknown
|
||
|
http://crl.securetrust.com/STCA.crl
|
unknown
|
||
|
http://wwwsearch.sf.net/):
|
unknown
|
||
|
http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1.crt0
|
unknown
|
||
|
http://www.accv.es/legislacion_c.htm
|
unknown
|
||
|
http://tools.ietf.org/html/rfc6125#section-6.4.3
|
unknown
|
||
|
https://cffi.readthedocs.io/en/latest/using.html#callbacks
|
unknown
|
||
|
http://crl.xrampsecurity.com/XGCA.crl0
|
unknown
|
||
|
http://www.cert.fnmt.es/dpcs/
|
unknown
|
||
|
https://google.com/mail
|
unknown
|
||
|
https://packaging.python.org/specifications/entry-points/
|
unknown
|
||
|
http://www.accv.es00
|
unknown
|
||
|
http://www.phys.uu.nl/~vgent/calendar/isocalendar.htm
|
unknown
|
||
|
http://www.rfc-editor.org/info/rfc7253
|
unknown
|
||
|
https://github.com/pyca/cryptography/issues
|
unknown
|
||
|
http://bugs.python.org/issue23606)
|
unknown
|
||
|
http://csrc.nist.gov/publications/nistpubs/800-38C/SP800-38C.pdf
|
unknown
|
||
|
https://foss.heptapod.net/pypy/pypy/-/issues/3539
|
unknown
|
||
|
https://github.com/urllib3/urllib3/issues/2513#issuecomment-1152559900.
|
unknown
|
||
|
http://google.com/
|
unknown
|
||
|
https://mahler:8092/site-updates.py
|
unknown
|
||
|
http://crl.securetrust.com/SGCA.crl
|
unknown
|
||
|
http://.../back.jpeg
|
unknown
|
||
|
http://tools.ietf.org/html/rfc5869
|
unknown
|
||
|
http://blog.cryptographyusering.com/2012/05/how-to-choose-authenticated-encryption.html
|
unknown
|
||
|
http://www.python.org/
|
unknown
|
||
|
https://httpbin.org/post
|
unknown
|
||
|
https://github.com/Ousret/charset_normalizer
|
unknown
|
||
|
http://www.firmaprofesional.com/cps0
|
unknown
|
||
|
https://www.cazabon.com
|
unknown
|
||
|
https://github.com/urllib3/urllib3/issues/2920
|
unknown
|
||
|
http://crl.securetrust.com/SGCA.crl0
|
unknown
|
||
|
https://yahoo.com/
|
unknown
|
||
|
http://crl.securetrust.com/STCA.crl0
|
unknown
|
||
|
http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-6
|
unknown
|
||
|
http://crl.thawte.com/ThawteTimestampingCA.crl0
|
unknown
|
||
|
https://html.spec.whatwg.org/multipage/
|
unknown
|
||
|
http://repository.swisssign.com/cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateNumbers
|
unknown
|
||
|
http://www.quovadisglobal.com/cps0
|
unknown
|
||
|
http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl
|
unknown
|
||
|
https://urllib3.readthedocs.io/en/latest/advanced-usage.html#tls-warnings
|
unknown
|
||
|
http://www.accv.es/fileadmin/Archivos/certificados/raizaccv1_der.crl0
|
unknown
|
||
|
https://github.com/pyca/cryptography/issues/9253
|
unknown
|
||
|
http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/eax/eax-spec.pdf
|
unknown
|
||
|
http://www.iana.org/time-zones/repository/tz-link.html
|
unknown
|
||
|
http://tools.ietf.org/html/rfc5297
|
unknown
|
||
|
http://tools.ietf.org/html/rfc4880
|
unknown
|
||
|
https://requests.readthedocs.io
|
unknown
|
||
|
http://repository.swisssign.com/
|
unknown
|
||
|
http://www.cs.ucdavis.edu/~rogaway/papers/keywrap.pdf
|
unknown
|
||
|
http://python.org/dev/peps/pep-0263/
|
unknown
|
||
|
http://crl.xrampsecurity.com/XGCA.crl
|
unknown
|
||
|
https://www.python.org
|
unknown
|
||
|
https://www.cazabon.com/pyCMS
|
unknown
|
||
|
http://www.accv.es/legislacion_c.htm0U
|
unknown
|
||
|
http://www.tarsnap.com/scrypt/scrypt-slides.pdf
|
unknown
|
||
|
https://www.usenix.org/legacy/events/usenix99/provos/provos_html/node4.html
|
unknown
|
||
|
http://csrc.nist.gov/publications/nistpubs/800-38a/sp800-38a.pdf
|
unknown
|
||
|
https://web.archive.org/web/20120328125543/http://www.jpegcameras.com/libjpeg/libjpeg-3.html
|
unknown
|
||
|
http://ocsp.accv.es0
|
unknown
|
||
|
http://ocsp.thawte.com0
|
unknown
|
||
|
http://bugs.python.org/issue23606)H
|
unknown
|
||
|
https://twitter.com/
|
unknown
|
||
|
https://code.google.com/archive/p/casadebender/wikis/Win32IconImagePlugin.wiki
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
rentry.co
|
172.67.75.40
|
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.26.3.16
|
unknown
|
United States
|
|
|
|
172.67.75.40
|
rentry.co
|
United States
|
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FF79E18F000
|
unkown
|
page execute read
|
||
|
1C9BFE59000
|
heap
|
page read and write
|
||
|
7FF614890000
|
unkown
|
page readonly
|
||
|
7FFDA332D000
|
unkown
|
page readonly
|
||
|
7FFDA3AE1000
|
unkown
|
page execute read
|
||
|
1A6B83FF000
|
heap
|
page read and write
|
||
|
1A6B826F000
|
heap
|
page read and write
|
||
|
1A6B6F27000
|
heap
|
page read and write
|
||
|
1A6B82F7000
|
heap
|
page read and write
|
||
|
1A6B8C70000
|
direct allocation
|
page read and write
|
||
|
7FFDA5469000
|
unkown
|
page readonly
|
||
|
1A6B4540000
|
direct allocation
|
page read and write
|
||
|
7FF614891000
|
unkown
|
page execute read
|
||
|
7FFD9471B000
|
unkown
|
page read and write
|
||
|
7FFD937D0000
|
unkown
|
page readonly
|
||
|
1A6B8333000
|
heap
|
page read and write
|
||
|
7FFDA3EB9000
|
unkown
|
page readonly
|
||
|
7FFD9472C000
|
unkown
|
page write copy
|
||
|
7FFD942F7000
|
unkown
|
page read and write
|
||
|
7FFDA3FDB000
|
unkown
|
page readonly
|
||
|
7FFDA33EF000
|
unkown
|
page readonly
|
||
|
1C9BC1E9000
|
heap
|
page read and write
|
||
|
1A6B8377000
|
heap
|
page read and write
|
||
|
1A6B6F27000
|
heap
|
page read and write
|
||
|
7FFD93411000
|
unkown
|
page execute read
|
||
|
1A6B6F5A000
|
heap
|
page read and write
|
||
|
1A6B8B83000
|
heap
|
page read and write
|
||
|
7FFD937B3000
|
unkown
|
page read and write
|
||
|
1A6B8A06000
|
heap
|
page read and write
|
||
|
7FFD9F3B0000
|
unkown
|
page readonly
|
||
|
1A6B4E83000
|
heap
|
page read and write
|
||
|
7FFD9F7F3000
|
unkown
|
page readonly
|
||
|
1C9C07EF000
|
heap
|
page read and write
|
||
|
7FFD9DB75000
|
unkown
|
page readonly
|
||
|
7FF615449000
|
unkown
|
page read and write
|
||
|
7FFD93E68000
|
unkown
|
page write copy
|
||
|
1A6B6E45000
|
heap
|
page read and write
|
||
|
1A6B6ED6000
|
heap
|
page read and write
|
||
|
1C9BFD68000
|
heap
|
page read and write
|
||
|
7FFD93D09000
|
unkown
|
page readonly
|
||
|
1C9BDB95000
|
heap
|
page read and write
|
||
|
7FFD94330000
|
unkown
|
page readonly
|
||
|
1A6B4E4A000
|
heap
|
page read and write
|
||
|
1A6B83DD000
|
heap
|
page read and write
|
||
|
7FFD9DA56000
|
unkown
|
page readonly
|
||
|
1A6B4E29000
|
heap
|
page read and write
|
||
|
7FFD93EC1000
|
unkown
|
page execute read
|
||
|
7FFD9DEC1000
|
unkown
|
page execute read
|
||
|
1A6B4580000
|
direct allocation
|
page read and write
|
||
|
7FFD942FD000
|
unkown
|
page read and write
|
||
|
7FFDA4160000
|
unkown
|
page readonly
|
||
|
7FFDA32F5000
|
unkown
|
page readonly
|
||
|
7FFD94770000
|
unkown
|
page readonly
|
||
|
7FFD9E841000
|
unkown
|
page execute read
|
||
|
7FF61544C000
|
unkown
|
page readonly
|
||
|
7FFD93591000
|
unkown
|
page execute read
|
||
|
7FFD9E855000
|
unkown
|
page read and write
|
||
|
1C9C04EF000
|
heap
|
page read and write
|
||
|
7FFD94059000
|
unkown
|
page execute read
|
||
|
7FFD9DB70000
|
unkown
|
page readonly
|
||
|
1A6B8AFF000
|
heap
|
page read and write
|
||
|
7FFDA433E000
|
unkown
|
page read and write
|
||
|
7FFDA3311000
|
unkown
|
page execute read
|
||
|
7FFD94070000
|
unkown
|
page execute read
|
||
|
1A6B8ABC000
|
heap
|
page read and write
|
||
|
1A6B4FEB000
|
heap
|
page read and write
|
||
|
7FFD93E6A000
|
unkown
|
page read and write
|
||
|
7FFD93579000
|
unkown
|
page readonly
|
||
|
7FFDA3335000
|
unkown
|
page read and write
|
||
|
7FFD94742000
|
unkown
|
page read and write
|
||
|
1C9BC180000
|
heap
|
page read and write
|
||
|
1A6B8A00000
|
heap
|
page read and write
|
||
|
7FFD94718000
|
unkown
|
page write copy
|
||
|
7FFDA4DA6000
|
unkown
|
page readonly
|
||
|
1A6B4530000
|
heap
|
page read and write
|
||
|
1A6B6C50000
|
direct allocation
|
page read and write
|
||
|
1A6B4EB0000
|
heap
|
page read and write
|
||
|
7FFD9DA5B000
|
unkown
|
page readonly
|
||
|
7FFD94564000
|
unkown
|
page readonly
|
||
|
7FFDA2EA1000
|
unkown
|
page execute read
|
||
|
1A6B5100000
|
direct allocation
|
page read and write
|
||
|
1A6B5000000
|
direct allocation
|
page read and write
|
||
|
7FF79E16E000
|
unkown
|
page readonly
|
||
|
7FFD94284000
|
unkown
|
page readonly
|
||
|
7FFD94745000
|
unkown
|
page read and write
|
||
|
7FF615424000
|
unkown
|
page read and write
|
||
|
1C9BE5A4000
|
heap
|
page read and write
|
||
|
7FFD9F3B1000
|
unkown
|
page execute read
|
||
|
7FFD93E63000
|
unkown
|
page write copy
|
||
|
1A6B82D8000
|
heap
|
page read and write
|
||
|
7FFDA3AEF000
|
unkown
|
page readonly
|
||
|
7FFDA34A9000
|
unkown
|
page readonly
|
||
|
7FFD94659000
|
unkown
|
page readonly
|
||
|
1A6B8760000
|
direct allocation
|
page read and write
|
||
|
7FFD9DA40000
|
unkown
|
page readonly
|
||
|
1A6B8920000
|
direct allocation
|
page read and write
|
||
|
7FF7A0497000
|
unkown
|
page readonly
|
||
|
7FFDA3FD1000
|
unkown
|
page execute read
|
||
|
7FFDA33E0000
|
unkown
|
page readonly
|
||
|
7FF615418000
|
unkown
|
page read and write
|
||
|
7FFDA2EA0000
|
unkown
|
page readonly
|
||
|
7FFDA34A2000
|
unkown
|
page readonly
|
||
|
7FFD945F3000
|
unkown
|
page readonly
|
||
|
7FFD94743000
|
unkown
|
page write copy
|
||
|
7FFD9DEC0000
|
unkown
|
page readonly
|
||
|
7FF79F1BA000
|
unkown
|
page execute read
|
||
|
1A6B4F4F000
|
heap
|
page read and write
|
||
|
1C9BDBA4000
|
heap
|
page read and write
|
||
|
1A6B51E0000
|
direct allocation
|
page read and write
|
||
|
7FFDA2EA3000
|
unkown
|
page readonly
|
||
|
1A6B8200000
|
heap
|
page read and write
|
||
|
1A6B8100000
|
direct allocation
|
page read and write
|
||
|
1A6B50C0000
|
direct allocation
|
page read and write
|
||
|
958AFE4000
|
stack
|
page read and write
|
||
|
1C9BFD18000
|
heap
|
page read and write
|
||
|
1A6B6E68000
|
heap
|
page read and write
|
||
|
7FFD93548000
|
unkown
|
page readonly
|
||
|
1C9C0597000
|
heap
|
page read and write
|
||
|
1A6B8BAA000
|
heap
|
page read and write
|
||
|
1A6B70B0000
|
heap
|
page read and write
|
||
|
7FFDA416F000
|
unkown
|
page readonly
|
||
|
1A6B8A09000
|
heap
|
page read and write
|
||
|
7FFDA5496000
|
unkown
|
page read and write
|
||
|
7FFDA34D3000
|
unkown
|
page read and write
|
||
|
1A6B4FC5000
|
heap
|
page read and write
|
||
|
7FF615434000
|
unkown
|
page read and write
|
||
|
7FFD9F3CC000
|
unkown
|
page readonly
|
||
|
1A6B6F27000
|
heap
|
page read and write
|
||
|
7FFDA34B0000
|
unkown
|
page readonly
|
||
|
7FFDA3400000
|
unkown
|
page readonly
|
||
|
1C9C01D1000
|
heap
|
page read and write
|
||
|
1A6B4600000
|
heap
|
page read and write
|
||
|
7FF79E150000
|
unkown
|
page readonly
|
||
|
1C9BFA2B000
|
heap
|
page read and write
|
||
|
1A6B8D00000
|
direct allocation
|
page read and write
|
||
|
7FFDA3FD6000
|
unkown
|
page readonly
|
||
|
1A6B8B27000
|
heap
|
page read and write
|
||
|
7FFDA3401000
|
unkown
|
page execute read
|
||
|
1A6B4EC1000
|
heap
|
page read and write
|
||
|
7FF614891000
|
unkown
|
page execute read
|
||
|
7FFDA3341000
|
unkown
|
page execute read
|
||
|
7FFD93EC0000
|
unkown
|
page readonly
|
||
|
7FFDA0870000
|
unkown
|
page readonly
|
||
|
7FFD9407D000
|
unkown
|
page execute read
|
||
|
1C9BFDEA000
|
heap
|
page read and write
|
||
|
1A6B6F48000
|
heap
|
page read and write
|
||
|
1C9C0800000
|
heap
|
page read and write
|
||
|
7FFD9DF45000
|
unkown
|
page readonly
|
||
|
7FFD93FE0000
|
unkown
|
page readonly
|
||
|
1A6B4D00000
|
direct allocation
|
page read and write
|
||
|
1A6B4E9A000
|
heap
|
page read and write
|
||
|
1A6B88D0000
|
direct allocation
|
page read and write
|
||
|
1A6B8285000
|
heap
|
page read and write
|
||
|
1A6B5220000
|
direct allocation
|
page read and write
|
||
|
1A6B4D40000
|
direct allocation
|
page read and write
|
||
|
1A6B84A0000
|
direct allocation
|
page read and write
|
||
|
7FFD937D1000
|
unkown
|
page execute read
|
||
|
1A6B4E15000
|
heap
|
page read and write
|
||
|
1A6B4705000
|
heap
|
page read and write
|
||
|
1A6B8D30000
|
direct allocation
|
page read and write
|
||
|
7FFDA2EA5000
|
unkown
|
page readonly
|
||
|
1C9BF1C1000
|
heap
|
page read and write
|
||
|
1A6B46CB000
|
heap
|
page read and write
|
||
|
7FFD9DB61000
|
unkown
|
page execute read
|
||
|
7FFD94765000
|
unkown
|
page read and write
|
||
|
7FF614890000
|
unkown
|
page readonly
|
||
|
7FFD9DF40000
|
unkown
|
page readonly
|
||
|
1C9BFDB4000
|
heap
|
page read and write
|
||
|
7FFDA335A000
|
unkown
|
page read and write
|
||
|
7FF61544C000
|
unkown
|
page readonly
|
||
|
7FFDA46D4000
|
unkown
|
page readonly
|
||
|
1A6B84E0000
|
direct allocation
|
page read and write
|
||
|
1A6B8530000
|
direct allocation
|
page read and write
|
||
|
7FFDA3302000
|
unkown
|
page readonly
|
||
|
7FFD94331000
|
unkown
|
page execute read
|
||
|
7FF79E150000
|
unkown
|
page readonly
|
||
|
7FFD9473F000
|
unkown
|
page read and write
|
||
|
1A6B8B68000
|
heap
|
page read and write
|
||
|
7FFDA32F3000
|
unkown
|
page readonly
|
||
|
1A6B8291000
|
heap
|
page read and write
|
||
|
7FFDA0875000
|
unkown
|
page readonly
|
||
|
1A6B8A16000
|
heap
|
page read and write
|
||
|
7FFD9DB56000
|
unkown
|
page readonly
|
||
|
7FFD94749000
|
unkown
|
page read and write
|
||
|
1A6B8AAB000
|
heap
|
page read and write
|
||
|
7FFDA3A81000
|
unkown
|
page execute read
|
||
|
7FFD9DEB2000
|
unkown
|
page readonly
|
||
|
1A6B6D00000
|
direct allocation
|
page read and write
|
||
|
7FFD94635000
|
unkown
|
page readonly
|
||
|
1A6B4F80000
|
heap
|
page read and write
|
||
|
1A6B8A28000
|
heap
|
page read and write
|
||
|
7FF79FBBA000
|
unkown
|
page execute read
|
||
|
7FFDA3304000
|
unkown
|
page readonly
|
||
|
1C9BC130000
|
heap
|
page read and write
|
||
|
1A6B51A0000
|
direct allocation
|
page read and write
|
||
|
1A6B82C7000
|
heap
|
page read and write
|
||
|
7FFDA54E0000
|
unkown
|
page readonly
|
||
|
7FF79E181000
|
unkown
|
page read and write
|
||
|
1A6B4E8F000
|
heap
|
page read and write
|
||
|
1C9BFB04000
|
heap
|
page read and write
|
||
|
1A6B8000000
|
direct allocation
|
page read and write
|
||
|
7FF6153FF000
|
unkown
|
page read and write
|
||
|
1A6B8410000
|
direct allocation
|
page read and write
|
||
|
7FFDA5461000
|
unkown
|
page execute read
|
||
|
7FFD9E851000
|
unkown
|
page execute read
|
||
|
1A6B8B8B000
|
heap
|
page read and write
|
||
|
7FFD9E850000
|
unkown
|
page readonly
|
||
|
1A6B8040000
|
direct allocation
|
page read and write
|
||
|
1A6B8B3E000
|
heap
|
page read and write
|
||
|
1A6B83B8000
|
heap
|
page read and write
|
||
|
1C9BFB2F000
|
heap
|
page read and write
|
||
|
7FFD9DF35000
|
unkown
|
page readonly
|
||
|
7FFDA3EB6000
|
unkown
|
page readonly
|
||
|
1C9BC22F000
|
heap
|
page read and write
|
||
|
1A6B45C0000
|
direct allocation
|
page read and write
|
||
|
1C9BFD43000
|
heap
|
page read and write
|
||
|
7FFDA54F5000
|
unkown
|
page read and write
|
||
|
7FFD9F3DF000
|
unkown
|
page readonly
|
||
|
7FFD9DA45000
|
unkown
|
page readonly
|
||
|
1A6B6F23000
|
heap
|
page read and write
|
||
|
7FF79E1C5000
|
unkown
|
page execute read
|
||
|
7FFD9DB63000
|
unkown
|
page readonly
|
||
|
7FFDA5491000
|
unkown
|
page execute read
|
||
|
7FFD93E6C000
|
unkown
|
page write copy
|
||
|
1A6B4DC0000
|
direct allocation
|
page read and write
|
||
|
1A6B5040000
|
direct allocation
|
page read and write
|
||
|
1A6B6F5C000
|
heap
|
page read and write
|
||
|
1A6B7000000
|
heap
|
page read and write
|
||
|
7FFD9DF30000
|
unkown
|
page readonly
|
||
|
7FFD9DA43000
|
unkown
|
page readonly
|
||
|
1C9BFD11000
|
heap
|
page read and write
|
||
|
1C9BC050000
|
heap
|
page read and write
|
||
|
7FFD9F3D9000
|
unkown
|
page read and write
|
||
|
7FFD937B4000
|
unkown
|
page write copy
|
||
|
1C9BE7C1000
|
heap
|
page read and write
|
||
|
1A6B8ADE000
|
heap
|
page read and write
|
||
|
7FFDA33EC000
|
unkown
|
page read and write
|
||
|
1C9C01F6000
|
heap
|
page read and write
|
||
|
1A6B466B000
|
heap
|
page read and write
|
||
|
1A6B8B7F000
|
heap
|
page read and write
|
||
|
1A6B6B70000
|
direct allocation
|
page read and write
|
||
|
7FFD94740000
|
unkown
|
page write copy
|
||
|
1A6B6F82000
|
heap
|
page read and write
|
||
|
1A6B6E00000
|
heap
|
page read and write
|
||
|
7FFDA3472000
|
unkown
|
page execute read
|
||
|
7FFD9431F000
|
unkown
|
page readonly
|
||
|
1A6B4420000
|
heap
|
page read and write
|
||
|
7FFDA32F0000
|
unkown
|
page readonly
|
||
|
7FFDA34D4000
|
unkown
|
page readonly
|
||
|
7FFD937B5000
|
unkown
|
page read and write
|
||
|
7FFD9DEB1000
|
unkown
|
page execute read
|
||
|
1C9C053B000
|
heap
|
page read and write
|
||
|
7FFDA4338000
|
unkown
|
page readonly
|
||
|
1A6B8140000
|
direct allocation
|
page read and write
|
||
|
1C9BFB29000
|
heap
|
page read and write
|
||
|
7FFDA2E90000
|
unkown
|
page readonly
|
||
|
767E14F000
|
stack
|
page read and write
|
||
|
7FF79E18D000
|
unkown
|
page readonly
|
||
|
1A6B8A68000
|
heap
|
page read and write
|
||
|
7FFDA34BD000
|
unkown
|
page readonly
|
||
|
7FFD942AA000
|
unkown
|
page readonly
|
||
|
1C9BC160000
|
trusted library allocation
|
page read and write
|
||
|
7FFD93410000
|
unkown
|
page readonly
|
||
|
7FFDA3310000
|
unkown
|
page readonly
|
||
|
1C9C6950000
|
heap
|
page read and write
|
||
|
7FFDA5471000
|
unkown
|
page read and write
|
||
|
1A6B52A0000
|
direct allocation
|
page read and write
|
||
|
1A6B8A42000
|
heap
|
page read and write
|
||
|
7FFD9DB55000
|
unkown
|
page read and write
|
||
|
1A6B8A3B000
|
heap
|
page read and write
|
||
|
7FFD93575000
|
unkown
|
page read and write
|
||
|
1C9BC160000
|
heap
|
page read and write
|
||
|
1C9BC23E000
|
heap
|
page read and write
|
||
|
7FFD94705000
|
unkown
|
page read and write
|
||
|
7FFDA4161000
|
unkown
|
page execute read
|
||
|
7FF6153EF000
|
unkown
|
page read and write
|
||
|
1A6B8B68000
|
heap
|
page read and write
|
||
|
7FF7A0497000
|
unkown
|
page readonly
|
||
|
7FFD9DB60000
|
unkown
|
page readonly
|
||
|
7FFDA4340000
|
unkown
|
page readonly
|
||
|
7FFD9DEDE000
|
unkown
|
page readonly
|
||
|
1A6B6EC2000
|
heap
|
page read and write
|
||
|
767D6DE000
|
stack
|
page read and write
|
||
|
1A6B4702000
|
heap
|
page read and write
|
||
|
7FFDA4630000
|
unkown
|
page readonly
|
||
|
7FFDA3370000
|
unkown
|
page readonly
|
||
|
1A6B8281000
|
heap
|
page read and write
|
||
|
7FFDA4175000
|
unkown
|
page readonly
|
||
|
1A6B8CB0000
|
direct allocation
|
page read and write
|
||
|
7FFD93FE1000
|
unkown
|
page execute read
|
||
|
7FFDA5473000
|
unkown
|
page readonly
|
||
|
7FFD93576000
|
unkown
|
page write copy
|
||
|
7FFDA3AEC000
|
unkown
|
page read and write
|
||
|
7FFDA3EB1000
|
unkown
|
page execute read
|
||
|
7FFDA5460000
|
unkown
|
page readonly
|
||
|
7FFD9DEDA000
|
unkown
|
page read and write
|
||
|
1A6B8A10000
|
heap
|
page read and write
|
||
|
7FF79E17A000
|
unkown
|
page read and write
|
||
|
1A6B4B80000
|
direct allocation
|
page read and write
|
||
|
1A6B87A0000
|
direct allocation
|
page read and write
|
||
|
7FFD93F6E000
|
unkown
|
page readonly
|
||
|
7FFDA34CD000
|
unkown
|
page read and write
|
||
|
7FFD9E856000
|
unkown
|
page readonly
|
||
|
1A6B6E24000
|
heap
|
page read and write
|
||
|
1A6B6B20000
|
direct allocation
|
page read and write
|
||
|
7FF79E1BF000
|
unkown
|
page read and write
|
||
|
7FFD9F7F5000
|
unkown
|
page readonly
|
||
|
7FFD93FED000
|
unkown
|
page execute read
|
||
|
1A6B6F8C000
|
heap
|
page read and write
|
||
|
1A6B5140000
|
direct allocation
|
page read and write
|
||
|
1A6B4640000
|
heap
|
page read and write
|
||
|
7FFD94253000
|
unkown
|
page readonly
|
||
|
1A6B8389000
|
heap
|
page read and write
|
||
|
7FFD9DF41000
|
unkown
|
page execute read
|
||
|
7FFD9DB51000
|
unkown
|
page execute read
|
||
|
1A6B4440000
|
heap
|
page read and write
|
||
|
7FFDA34CE000
|
unkown
|
page write copy
|
||
|
1A6B4F3E000
|
heap
|
page read and write
|
||
|
7FFD9377A000
|
unkown
|
page readonly
|
||
|
1A6B6C90000
|
direct allocation
|
page read and write
|
||
|
7FFDA3A94000
|
unkown
|
page readonly
|
||
|
1A6B8180000
|
direct allocation
|
page read and write
|
||
|
7FFDA3336000
|
unkown
|
page readonly
|
||
|
7FFD9E847000
|
unkown
|
page readonly
|
||
|
1C9BFCE7000
|
heap
|
page read and write
|
||
|
7FFD9DEB0000
|
unkown
|
page readonly
|
||
|
7FFD9DA41000
|
unkown
|
page execute read
|
||
|
1A6B4E72000
|
heap
|
page read and write
|
||
|
1A6B46CD000
|
heap
|
page read and write
|
||
|
7FFD9431B000
|
unkown
|
page readonly
|
||
|
7FFDA0860000
|
unkown
|
page readonly
|
||
|
1C9BFD8E000
|
heap
|
page read and write
|
||
|
7FFDA3AE0000
|
unkown
|
page readonly
|
||
|
1A6B6D40000
|
direct allocation
|
page read and write
|
||
|
1A6B4B40000
|
direct allocation
|
page read and write
|
||
|
1A6B8820000
|
direct allocation
|
page read and write
|
||
|
1C9BC1D0000
|
heap
|
page read and write
|
||
|
1A6B46A8000
|
heap
|
page read and write
|
||
|
767CD5A000
|
stack
|
page read and write
|
||
|
7FFDA3497000
|
unkown
|
page read and write
|
||
|
1A6B52E0000
|
direct allocation
|
page read and write
|
||
|
7FFD9DF31000
|
unkown
|
page execute read
|
||
|
1A6B81C0000
|
direct allocation
|
page read and write
|
||
|
7FF79E17F000
|
unkown
|
page read and write
|
||
|
1A6B4CC0000
|
direct allocation
|
page read and write
|
||
|
7FF615428000
|
unkown
|
page read and write
|
||
|
1A6B6F12000
|
heap
|
page read and write
|
||
|
7FFDA4174000
|
unkown
|
page read and write
|
||
|
7FFD93E64000
|
unkown
|
page read and write
|
||
|
7FFDA3AE7000
|
unkown
|
page readonly
|
||
|
7FFDA3340000
|
unkown
|
page readonly
|
||
|
1A6B80C0000
|
direct allocation
|
page read and write
|
||
|
7FFD9DF33000
|
unkown
|
page readonly
|
||
|
7FF79F1BA000
|
unkown
|
page execute read
|
||
|
1A6B83CD000
|
heap
|
page read and write
|
||
|
7FFD9DB71000
|
unkown
|
page execute read
|
||
|
7FFD9378F000
|
unkown
|
page readonly
|
||
|
1A6B8A79000
|
heap
|
page read and write
|
||
|
1A6B8B93000
|
heap
|
page read and write
|
||
|
7FFD9E846000
|
unkown
|
page read and write
|
||
|
1A6B4E5B000
|
heap
|
page read and write
|
||
|
7FFDA3A92000
|
unkown
|
page read and write
|
||
|
1C9BFAAC000
|
heap
|
page read and write
|
||
|
7FFDA0861000
|
unkown
|
page execute read
|
||
|
7FFD93E76000
|
unkown
|
page readonly
|
||
|
7FFD9376A000
|
unkown
|
page readonly
|
||
|
1A6B4EE2000
|
heap
|
page read and write
|
||
|
7FF79FBBA000
|
unkown
|
page execute read
|
||
|
1C9BFCE5000
|
heap
|
page read and write
|
||
|
7FF61540E000
|
unkown
|
page read and write
|
||
|
7FFDA335E000
|
unkown
|
page readonly
|
||
|
7FFD93F22000
|
unkown
|
page readonly
|
||
|
7FFDA34B1000
|
unkown
|
page execute read
|
||
|
7FFDA2E93000
|
unkown
|
page readonly
|
||
|
7FFD9DF43000
|
unkown
|
page readonly
|
||
|
1A6B89B0000
|
direct allocation
|
page read and write
|
||
|
7FFD9DEB4000
|
unkown
|
page readonly
|
||
|
7FFD9E854000
|
unkown
|
page readonly
|
||
|
7FFDA0871000
|
unkown
|
page execute read
|
||
|
7FFD93732000
|
unkown
|
page readonly
|
||
|
7FFDA349C000
|
unkown
|
page readonly
|
||
|
7FFDA5497000
|
unkown
|
page readonly
|
||
|
7FFDA2E95000
|
unkown
|
page readonly
|
||
|
7FFDA3FDA000
|
unkown
|
page read and write
|
||
|
7FFDA46D1000
|
unkown
|
page execute read
|
||
|
7FFD93F72000
|
unkown
|
page readonly
|
||
|
1A6B8080000
|
direct allocation
|
page read and write
|
||
|
7FFD9DB65000
|
unkown
|
page readonly
|
||
|
1A6B8B23000
|
heap
|
page read and write
|
||
|
7FFDA3FD0000
|
unkown
|
page readonly
|
||
|
1C9BFDDD000
|
heap
|
page read and write
|
||
|
1A6B4E9F000
|
heap
|
page read and write
|
||
|
1A6B8450000
|
direct allocation
|
page read and write
|
||
|
7FF6153F5000
|
unkown
|
page read and write
|
||
|
7FFDA3329000
|
unkown
|
page readonly
|
||
|
1C9BFDD3000
|
heap
|
page read and write
|
||
|
7FFDA3474000
|
unkown
|
page readonly
|
||
|
7FFD94045000
|
unkown
|
page execute read
|
||
|
7FF79E151000
|
unkown
|
page execute read
|
||
|
958AFEB000
|
stack
|
page read and write
|
||
|
7FF6153DE000
|
unkown
|
page write copy
|
||
|
7FFDA5490000
|
unkown
|
page readonly
|
||
|
1A6B4697000
|
heap
|
page read and write
|
||
|
7FF6153FA000
|
unkown
|
page read and write
|
||
|
1A6B82B2000
|
heap
|
page read and write
|
||
|
1A6B6D80000
|
direct allocation
|
page read and write
|
||
|
1A6B8B7D000
|
heap
|
page read and write
|
||
|
7FF615291000
|
unkown
|
page execute read
|
||
|
7FFD9DA44000
|
unkown
|
page read and write
|
||
|
1A6B4F91000
|
heap
|
page read and write
|
||
|
7FF6153DE000
|
unkown
|
page read and write
|
||
|
1C9BC22F000
|
heap
|
page read and write
|
||
|
1A6B8A57000
|
heap
|
page read and write
|
||
|
1A6B6F24000
|
heap
|
page read and write
|
||
|
7FFD9406A000
|
unkown
|
page execute read
|
||
|
7FFD94226000
|
unkown
|
page execute read
|
||
|
1A6B6C10000
|
direct allocation
|
page read and write
|
||
|
1A6B6E9D000
|
heap
|
page read and write
|
||
|
1A6B8A8A000
|
heap
|
page read and write
|
||
|
7FFD9DB50000
|
unkown
|
page readonly
|
||
|
1A6B6BC0000
|
direct allocation
|
page read and write
|
||
|
7FF615291000
|
unkown
|
page execute read
|
||
|
7FFD93FD1000
|
unkown
|
page readonly
|
||
|
7FFDA32F1000
|
unkown
|
page execute read
|
||
|
1C9C053E000
|
heap
|
page read and write
|
||
|
7FFDA54F6000
|
unkown
|
page readonly
|
||
|
1A6B4FB4000
|
heap
|
page read and write
|
||
|
1A6B469A000
|
heap
|
page read and write
|
||
|
7FFDA3371000
|
unkown
|
page execute read
|
||
|
1C9BFB18000
|
heap
|
page read and write
|
||
|
7FF6153A7000
|
unkown
|
page readonly
|
||
|
7FFD93E72000
|
unkown
|
page read and write
|
||
|
1A6B6F13000
|
heap
|
page read and write
|
||
|
7FF61542D000
|
unkown
|
page read and write
|
||
|
1A6B8570000
|
direct allocation
|
page read and write
|
||
|
7FFDA0873000
|
unkown
|
page readonly
|
||
|
7FFDA3EB0000
|
unkown
|
page readonly
|
||
|
7FFD9DA51000
|
unkown
|
page execute read
|
||
|
7FFDA4DA1000
|
unkown
|
page execute read
|
||
|
1A6B4F1B000
|
heap
|
page read and write
|
||
|
7FFDA46D2000
|
unkown
|
page readonly
|
||
|
7FFDA4632000
|
unkown
|
page readonly
|
||
|
7FFDA5494000
|
unkown
|
page readonly
|
||
|
1A6B4E00000
|
heap
|
page read and write
|
||
|
1A6B83EE000
|
heap
|
page read and write
|
||
|
1C9BC1D8000
|
heap
|
page read and write
|
||
|
1A6B462B000
|
heap
|
page read and write
|
||
|
7FFD9DB54000
|
unkown
|
page readonly
|
||
|
7FFD937B6000
|
unkown
|
page write copy
|
||
|
1A6B6F9A000
|
heap
|
page read and write
|
||
|
1A6B7010000
|
heap
|
page read and write
|
||
|
1A6B87E0000
|
direct allocation
|
page read and write
|
||
|
7FFD9DB73000
|
unkown
|
page readonly
|
||
|
7FFDA33ED000
|
unkown
|
page write copy
|
||
|
7FFD9F7F1000
|
unkown
|
page execute read
|
||
|
7FFDA4331000
|
unkown
|
page execute read
|
||
|
7FFD9E840000
|
unkown
|
page readonly
|
||
|
1A6B6E13000
|
heap
|
page read and write
|
||
|
7FFD94228000
|
unkown
|
page readonly
|
||
|
1A6B6EE7000
|
heap
|
page read and write
|
||
|
7FF79E17D000
|
unkown
|
page read and write
|
||
|
7FFD937BB000
|
unkown
|
page read and write
|
||
|
1A6B5080000
|
direct allocation
|
page read and write
|
||
|
1A6B4613000
|
heap
|
page read and write
|
||
|
7FFD93FCB000
|
unkown
|
page readonly
|
||
|
7FFDA4DA3000
|
unkown
|
page readonly
|
||
|
7FFD9DF34000
|
unkown
|
page read and write
|
||
|
1A6B4658000
|
heap
|
page read and write
|
||
|
7FFD93FCF000
|
unkown
|
page read and write
|
||
|
7FFD9F7F0000
|
unkown
|
page readonly
|
||
|
7FFDA3301000
|
unkown
|
page execute read
|
||
|
7FFD9DED2000
|
unkown
|
page readonly
|
||
|
1A6B4D80000
|
direct allocation
|
page read and write
|
||
|
1C9BFB3C000
|
heap
|
page read and write
|
||
|
1A6B8860000
|
direct allocation
|
page read and write
|
||
|
7FFDA0864000
|
unkown
|
page readonly
|
||
|
1A6B4EF9000
|
heap
|
page read and write
|
||
|
7FFDA0862000
|
unkown
|
page readonly
|
||
|
7FFD942FF000
|
unkown
|
page readonly
|
||
|
1A6B8352000
|
heap
|
page read and write
|
||
|
7FFDA2E91000
|
unkown
|
page execute read
|
||
|
1A6B6E65000
|
heap
|
page read and write
|
||
|
1A6B85E0000
|
direct allocation
|
page read and write
|
||
|
7FFDA3300000
|
unkown
|
page readonly
|
||
|
7FF61541F000
|
unkown
|
page read and write
|
||
|
7FFD93EC6000
|
unkown
|
page readonly
|
||
|
7FF79EBC5000
|
unkown
|
page execute read
|
||
|
7FFD93590000
|
unkown
|
page readonly
|
||
|
7FFDA3A80000
|
unkown
|
page readonly
|
||
|
7FFD9DA50000
|
unkown
|
page readonly
|
||
|
1C9BDB90000
|
heap
|
page read and write
|
||
|
7FFDA2EA4000
|
unkown
|
page read and write
|
||
|
7FFD937BD000
|
unkown
|
page readonly
|
||
|
7FFDA54F1000
|
unkown
|
page readonly
|
||
|
1A6B5260000
|
direct allocation
|
page read and write
|
||
|
7FFDA3A8B000
|
unkown
|
page readonly
|
||
|
7FFD9E845000
|
unkown
|
page readonly
|
||
|
1A6B4610000
|
heap
|
page read and write
|
||
|
7FFDA33EE000
|
unkown
|
page read and write
|
||
|
7FFDA54E1000
|
unkown
|
page execute read
|
||
|
1A6B820B000
|
heap
|
page read and write
|
||
|
7FFDA46D0000
|
unkown
|
page readonly
|
||
|
1A6B6AE0000
|
direct allocation
|
page read and write
|
||
|
1A6B8ACD000
|
heap
|
page read and write
|
||
|
7FFDA4DA5000
|
unkown
|
page read and write
|
||
|
7FFDA3354000
|
unkown
|
page readonly
|
||
|
1A6B83FC000
|
heap
|
page read and write
|
||
|
7FFDA4DA0000
|
unkown
|
page readonly
|
||
|
7FFDA0874000
|
unkown
|
page read and write
|
||
|
7FF6153A7000
|
unkown
|
page readonly
|
||
|
7FFDA4330000
|
unkown
|
page readonly
|
||
|
1C9BC160000
|
trusted library allocation
|
page read and write
|
There are 502 hidden memdumps, click here to show them.