Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
IMG_3552.mp4
|
ISO Media, HEIF Image HEVC Main or Main Still Picture Profile
|
initial sample
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\AC\INetCache\7FA32KII\configuration[1].xml
|
XML 1.0 document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalCache\PlayReady\Cache\msprcore.bla
|
RAGE Package Format (RPF),
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalCache\PlayReady\mspr.hds
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\Database\anonymous\EntClientDb.edb
|
Extensible storage engine DataBase, version 0x620, checksum 0x540dbc3c, page size 8192, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\Database\anonymous\EntClientDb.jfm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\Database\anonymous\edb.chk
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\Database\anonymous\edb.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\Database\anonymous\edbres00001.jrs
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\Database\anonymous\edbres00002.jrs
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\Database\anonymous\edbtmp.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\Database\anonymous\tmp.edb
|
Extensible storage engine DataBase, version 0x620, checksum 0xe269de7d, page size 8192, JustCreated, Windows version 0.0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\SRPData.xml (copy)
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\LocalState\SRPData.xml.~tmp
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\Settings\settings.dat
|
MS Windows registry file, NT/2000 or above
|
dropped
|
||
|
C:\Users\user\AppData\Local\Packages\Microsoft.ZuneVideo_8wekyb3d8bbwe\Settings\settings.dat.LOG1
|
MS Windows registry file, NT/2000 or above
|
dropped
|
There are 6 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19071.19011.0_x64__8wekyb3d8bbwe\Video.UI.exe
|
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19071.19011.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://login.windows.local
|
unknown
|
||
|
https://login.windows.net
|
unknown
|
||
|
https://login.windows.local//
|
unknown
|
||
|
https://login.windows.net/
|
unknown
|
||
|
https://settings-ssl.xboxlive.com/XBLWinClient/v10_video/configuration.xmlte
|
unknown
|
||
|
http://schemas.xmlsoap.org/soap/http
|
unknown
|
||
|
http://dmd-ca-beta2/CertEnroll/dmd-ca-beta2_Microsoft%20Digital%20Media%20Authority%202005.crt0d
|
unknown
|
||
|
https://android.notify.windows.com/iOS
|
unknown
|
||
|
https://settings-ssl.xboxlive.com/XBLWinClient/v10_video/configuration.xml4
|
unknown
|
||
|
https://settings-ssl.xboxlive.com/.xml
|
unknown
|
||
|
https://xsts.auth.xboxlive.com
|
unknown
|
||
|
https://settings-ssl.xboxlive.com/XBLWinClient/v10_video/configuration.xml
|
unknown
|
||
|
https://activity.windows.com/UserActivity.ReadWrite.CreatedByApp
|
unknown
|
||
|
https://settings-ssl.xboxlive.com/
|
unknown
|
||
|
http://json-schema.org/draft-04/schema
|
unknown
|
||
|
https://settings-ssl.xboxlive.com/XBLWinClient/v10_video/configuration.xmle
|
unknown
|
||
|
http://dmd-ca-beta2/CertEnroll/Microsoft%20Digital%20Media%20Authority%202005.crl
|
unknown
|
||
|
https://xsts.auth.xboxlive.com/
|
unknown
|
There are 8 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
s-part-0036.t-0009.t-msedge.net
|
13.107.246.64
|
||
|
s-part-0017.t-0009.t-msedge.net
|
13.107.246.45
|
||
|
settings-ssl.xboxlive.com
|
unknown
|
||
|
18.31.95.13.in-addr.arpa
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
13.107.246.45
|
s-part-0017.t-0009.t-msedge.net
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\Configuration\GeneralSettings
|
LegacyConfigSettingsUserId
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\Configuration\MediaStore
|
LastOpenedDatabaseUserId
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\Configuration\Shell
|
EnabledFeatures
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\Configuration\GeneralSettings
|
HasLaunched
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\Configuration\Marketplace
|
MarketplaceCulture
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\PlayReady
|
SoftwareOverride
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\PlayReady
|
HardwareOverride
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\Configuration\Playback
|
EnableHardwareDrm
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\Configuration\Shell
|
RateAndReviewLastUsedRuleset
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\Configuration\Shell
|
RateAndReviewPromptShown
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.zunevideo_8wekyb3d8bbwe\Internet
Settings\Cache\Content
|
CachePrefix
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.zunevideo_8wekyb3d8bbwe\Internet
Settings\Cache\Content
|
CacheVersion
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.zunevideo_8wekyb3d8bbwe\Internet
Settings\Cache\Content
|
CacheLimit
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.zunevideo_8wekyb3d8bbwe\Internet
Settings\Cache\Cookies
|
CachePrefix
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.zunevideo_8wekyb3d8bbwe\Internet
Settings\Cache\Cookies
|
CacheVersion
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.zunevideo_8wekyb3d8bbwe\Internet
Settings\Cache\Cookies
|
CacheLimit
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.zunevideo_8wekyb3d8bbwe\Internet
Settings\Cache\History
|
CachePrefix
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.zunevideo_8wekyb3d8bbwe\Internet
Settings\Cache\History
|
CacheVersion
|
||
|
HKEY_CURRENT_USER_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.zunevideo_8wekyb3d8bbwe\Internet
Settings\Cache\History
|
CacheLimit
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\Configuration\GeneralSettings
|
LastVersionOfBackgroundTaskRegistered
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\Configuration\Service
|
LastSignedInUserId
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\Configuration\Service
|
LastSignInAccountRegion
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\Configuration\Service
|
LastSignedInUserExplicitPrivilege
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\Configuration\Service
|
LastSignedInUserCid
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\Configuration\Service
|
LastSignedInUserSignInName
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\Configuration\Service
|
LastSignedInUserFirstName
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\Configuration\Service
|
LastSignedInUserLastName
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\Configuration\Service
|
LastSignedInUserBrowseAge
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\Configuration\Service
|
LastSignedInUserUseAge
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\Configuration\Service
|
ConfigLastDownload
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\Configuration\GeneralSettings
|
ImageCleanupLastRun
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\anonymous\Configuration\Groveler
|
LastVideoLibraryGatherTime
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\anonymous\Configuration\Groveler
|
LastGrovelVideoCountWithIndexer
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\anonymous\Configuration\Groveler
|
IsFirstTimeGrovel
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\anonymous\Configuration\Groveler
|
FullGrovelCompleted
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\anonymous\Configuration\MDLC
|
HasForcedFullGrovelForVideosOnRs2
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\anonymous\Configuration\MDLC
|
LastTimeCollectionCharacteristicsCalculated
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\Configuration\GeneralSettings
|
CollectionBuildingTotalLocalItems
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\Configuration\GeneralSettings
|
CollectionBuildingTotalCloudItems
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\Configuration\Marketplace
|
MarketplaceCulture
|
||
|
\REGISTRY\A\{886257e9-2809-9b57-3c2c-cf12a61c8900}\LocalState\Configuration\Shell
|
EnabledFeatures
|
There are 31 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
199BE9B8000
|
unkown
|
page readonly
|
||
|
199BEBAD000
|
heap
|
page read and write
|
||
|
199BFB9D000
|
heap
|
page read and write
|
||
|
199BFBDB000
|
heap
|
page read and write
|
||
|
199BFD27000
|
heap
|
page read and write
|
||
|
199BEA72000
|
heap
|
page read and write
|
||
|
199BE7FE000
|
unkown
|
page write copy
|
||
|
199B2EE9000
|
heap
|
page read and write
|
||
|
199B4FF0000
|
trusted library allocation
|
page read and write
|
||
|
199B2F45000
|
heap
|
page read and write
|
||
|
199BE8D0000
|
trusted library allocation
|
page read and write
|
||
|
199BFD3C000
|
heap
|
page read and write
|
||
|
199BF000000
|
heap
|
page read and write
|
||
|
199B9170000
|
trusted library allocation
|
page read and write
|
||
|
199BFD25000
|
heap
|
page read and write
|
||
|
199BF125000
|
heap
|
page read and write
|
||
|
199BFE02000
|
heap
|
page read and write
|
||
|
199BE7F2000
|
unkown
|
page readonly
|
||
|
199BFD02000
|
heap
|
page read and write
|
||
|
199B9491000
|
trusted library allocation
|
page read and write
|
||
|
199BE6B0000
|
trusted library allocation
|
page read and write
|
||
|
199BF470000
|
trusted library allocation
|
page read and write
|
||
|
2BEA7FC000
|
stack
|
page read and write
|
||
|
199C2606000
|
unkown
|
page execute read
|
||
|
199C24BA000
|
heap
|
page read and write
|
||
|
199B5155000
|
heap
|
page read and write
|
||
|
199BE9BC000
|
unkown
|
page readonly
|
||
|
199B98D0000
|
trusted library section
|
page readonly
|
||
|
199BFD2E000
|
heap
|
page read and write
|
||
|
199BFD29000
|
heap
|
page read and write
|
||
|
199BD934000
|
trusted library allocation
|
page read and write
|
||
|
199BF560000
|
trusted library allocation
|
page read and write
|
||
|
199BF9C0000
|
trusted library allocation
|
page read and write
|
||
|
199BF230000
|
unkown
|
page readonly
|
||
|
199B2E78000
|
heap
|
page read and write
|
||
|
199C2250000
|
heap
|
page read and write
|
||
|
199C21E0000
|
trusted library allocation
|
page read and write
|
||
|
199B2F88000
|
heap
|
page read and write
|
||
|
199B9360000
|
heap
|
page read and write
|
||
|
199BFD3C000
|
heap
|
page read and write
|
||
|
199C2423000
|
heap
|
page read and write
|
||
|
199BFD39000
|
heap
|
page read and write
|
||
|
199C2160000
|
trusted library allocation
|
page read and write
|
||
|
199BE820000
|
trusted library allocation
|
page read and write
|
||
|
199B921A000
|
heap
|
page read and write
|
||
|
199B921F000
|
heap
|
page read and write
|
||
|
2BEAAFF000
|
stack
|
page read and write
|
||
|
199B98A0000
|
trusted library section
|
page readonly
|
||
|
199BEF00000
|
heap
|
page read and write
|
||
|
199B92A6000
|
heap
|
page read and write
|
||
|
199C2403000
|
heap
|
page read and write
|
||
|
199BF240000
|
trusted library allocation
|
page read and write
|
||
|
199C1010000
|
heap
|
page read and write
|
||
|
199BF200000
|
trusted library allocation
|
page read and write
|
||
|
199BFB28000
|
heap
|
page read and write
|
||
|
199BFF00000
|
heap
|
page read and write
|
||
|
199B2E9D000
|
heap
|
page read and write
|
||
|
199C2000000
|
heap
|
page read and write
|
||
|
199BF9A0000
|
unkown
|
page execute read
|
||
|
199B2FB5000
|
heap
|
page read and write
|
||
|
199BE3F8000
|
trusted library allocation
|
page read and write
|
||
|
199BF210000
|
trusted library allocation
|
page read and write
|
||
|
2BEB5FD000
|
stack
|
page read and write
|
||
|
199B5118000
|
heap
|
page read and write
|
||
|
199BF038000
|
heap
|
page read and write
|
||
|
199B2F7F000
|
heap
|
page read and write
|
||
|
199BFD4C000
|
heap
|
page read and write
|
||
|
2BEAEFA000
|
stack
|
page read and write
|
||
|
199BE440000
|
trusted library allocation
|
page read and write
|
||
|
199BFD02000
|
heap
|
page read and write
|
||
|
199C21FB000
|
unkown
|
page execute read
|
||
|
199B5130000
|
heap
|
page read and write
|
||
|
199C225E000
|
heap
|
page read and write
|
||
|
199B2F13000
|
heap
|
page read and write
|
||
|
199BEAEC000
|
heap
|
page read and write
|
||
|
199B9246000
|
heap
|
page read and write
|
||
|
199B2E42000
|
heap
|
page read and write
|
||
|
199BE610000
|
trusted library allocation
|
page read and write
|
||
|
199BE8B0000
|
trusted library allocation
|
page read and write
|
||
|
199B2E53000
|
heap
|
page read and write
|
||
|
199BFD36000
|
heap
|
page read and write
|
||
|
199C2200000
|
heap
|
page read and write
|
||
|
199C24B2000
|
heap
|
page read and write
|
||
|
199B5124000
|
heap
|
page read and write
|
||
|
199BE93A000
|
unkown
|
page readonly
|
||
|
199C2070000
|
trusted library allocation
|
page read and write
|
||
|
199BFD29000
|
heap
|
page read and write
|
||
|
199BF9F0000
|
heap
|
page read and write
|
||
|
199C2070000
|
trusted library allocation
|
page read and write
|
||
|
199BFA02000
|
heap
|
page read and write
|
||
|
199BD930000
|
trusted library allocation
|
page read and write
|
||
|
199C24A2000
|
heap
|
page read and write
|
||
|
199B9381000
|
heap
|
page read and write
|
||
|
199BFB22000
|
heap
|
page read and write
|
||
|
199B2ED3000
|
heap
|
page read and write
|
||
|
199BFD25000
|
heap
|
page read and write
|
||
|
199BE890000
|
trusted library allocation
|
page read and write
|
||
|
199BFE00000
|
heap
|
page read and write
|
||
|
199BFD29000
|
heap
|
page read and write
|
||
|
199B2E2E000
|
heap
|
page read and write
|
||
|
199B2E32000
|
heap
|
page read and write
|
||
|
199BFC00000
|
heap
|
page read and write
|
||
|
199BF250000
|
trusted library allocation
|
page read and write
|
||
|
199C0010000
|
heap
|
page read and write
|
||
|
199BFF13000
|
heap
|
page read and write
|
||
|
2BE9CFF000
|
stack
|
page read and write
|
||
|
199B9050000
|
heap
|
page readonly
|
||
|
199BE3F0000
|
trusted library allocation
|
page read and write
|
||
|
199BE94C000
|
unkown
|
page read and write
|
||
|
199B2FA0000
|
heap
|
page read and write
|
||
|
199BE7A0000
|
unkown
|
page readonly
|
||
|
199BF145000
|
heap
|
page read and write
|
||
|
2BEABFC000
|
stack
|
page read and write
|
||
|
199BE856000
|
unkown
|
page readonly
|
||
|
199B2EE3000
|
heap
|
page read and write
|
||
|
199B5002000
|
heap
|
page read and write
|
||
|
199B2FAC000
|
heap
|
page read and write
|
||
|
199B9218000
|
heap
|
page read and write
|
||
|
2BE9FFD000
|
stack
|
page read and write
|
||
|
199BE840000
|
unkown
|
page readonly
|
||
|
199BE7DA000
|
unkown
|
page read and write
|
||
|
199B2C40000
|
heap
|
page read and write
|
||
|
199BECB0000
|
trusted library allocation
|
page read and write
|
||
|
199C0010000
|
heap
|
page read and write
|
||
|
199B2F5A000
|
heap
|
page read and write
|
||
|
199BF580000
|
heap
|
page read and write
|
||
|
199BF440000
|
trusted library allocation
|
page read and write
|
||
|
199BFA00000
|
heap
|
page read and write
|
||
|
199C1010000
|
heap
|
page read and write
|
||
|
199C246A000
|
heap
|
page read and write
|
||
|
199B2C50000
|
heap
|
page read and write
|
||
|
199C21D0000
|
unkown
|
page execute read
|
||
|
199B51C9000
|
heap
|
page read and write
|
||
|
199B2FFA000
|
heap
|
page read and write
|
||
|
199C21D7000
|
unkown
|
page execute read
|
||
|
199BF320000
|
trusted library allocation
|
page read and write
|
||
|
199BFE13000
|
heap
|
page read and write
|
||
|
199B9211000
|
heap
|
page read and write
|
||
|
199BF2A0000
|
trusted library allocation
|
page read and write
|
||
|
199BE81C000
|
unkown
|
page readonly
|
||
|
199C0010000
|
heap
|
page read and write
|
||
|
2BE98FB000
|
stack
|
page read and write
|
||
|
199BF260000
|
trusted library allocation
|
page read and write
|
||
|
199BFE20000
|
heap
|
page read and write
|
||
|
199C2228000
|
heap
|
page read and write
|
||
|
199BFB1B000
|
heap
|
page read and write
|
||
|
199C2180000
|
unkown
|
page execute read
|
||
|
199BEFE3000
|
heap
|
page read and write
|
||
|
199C1010000
|
heap
|
page read and write
|
||
|
199BFD25000
|
heap
|
page read and write
|
||
|
2BEB9FC000
|
stack
|
page read and write
|
||
|
199BF296000
|
unkown
|
page readonly
|
||
|
199BFE20000
|
heap
|
page read and write
|
||
|
199B2FA0000
|
heap
|
page read and write
|
||
|
199B2FF6000
|
heap
|
page read and write
|
||
|
199BEFAA000
|
heap
|
page read and write
|
||
|
199BF9C0000
|
heap
|
page read and write
|
||
|
199BFF02000
|
heap
|
page read and write
|
||
|
199BFB1B000
|
heap
|
page read and write
|
||
|
199C2443000
|
heap
|
page read and write
|
||
|
199B2FA8000
|
heap
|
page read and write
|
||
|
199BF350000
|
trusted library allocation
|
page read and write
|
||
|
199BFD52000
|
heap
|
page read and write
|
||
|
199BFD25000
|
heap
|
page read and write
|
||
|
199BE7C0000
|
unkown
|
page readonly
|
||
|
199B2E55000
|
heap
|
page read and write
|
||
|
199BEA13000
|
heap
|
page read and write
|
||
|
199BF280000
|
trusted library allocation
|
page read and write
|
||
|
199C2050000
|
remote allocation
|
page read and write
|
||
|
199BF1F4000
|
heap
|
page read and write
|
||
|
199BEDF8000
|
unkown
|
page readonly
|
||
|
199BFC02000
|
heap
|
page read and write
|
||
|
199BE790000
|
trusted library allocation
|
page read and write
|
||
|
199BF232000
|
unkown
|
page readonly
|
||
|
199BFBC2000
|
heap
|
page read and write
|
||
|
199B2E00000
|
heap
|
page read and write
|
||
|
199BE7EA000
|
unkown
|
page readonly
|
||
|
199BFB02000
|
heap
|
page read and write
|
||
|
199BEDF2000
|
unkown
|
page readonly
|
||
|
199BE7B0000
|
trusted library allocation
|
page read and write
|
||
|
199BEA91000
|
heap
|
page read and write
|
||
|
2BEB2FF000
|
stack
|
page read and write
|
||
|
199BF230000
|
trusted library allocation
|
page read and write
|
||
|
199BF980000
|
trusted library allocation
|
page read and write
|
||
|
199BFBFC000
|
heap
|
page read and write
|
||
|
199BF9E0000
|
trusted library allocation
|
page read and write
|
||
|
199BFC02000
|
heap
|
page read and write
|
||
|
199C1010000
|
heap
|
page read and write
|
||
|
199C2247000
|
heap
|
page read and write
|
||
|
199C225E000
|
heap
|
page read and write
|
||
|
199BE7F8000
|
unkown
|
page readonly
|
||
|
199B2FE8000
|
heap
|
page read and write
|
||
|
199BFE31000
|
heap
|
page read and write
|
||
|
199B2FF9000
|
heap
|
page read and write
|
||
|
199BF151000
|
heap
|
page read and write
|
||
|
199BFE20000
|
heap
|
page read and write
|
||
|
199BEFDA000
|
heap
|
page read and write
|
||
|
199B51EA000
|
heap
|
page read and write
|
||
|
199BE8D8000
|
unkown
|
page readonly
|
||
|
199BE910000
|
trusted library allocation
|
page read and write
|
||
|
2BE9DFC000
|
stack
|
page read and write
|
||
|
199BFD5D000
|
heap
|
page read and write
|
||
|
199BF246000
|
unkown
|
page readonly
|
||
|
199BEFA0000
|
heap
|
page read and write
|
||
|
199BE6B0000
|
trusted library allocation
|
page read and write
|
||
|
199BE950000
|
trusted library allocation
|
page read and write
|
||
|
199BFBE3000
|
heap
|
page read and write
|
||
|
199C0010000
|
heap
|
page read and write
|
||
|
199C21E6000
|
unkown
|
page execute read
|
||
|
199BF240000
|
trusted library allocation
|
page read and write
|
||
|
199C2150000
|
unkown
|
page execute read
|
||
|
199BF9B0000
|
trusted library allocation
|
page read and write
|
||
|
199B2EE5000
|
heap
|
page read and write
|
||
|
199B934F000
|
heap
|
page read and write
|
||
|
199C2302000
|
heap
|
page read and write
|
||
|
199BECC0000
|
trusted library allocation
|
page read and write
|
||
|
199BE7C2000
|
unkown
|
page readonly
|
||
|
2BEA2FC000
|
stack
|
page read and write
|
||
|
199BFD2A000
|
heap
|
page read and write
|
||
|
199B5111000
|
heap
|
page read and write
|
||
|
199B93A1000
|
heap
|
page read and write
|
||
|
199BFD25000
|
heap
|
page read and write
|
||
|
199BFA02000
|
heap
|
page read and write
|
||
|
199C246E000
|
heap
|
page read and write
|
||
|
199C2269000
|
heap
|
page read and write
|
||
|
199BE85C000
|
unkown
|
page readonly
|
||
|
199BF9C0000
|
trusted library allocation
|
page read and write
|
||
|
199BE7E2000
|
unkown
|
page readonly
|
||
|
199BF460000
|
trusted library allocation
|
page read and write
|
||
|
199B923B000
|
heap
|
page read and write
|
||
|
2BEB4FD000
|
stack
|
page read and write
|
||
|
199BD910000
|
trusted library allocation
|
page read and write
|
||
|
2BEBAF8000
|
stack
|
page read and write
|
||
|
199B9900000
|
trusted library allocation
|
page read and write
|
||
|
199BE960000
|
trusted library allocation
|
page read and write
|
||
|
199C225B000
|
heap
|
page read and write
|
||
|
199BF460000
|
trusted library allocation
|
page read and write
|
||
|
199BFB77000
|
heap
|
page read and write
|
||
|
199BE6B0000
|
trusted library allocation
|
page read and write
|
||
|
199B2FF5000
|
heap
|
page read and write
|
||
|
199B2F23000
|
heap
|
page read and write
|
||
|
199BE8C0000
|
trusted library allocation
|
page read and write
|
||
|
199BE7E0000
|
unkown
|
page readonly
|
||
|
2BEADFA000
|
stack
|
page read and write
|
||
|
7DF44BAF1000
|
trusted library allocation
|
page execute read
|
||
|
199BED76000
|
unkown
|
page execute read
|
||
|
199C2295000
|
heap
|
page read and write
|
||
|
199B2F5E000
|
heap
|
page read and write
|
||
|
199C2190000
|
unkown
|
page execute read
|
||
|
199BE816000
|
unkown
|
page readonly
|
||
|
199B91C1000
|
trusted library allocation
|
page read and write
|
||
|
199BF460000
|
trusted library allocation
|
page read and write
|
||
|
199BF9B0000
|
trusted library allocation
|
page read and write
|
||
|
199BFD02000
|
heap
|
page read and write
|
||
|
2BEB3FB000
|
stack
|
page read and write
|
||
|
199BF24C000
|
unkown
|
page readonly
|
||
|
199BF1A3000
|
heap
|
page read and write
|
||
|
199BF1AF000
|
heap
|
page read and write
|
||
|
199B2F47000
|
heap
|
page read and write
|
||
|
199BE948000
|
unkown
|
page readonly
|
||
|
199BEA76000
|
heap
|
page read and write
|
||
|
199BFD00000
|
heap
|
page read and write
|
||
|
199B2F0F000
|
heap
|
page read and write
|
||
|
199BFB13000
|
heap
|
page read and write
|
||
|
199C2460000
|
heap
|
page read and write
|
||
|
199BEA9B000
|
heap
|
page read and write
|
||
|
199BE861000
|
trusted library allocation
|
page read and write
|
||
|
199C2186000
|
unkown
|
page execute read
|
||
|
199B9400000
|
trusted library allocation
|
page read and write
|
||
|
199BE8A0000
|
trusted library allocation
|
page read and write
|
||
|
199BFC02000
|
heap
|
page read and write
|
||
|
199BF151000
|
heap
|
page read and write
|
||
|
199BE7AA000
|
unkown
|
page readonly
|
||
|
199BFD25000
|
heap
|
page read and write
|
||
|
199BFB94000
|
heap
|
page read and write
|
||
|
199B9231000
|
heap
|
page read and write
|
||
|
2BEBDFB000
|
stack
|
page read and write
|
||
|
199BFD2B000
|
heap
|
page read and write
|
||
|
199B511F000
|
heap
|
page read and write
|
||
|
199BEE02000
|
heap
|
page read and write
|
||
|
199BE850000
|
unkown
|
page readonly
|
||
|
199B2C70000
|
heap
|
page read and write
|
||
|
199B2E8C000
|
heap
|
page read and write
|
||
|
199C21E0000
|
unkown
|
page execute read
|
||
|
199C2050000
|
remote allocation
|
page read and write
|
||
|
2BEA6F9000
|
stack
|
page read and write
|
||
|
199B9190000
|
trusted library allocation
|
page read and write
|
||
|
2BEC1FF000
|
stack
|
page read and write
|
||
|
199C21C2000
|
unkown
|
page execute read
|
||
|
199B935C000
|
heap
|
page read and write
|
||
|
199BE942000
|
unkown
|
page readonly
|
||
|
199BF560000
|
trusted library allocation
|
page read and write
|
||
|
199B2FA8000
|
heap
|
page read and write
|
||
|
199C2267000
|
heap
|
page read and write
|
||
|
199BE850000
|
trusted library allocation
|
page read and write
|
||
|
199BF9C0000
|
trusted library allocation
|
page read and write
|
||
|
199B9262000
|
heap
|
page read and write
|
||
|
199B51F6000
|
heap
|
page read and write
|
||
|
199BEBEC000
|
heap
|
page read and write
|
||
|
199BE7F0000
|
trusted library allocation
|
page read and write
|
||
|
199B925D000
|
heap
|
page read and write
|
||
|
199B938A000
|
heap
|
page read and write
|
||
|
199BF350000
|
trusted library allocation
|
page read and write
|
||
|
199BE610000
|
trusted library allocation
|
page read and write
|
||
|
199B2FC6000
|
heap
|
page read and write
|
||
|
199BFD57000
|
heap
|
page read and write
|
||
|
199BE7E0000
|
trusted library allocation
|
page read and write
|
||
|
199B5162000
|
heap
|
page read and write
|
||
|
199B2EDF000
|
heap
|
page read and write
|
||
|
199BFA02000
|
heap
|
page read and write
|
||
|
199BFB9B000
|
heap
|
page read and write
|
||
|
199BE880000
|
trusted library allocation
|
page read and write
|
||
|
2BEA8F9000
|
stack
|
page read and write
|
||
|
199B2E13000
|
heap
|
page read and write
|
||
|
199BE3D0000
|
trusted library allocation
|
page read and write
|
||
|
199C2010000
|
heap
|
page read and write
|
||
|
199BE920000
|
trusted library allocation
|
page read and write
|
||
|
199BF9C0000
|
trusted library allocation
|
page read and write
|
||
|
199BF460000
|
trusted library allocation
|
page read and write
|
||
|
199C1000000
|
heap
|
page read and write
|
||
|
199BE84C000
|
unkown
|
page readonly
|
||
|
199B51F2000
|
heap
|
page read and write
|
||
|
199BE9B0000
|
trusted library allocation
|
page read and write
|
||
|
199BF294000
|
unkown
|
page read and write
|
||
|
199C21F0000
|
unkown
|
page execute read
|
||
|
199C24BF000
|
heap
|
page read and write
|
||
|
199B2ED7000
|
heap
|
page read and write
|
||
|
199BF140000
|
heap
|
page read and write
|
||
|
199C24CA000
|
heap
|
page read and write
|
||
|
199BEBCE000
|
heap
|
page read and write
|
||
|
199BFD3A000
|
heap
|
page read and write
|
||
|
199BFD33000
|
heap
|
page read and write
|
||
|
199C245F000
|
heap
|
page read and write
|
||
|
199B9249000
|
heap
|
page read and write
|
||
|
199BE9E0000
|
trusted library allocation
|
page read and write
|
||
|
2BEAFFF000
|
stack
|
page read and write
|
||
|
199BFB1B000
|
heap
|
page read and write
|
||
|
199BFD25000
|
heap
|
page read and write
|
||
|
199B5013000
|
heap
|
page read and write
|
||
|
199B98B0000
|
trusted library section
|
page readonly
|
||
|
199B2FA8000
|
heap
|
page read and write
|
||
|
199B51F4000
|
heap
|
page read and write
|
||
|
199BE610000
|
trusted library allocation
|
page read and write
|
||
|
199C2170000
|
unkown
|
page execute read
|
||
|
199BF0CA000
|
heap
|
page read and write
|
||
|
199B2FC0000
|
heap
|
page read and write
|
||
|
199C2458000
|
heap
|
page read and write
|
||
|
199BFF13000
|
heap
|
page read and write
|
||
|
2BE97FF000
|
stack
|
page read and write
|
||
|
199B5109000
|
heap
|
page read and write
|
||
|
199BE970000
|
trusted library allocation
|
page read and write
|
||
|
199B9778000
|
trusted library allocation
|
page read and write
|
||
|
199B98E0000
|
trusted library section
|
page readonly
|
||
|
199B2DD0000
|
trusted library allocation
|
page read and write
|
||
|
199BEFAC000
|
heap
|
page read and write
|
||
|
2BE96FE000
|
stack
|
page read and write
|
||
|
199B98F0000
|
trusted library section
|
page readonly
|
||
|
199BEF38000
|
heap
|
page read and write
|
||
|
199C1010000
|
heap
|
page read and write
|
||
|
199BFB00000
|
heap
|
page read and write
|
||
|
2BE9EFE000
|
stack
|
page read and write
|
||
|
2BE92F9000
|
stack
|
page read and write
|
||
|
199BF1F5000
|
heap
|
page read and write
|
||
|
199C226E000
|
heap
|
page read and write
|
||
|
199B9200000
|
heap
|
page read and write
|
||
|
199BD970000
|
trusted library allocation
|
page read and write
|
||
|
199B2ECF000
|
heap
|
page read and write
|
||
|
199BF9B0000
|
trusted library allocation
|
page read and write
|
||
|
199BE730000
|
trusted library allocation
|
page read and write
|
||
|
2BEBBF9000
|
stack
|
page read and write
|
||
|
199BF9C0000
|
trusted library allocation
|
page read and write
|
||
|
199C1010000
|
heap
|
page read and write
|
||
|
199BE41C000
|
trusted library allocation
|
page read and write
|
||
|
199C249A000
|
heap
|
page read and write
|
||
|
2BEA5FA000
|
stack
|
page read and write
|
||
|
2BEACF8000
|
stack
|
page read and write
|
||
|
199B5160000
|
heap
|
page read and write
|
||
|
199BE810000
|
unkown
|
page read and write
|
||
|
199BF460000
|
trusted library allocation
|
page read and write
|
||
|
199BEDB0000
|
heap
|
page read and write
|
||
|
199BF470000
|
trusted library allocation
|
page read and write
|
||
|
199BFB90000
|
heap
|
page read and write
|
||
|
199BECD0000
|
trusted library allocation
|
page read and write
|
||
|
199B9392000
|
heap
|
page read and write
|
||
|
2BEC3FE000
|
stack
|
page read and write
|
||
|
199B51C4000
|
heap
|
page read and write
|
||
|
199BF240000
|
trusted library allocation
|
page read and write
|
||
|
199BFBDD000
|
heap
|
page read and write
|
||
|
199C0010000
|
heap
|
page read and write
|
||
|
199BEAE1000
|
heap
|
page read and write
|
||
|
199BD93B000
|
trusted library allocation
|
page read and write
|
||
|
199BE880000
|
trusted library allocation
|
page read and write
|
||
|
199B2EC6000
|
heap
|
page read and write
|
||
|
199BED70000
|
unkown
|
page execute read
|
||
|
199B2DE0000
|
heap
|
page read and write
|
||
|
2BEA4FB000
|
stack
|
page read and write
|
||
|
199BF1DC000
|
heap
|
page read and write
|
||
|
199BE9BA000
|
unkown
|
page write copy
|
||
|
199BEA00000
|
heap
|
page read and write
|
||
|
199BF470000
|
trusted library allocation
|
page read and write
|
||
|
199BEA60000
|
heap
|
page read and write
|
||
|
2BEBCFB000
|
stack
|
page read and write
|
||
|
199BF210000
|
trusted library allocation
|
page read and write
|
||
|
199C2233000
|
heap
|
page read and write
|
||
|
199B5100000
|
heap
|
page read and write
|
||
|
199BFB2C000
|
heap
|
page read and write
|
||
|
199BFD26000
|
heap
|
page read and write
|
||
|
7DF44BAE1000
|
trusted library allocation
|
page execute read
|
||
|
199B2FCF000
|
heap
|
page read and write
|
||
|
199BF240000
|
unkown
|
page readonly
|
||
|
199BE730000
|
trusted library allocation
|
page read and write
|
||
|
199B2E9A000
|
heap
|
page read and write
|
||
|
199BFD25000
|
heap
|
page read and write
|
||
|
199C241F000
|
heap
|
page read and write
|
||
|
199BEB13000
|
heap
|
page read and write
|
||
|
199BF23A000
|
unkown
|
page readonly
|
||
|
199BE7A2000
|
unkown
|
page readonly
|
||
|
2BEA1FC000
|
stack
|
page read and write
|
||
|
199BF470000
|
trusted library allocation
|
page read and write
|
||
|
2BEB8FA000
|
stack
|
page read and write
|
||
|
199BE7F0000
|
trusted library allocation
|
page read and write
|
||
|
199BE94E000
|
unkown
|
page readonly
|
||
|
199BF350000
|
trusted library allocation
|
page read and write
|
||
|
2BE94FA000
|
stack
|
page read and write
|
||
|
199BEE13000
|
heap
|
page read and write
|
||
|
199BE600000
|
trusted library allocation
|
page read and write
|
||
|
199C1010000
|
heap
|
page read and write
|
||
|
199B2FA0000
|
heap
|
page read and write
|
||
|
199B91F0000
|
trusted library allocation
|
page read and write
|
||
|
199C21F0000
|
trusted library allocation
|
page read and write
|
||
|
199BF1DB000
|
heap
|
page read and write
|
||
|
199BE846000
|
unkown
|
page read and write
|
||
|
199BFB12000
|
heap
|
page read and write
|
||
|
199C0010000
|
heap
|
page read and write
|
||
|
199BEBC5000
|
heap
|
page read and write
|
||
|
199BF460000
|
trusted library allocation
|
page read and write
|
||
|
199B2F34000
|
heap
|
page read and write
|
||
|
199BED60000
|
heap
|
page read and write
|
||
|
199BE970000
|
trusted library allocation
|
page read and write
|
||
|
199C21B0000
|
unkown
|
page execute read
|
||
|
199B47A0000
|
trusted library allocation
|
page read and write
|
||
|
199B2F61000
|
heap
|
page read and write
|
||
|
199BFB02000
|
heap
|
page read and write
|
||
|
199C1010000
|
heap
|
page read and write
|
||
|
199B2EEC000
|
heap
|
page read and write
|
||
|
2BEA0FC000
|
stack
|
page read and write
|
||
|
199B5136000
|
heap
|
page read and write
|
||
|
199BF1FC000
|
heap
|
page read and write
|
||
|
199BF05D000
|
heap
|
page read and write
|
||
|
199B9740000
|
trusted library allocation
|
page read and write
|
||
|
199C2444000
|
heap
|
page read and write
|
||
|
199BFC02000
|
heap
|
page read and write
|
||
|
199BD900000
|
trusted library allocation
|
page read and write
|
||
|
199BFD6C000
|
heap
|
page read and write
|
||
|
199B98C0000
|
trusted library section
|
page readonly
|
||
|
2BE93FF000
|
stack
|
page read and write
|
||
|
199B2FE1000
|
heap
|
page read and write
|
||
|
199C2400000
|
heap
|
page read and write
|
||
|
199BE43E000
|
trusted library allocation
|
page read and write
|
||
|
199BF350000
|
trusted library allocation
|
page read and write
|
||
|
199C2476000
|
heap
|
page read and write
|
||
|
199BF990000
|
trusted library allocation
|
page read and write
|
||
|
199BFA02000
|
heap
|
page read and write
|
||
|
199C220A000
|
heap
|
page read and write
|
||
|
199BFD25000
|
heap
|
page read and write
|
||
|
199BFD29000
|
heap
|
page read and write
|
||
|
199C0010000
|
heap
|
page read and write
|
||
|
199BFD6A000
|
heap
|
page read and write
|
||
|
199BF990000
|
trusted library allocation
|
page read and write
|
||
|
199BFD66000
|
heap
|
page read and write
|
||
|
199BE7CA000
|
unkown
|
page read and write
|
||
|
199BD960000
|
trusted library allocation
|
page read and write
|
||
|
199C2050000
|
remote allocation
|
page read and write
|
||
|
2BEBFFF000
|
stack
|
page read and write
|
||
|
199BFB23000
|
heap
|
page read and write
|
||
|
199C2486000
|
heap
|
page read and write
|
||
|
2BE8D6B000
|
stack
|
page read and write
|
||
|
199B2ECA000
|
heap
|
page read and write
|
||
|
199BFD3E000
|
heap
|
page read and write
|
||
|
2BEA9FC000
|
stack
|
page read and write
|
||
|
199BE9B2000
|
unkown
|
page readonly
|
||
|
2BEB7FF000
|
stack
|
page read and write
|
||
|
199BF350000
|
trusted library allocation
|
page read and write
|
||
|
199BF9C0000
|
trusted library allocation
|
page read and write
|
||
|
199C2257000
|
heap
|
page read and write
|
||
|
199BF9B0000
|
trusted library allocation
|
page read and write
|
||
|
199B51E0000
|
heap
|
page read and write
|
||
|
199BF560000
|
trusted library allocation
|
page read and write
|
||
|
199C21A3000
|
unkown
|
page execute read
|
||
|
199BF200000
|
trusted library allocation
|
page read and write
|
||
|
199BF9A0000
|
trusted library allocation
|
page read and write
|
||
|
199B921D000
|
heap
|
page read and write
|
||
|
2BE95F4000
|
stack
|
page read and write
|
||
|
199BECF0000
|
trusted library allocation
|
page read and write
|
||
|
199BFA02000
|
heap
|
page read and write
|
||
|
199BFD44000
|
heap
|
page read and write
|
||
|
199B513A000
|
heap
|
page read and write
|
||
|
2BEACF5000
|
stack
|
page read and write
|
||
|
199BE9D0000
|
trusted library allocation
|
page read and write
|
||
|
199B2F0A000
|
heap
|
page read and write
|
||
|
199C228B000
|
heap
|
page read and write
|
||
|
199B2EE7000
|
heap
|
page read and write
|
||
|
199BFD3A000
|
heap
|
page read and write
|
||
|
199C0010000
|
heap
|
page read and write
|
||
|
199BF470000
|
trusted library allocation
|
page read and write
|
||
|
199BF350000
|
trusted library allocation
|
page read and write
|
||
|
199C21E0000
|
trusted library allocation
|
page read and write
|
||
|
199BEDD0000
|
heap
|
page read and write
|
||
|
199BE8D2000
|
unkown
|
page read and write
|
||
|
199BFD25000
|
heap
|
page read and write
|
||
|
199BEA56000
|
heap
|
page read and write
|
||
|
2BEA3FC000
|
stack
|
page read and write
|
||
|
199C24C2000
|
heap
|
page read and write
|
There are 503 hidden memdumps, click here to show them.