Automated Malware Analysis IOC Report for

Details

Name:	00000000.00000002.1761835638.0000000003F18000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3F18000
Size:	294912

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected RedLine Stealer	Stealing of Sensitive Information, Remote Access Functionality
Sample file is different than original file name gathered from version info	System Summary
Yara detected Credential Stealer	Stealing of Sensitive Information
Yara signature match	System Summary

Details

Name:	00000008.00000002.1870267028.0000000000402000.00000040.00000400.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	remote allocation
Protect:	page execute and read and write
Base address:	402000
Size:	102400

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected RedLine Stealer	Stealing of Sensitive Information, Remote Access Functionality
Sample file is different than original file name gathered from version info	System Summary
Yara detected Credential Stealer	Stealing of Sensitive Information
Yara signature match	System Summary
URLs found in memory or binary data	Networking

Details

Name:	0000000A.00000002.1858249007.0000000004399000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4399000
Size:	294912

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected RedLine Stealer	Stealing of Sensitive Information, Remote Access Functionality
Yara detected Credential Stealer	Stealing of Sensitive Information
Yara signature match	System Summary
URLs found in memory or binary data	Networking

Details

Name:	0000000A.00000002.1856213505.0000000003200000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3200000
Size:	4096

Details

Name:	00000008.00000002.1888865416.000000000615F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	615F000
Size:	4096

Details

Name:	0000000E.00000002.1980798117.00000000053BE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	53BE000
Size:	8192

Details

Name:	0000000A.00000002.1859996199.0000000007F9D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7F9D000
Size:	12288

Details

Name:	00000008.00000002.1891769773.0000000006510000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6510000
Size:	65536

Details

Name:	00000008.00000002.1893872425.00000000075A0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	75A0000
Size:	65536

Details

Name:	00000008.00000002.1888522859.00000000058EE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	58EE000
Size:	8192

Details

Name:	00000008.00000002.1874724428.00000000029DA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	29DA000
Size:	24576

Details

Name:	0000000A.00000002.1855511496.0000000001A1D000.00000040.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	1A1D000
Size:	4096

Details

Name:	0000000E.00000002.1972529480.0000000003DD3000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3DD3000
Size:	8192

Details

Name:	00000008.00000002.1880037858.0000000003A82000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3A82000
Size:	176128

Details

Name:	0000000E.00000002.1986278766.0000000006826000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6826000
Size:	4096

Details

Name:	0000000A.00000002.1860311038.000000007EFD0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7EFD0000
Size:	4096

Details

Name:	0000000E.00000002.1972529480.0000000003FFB000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3FFB000
Size:	4096

Details

Name:	00000008.00000002.1880037858.0000000003E5C000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3E5C000
Size:	8192

Details

Name:	0000000E.00000002.1982303761.00000000055F0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	55F0000
Size:	65536

Details

Name:	00000000.00000002.1760419322.0000000002CAD000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	2CAD000
Size:	4096

Details

Name:	00000008.00000002.1893162659.0000000006D4C000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6D4C000
Size:	4096

Details

Name:	0000000C.00000002.1832128189.00000000027EF000.00000004.00000001.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	27EF000
Size:	4096

Details

Name:	0000000E.00000002.1964054721.0000000000E3E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	E3E000
Size:	8192

Details

Name:	00000008.00000002.1880037858.0000000003AD5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3AD5000
Size:	4096

Details

Name:	0000000E.00000002.1980861382.00000000054C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	54C0000
Size:	36864

Details

Name:	00000008.00000002.1887377909.0000000005420000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5420000
Size:	65536

Details

Name:	0000000E.00000002.1983319239.00000000061FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	61FE000
Size:	8192

Details

Name:	0000000A.00000002.1859133545.0000000005AE0000.00000040.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	5AE0000
Size:	4096

Details

Name:	00000008.00000002.1894206842.0000000007620000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7620000
Size:	65536

Details

Name:	0000000E.00000002.1985618224.00000000067C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	67C0000
Size:	65536

Details

Name:	00000000.00000002.1759976093.00000000010A4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	10A4000
Size:	12288

Details

Name:	00000008.00000002.1880037858.0000000003E85000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3E85000
Size:	4096

Details

Name:	0000000E.00000002.1966151891.0000000003079000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3079000
Size:	12288

Details

Name:	0000000A.00000002.1855572888.0000000001A26000.00000040.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	1A26000
Size:	8192

Details

Name:	0000000E.00000002.1980417100.00000000050FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	50FE000
Size:	8192

Details

Name:	00000008.00000002.1880037858.0000000003BE4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3BE4000
Size:	8192

Details

Name:	00000008.00000002.1874340287.000000000124E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	124E000
Size:	8192

Details

Name:	00000008.00000002.1871636462.0000000000E99000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	E99000
Size:	212992

Details

Name:	00000008.00000002.1894281511.0000000007630000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7630000
Size:	65536

Details

Name:	0000000A.00000002.1855760702.0000000001A70000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1A70000
Size:	32768

Details

Name:	00000008.00000002.1871636462.0000000000ED1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	ED1000
Size:	4096

Details

Name:	0000000E.00000002.1965905708.0000000002A90000.00000040.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	2A90000
Size:	4096

Details

Name:	0000000A.00000002.1860239421.00000000086BE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	86BE000
Size:	8192

Details

Name:	0000000A.00000002.1856342329.0000000003331000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3331000
Size:	348160

Details

Name:	0000000A.00000002.1855485738.0000000001A13000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1A13000
Size:	12288

Details

Name:	0000000E.00000002.1983461300.0000000006442000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6442000
Size:	106496

Details

Name:	0000000A.00000002.1856104003.00000000031E0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	31E0000
Size:	57344

Details

Name:	0000000E.00000002.1985409496.00000000067A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	67A0000
Size:	65536

Details

Name:	00000008.00000002.1892301183.000000000695E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	695E000
Size:	8192

Details

Name:	0000000E.00000002.1966151891.00000000030DC000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	30DC000
Size:	774144

Details

Name:	00000000.00000002.1760220047.0000000001290000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1290000
Size:	4096

Details

Name:	00000008.00000002.1880037858.0000000003C4A000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3C4A000
Size:	270336

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.1760874196.0000000002D80000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2D80000
Size:	57344

Details

Name:	00000008.00000002.1890939572.00000000063B0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	63B0000
Size:	16384

Details

Name:	0000000A.00000002.1858249007.0000000004331000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4331000
Size:	28672

Details

Name:	00000008.00000002.1875131842.0000000002ED9000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2ED9000
Size:	147456

Details

Name:	00000000.00000002.1760790465.0000000002D30000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D30000
Size:	4096

Details

Name:	00000008.00000002.1874504150.000000000296E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	296E000
Size:	8192

Details

Name:	0000000E.00000002.1985147634.00000000066D0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	66D0000
Size:	4096

Details

Name:	00000000.00000002.1760402535.0000000002CA4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CA4000
Size:	4096

Details

Name:	00000008.00000002.1870718359.0000000000CE0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CE0000
Size:	8192

Details

Name:	0000000A.00000002.1860045129.00000000080DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	80DE000
Size:	8192

Details

Name:	0000000E.00000002.1987333037.0000000006EE0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6EE0000
Size:	65536

Details

Name:	0000000A.00000002.1858559290.0000000005770000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5770000
Size:	12288

Details

Name:	00000008.00000002.1886119594.000000000506F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	506F000
Size:	4096

Details

Name:	0000000A.00000002.1858531320.000000000542C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	542C000
Size:	16384

Details

Name:	0000000E.00000002.1963901950.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	DF5000
Size:	16384

Details

Name:	0000000C.00000002.1832080089.00000000026FA000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	26FA000
Size:	24576

Details

Name:	0000000E.00000002.1972529480.0000000003FDF000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3FDF000
Size:	4096

Details

Name:	00000000.00000002.1767476504.0000000008EBE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8EBE000
Size:	8192

Details

Name:	0000000E.00000002.1965457253.00000000029B3000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	29B3000
Size:	4096

Details

Name:	00000008.00000002.1873963591.000000000103B000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	103B000
Size:	8192

Details

Name:	00000008.00000002.1870539828.0000000000C5E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	C5E000
Size:	8192

Details

Name:	0000000E.00000002.1964113488.0000000000F4E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	F4E000
Size:	8192

Details

Name:	00000008.00000002.1893162659.0000000006D4F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6D4F000
Size:	8192

Details

Name:	00000008.00000002.1875131842.0000000002F2F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F2F000
Size:	12288

Details

Name:	00000000.00000002.1760587854.0000000002CD0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CD0000
Size:	4096

Details

Name:	0000000E.00000002.1965198972.0000000001050000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1050000
Size:	12288

Details

Name:	0000000E.00000002.1987152909.0000000006C6F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6C6F000
Size:	4096

Details

Name:	00000008.00000002.1893993904.00000000075E0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	75E0000
Size:	4096

Details

Name:	0000000E.00000002.1982553629.0000000005620000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5620000
Size:	65536

Details

Name:	0000000E.00000002.1984126632.00000000064D4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	64D4000
Size:	8192

Details

Name:	0000000A.00000002.1859195196.0000000005CC0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5CC0000
Size:	12288

Details

Name:	00000000.00000002.1760502124.0000000002CC0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CC0000
Size:	4096

Details

Name:	00000008.00000002.1874368676.0000000001256000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1256000
Size:	16384

Details

Name:	00000008.00000002.1887515766.000000000544D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	544D000
Size:	12288

Details

Name:	00000000.00000002.1760302042.00000000013DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	13DE000
Size:	8192

Details

Name:	0000000E.00000002.1972529480.0000000003C57000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3C57000
Size:	20480

Details

Name:	0000000E.00000002.1985147634.00000000066D5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	66D5000
Size:	45056

Details

Name:	00000008.00000002.1880037858.0000000003ADC000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3ADC000
Size:	4096

Details

Name:	0000000E.00000002.1965720746.00000000029E2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	29E2000
Size:	4096

Details

Name:	00000000.00000002.1760476754.0000000002CBD000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	2CBD000
Size:	4096

Details

Name:	0000000E.00000002.1980732047.000000000527E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	527E000
Size:	8192

Details

Name:	0000000E.00000002.1972529480.0000000003BF2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3BF2000
Size:	12288

Details

Name:	0000000A.00000002.1855979006.0000000003130000.00000040.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	3130000
Size:	4096

Details

Name:	0000000E.00000002.1984272617.00000000064ED000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	64ED000
Size:	8192

Details

Name:	00000008.00000002.1880037858.0000000003BF1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3BF1000
Size:	274432

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000008.00000002.1891846623.000000000657D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	657D000
Size:	12288

Details

Name:	00000008.00000002.1893562045.000000000738B000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	738B000
Size:	20480

Details

Name:	00000000.00000002.1761835638.000000000408E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	408E000
Size:	1540096

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000000.00000002.1759317214.0000000001018000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1018000
Size:	16384

Details

Name:	00000000.00000002.1758909390.0000000000CAA000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	CAA000
Size:	24576

Details

Name:	00000005.00000002.1737500445.000000000311E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	311E000
Size:	8192

Details

Name:	00000005.00000002.1734491981.0000000002CCD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2CCD000
Size:	12288

Details

Name:	00000008.00000002.1870612671.0000000000CAE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	CAE000
Size:	8192

Details

Name:	0000000E.00000002.1966031179.0000000002BB0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2BB0000
Size:	8192

Details

Name:	00000008.00000002.1875036518.0000000002A31000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2A31000
Size:	61440

Details

Name:	00000008.00000002.1870267028.0000000000400000.00000040.00000400.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	remote allocation
Protect:	page execute and read and write
Base address:	400000
Size:	4096

Details

Name:	0000000E.00000002.1980765860.000000000537E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	537E000
Size:	8192

Details

Name:	00000008.00000002.1875131842.0000000002AE1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2AE1000
Size:	4096

Details

Name:	00000008.00000002.1871507102.0000000000E26000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	E26000
Size:	40960

Details

Name:	00000008.00000002.1892854745.0000000006D09000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6D09000
Size:	28672

Details

Name:	00000008.00000002.1873944268.0000000001037000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	1037000
Size:	4096

Details

Name:	00000008.00000002.1886422312.000000000521E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	521E000
Size:	8192

Details

Name:	00000008.00000002.1886498134.0000000005320000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5320000
Size:	36864

Details

Name:	00000000.00000002.1764020088.0000000005FB0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5FB0000
Size:	176128

Details

Name:	0000000E.00000002.1989469648.0000000008280000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	8280000
Size:	4096

Details

Name:	0000000A.00000002.1854827025.00000000013FE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	13FE000
Size:	98304

Details

Name:	00000000.00000002.1763418762.00000000054A2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	54A2000
Size:	57344

Details

Name:	0000000A.00000002.1856342329.000000000350E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	350E000
Size:	90112

Details

Name:	0000000E.00000002.1988421006.000000000776B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	776B000
Size:	12288

Details

Name:	0000000E.00000002.1980465558.0000000005204000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5204000
Size:	20480

Details

Name:	0000000E.00000002.1972529480.0000000004029000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4029000
Size:	4096

Details

Name:	0000000E.00000002.1986278766.0000000006834000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6834000
Size:	8192

Details

Name:	0000000E.00000002.1972529480.0000000004000000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4000000
Size:	20480

Details

Name:	00000008.00000002.1874368676.0000000001250000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1250000
Size:	16384

Details

Name:	00000008.00000002.1875131842.0000000002CD8000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CD8000
Size:	4096

Details

Name:	00000008.00000002.1890533784.0000000006332000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6332000
Size:	57344

Details

Name:	00000000.00000002.1760003930.00000000010E2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	10E2000
Size:	184320

Details

Name:	00000000.00000002.1768042526.000000007F6C0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7F6C0000
Size:	4096

Details

Name:	0000000A.00000002.1859041427.0000000005AC0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5AC0000
Size:	65536

Details

Name:	0000000E.00000002.1963796788.00000000009BB000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	9BB000
Size:	20480

Details

Name:	0000000A.00000002.1855274363.00000000016FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	16FE000
Size:	8192

Details

Name:	0000000A.00000002.1859874291.0000000007D1F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7D1F000
Size:	4096

Details

Name:	0000000E.00000002.1972529480.0000000004017000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4017000
Size:	4096

Details

Name:	00000000.00000002.1767184149.0000000008AFE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8AFE000
Size:	8192

Details

Name:	00000000.00000002.1760565760.0000000002CCA000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	2CCA000
Size:	4096

Details

Name:	0000000A.00000002.1858559290.00000000057A2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	57A2000
Size:	49152

Details

Name:	00000008.00000002.1875131842.0000000002F07000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F07000
Size:	151552

Details

Name:	00000000.00000002.1764442545.0000000006019000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6019000
Size:	12288

Details

Name:	0000000E.00000002.1989178229.0000000007956000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7956000
Size:	12288

Details

Name:	00000008.00000002.1887515766.000000000544A000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	544A000
Size:	8192

Details

Name:	0000000E.00000002.1987211432.0000000006D9E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6D9E000
Size:	8192

Details

Name:	0000000E.00000002.1984950222.0000000006690000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6690000
Size:	4096

Details

Name:	00000008.00000002.1870467657.0000000000B40000.00000004.00000020.00040000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	B40000
Size:	4096

Details

Name:	00000008.00000002.1893162659.0000000006D61000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6D61000
Size:	8192

Details

Name:	00000000.00000002.1763634562.000000000565C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	565C000
Size:	16384

Details

Name:	00000008.00000002.1891556173.0000000006500000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6500000
Size:	4096

Details

Name:	00000008.00000002.1871636462.0000000000EDA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	EDA000
Size:	348160

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	0000000E.00000002.1966056071.0000000002BC0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2BC0000
Size:	65536

Details

Name:	0000000A.00000002.1855452089.000000000187F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	187F000
Size:	4096

Details

Name:	0000000A.00000002.1855685024.0000000001A3B000.00000040.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	1A3B000
Size:	4096

Details

Name:	0000000E.00000002.1965806488.0000000002A00000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2A00000
Size:	4096

Details

Name:	0000000A.00000002.1855897669.0000000003120000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3120000
Size:	4096

Details

Name:	0000000E.00000002.1985954591.00000000067F0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	67F0000
Size:	65536

Details

Name:	00000008.00000002.1871636462.0000000000E62000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	E62000
Size:	4096

Details

Name:	0000000A.00000002.1858853283.0000000005812000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5812000
Size:	57344

Details

Name:	0000000E.00000002.1972529480.000000000401C000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	401C000
Size:	20480

Details

Name:	00000008.00000002.1893162659.0000000006D66000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6D66000
Size:	4096

Details

Name:	00000008.00000002.1892771034.0000000006CF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6CF0000
Size:	61440

Details

Name:	0000000E.00000002.1989363884.000000000817E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	817E000
Size:	8192

Details

Name:	00000008.00000002.1889839980.00000000062EF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	62EF000
Size:	28672

Details

Name:	0000000E.00000002.1986278766.0000000006848000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6848000
Size:	4096

Details

Name:	00000008.00000002.1887972423.00000000054FD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	54FD000
Size:	12288

Details

Name:	00000008.00000002.1880037858.0000000003A7E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3A7E000
Size:	12288

Details

Name:	00000008.00000002.1893090419.0000000006D30000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	6D30000
Size:	65536

Details

Name:	00000000.00000002.1762890875.00000000053D0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	53D0000
Size:	12288

Details

Name:	00000008.00000002.1880037858.0000000003A51000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3A51000
Size:	49152

Details

Name:	00000008.00000002.1871186365.0000000000E03000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	E03000
Size:	4096

Details

Name:	0000000E.00000002.1980581031.0000000005210000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5210000
Size:	4096

Details

Name:	00000005.00000002.1737650472.00000000033CA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	33CA000
Size:	106496

Details

Name:	0000000A.00000002.1859411876.000000000654E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	654E000
Size:	8192

Details

Name:	0000000A.00000002.1860094565.000000000832B000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	832B000
Size:	20480

Details

Name:	0000000E.00000002.1983403537.0000000006400000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6400000
Size:	4096

Details

Name:	0000000E.00000002.1980465558.000000000520A000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	520A000
Size:	24576

Details

Name:	0000000E.00000002.1964081219.0000000000E40000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	E40000
Size:	16384

Details

Name:	0000000E.00000002.1980861382.00000000054EE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	54EE000
Size:	8192

Details

Name:	0000000E.00000002.1980861382.00000000054E2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	54E2000
Size:	36864

Details

Name:	00000000.00000002.1760003930.00000000010AA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	10AA000
Size:	16384

Details

Name:	00000000.00000002.1759317214.0000000001044000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1044000
Size:	20480

Details

Name:	00000008.00000002.1887246499.00000000053C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	53C0000
Size:	53248

Details

Name:	00000000.00000002.1763956323.00000000059B1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	59B1000
Size:	49152

Details

Name:	0000000E.00000002.1965950945.0000000002BA0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	2BA0000
Size:	65536

Details

Name:	00000008.00000002.1890503847.000000000632E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	632E000
Size:	8192

Details

Name:	0000000E.00000002.1985351374.000000000674E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	674E000
Size:	8192

Details

Name:	00000008.00000002.1893162659.0000000006D44000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6D44000
Size:	4096

Details

Name:	00000008.00000002.1886498134.000000000534E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	534E000
Size:	8192

Details

Name:	0000000E.00000002.1964139932.0000000000F86000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	F86000
Size:	114688

Details

Name:	0000000A.00000002.1859478146.000000000659D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	659D000
Size:	12288

Details

Name:	00000000.00000002.1760628304.0000000002CD7000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	2CD7000
Size:	4096

Details

Name:	00000000.00000002.1760948240.0000000002D90000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2D90000
Size:	16384

Details

Name:	00000008.00000002.1893162659.0000000006D46000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6D46000
Size:	4096

Details

Name:	00000000.00000002.1763982338.00000000059C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	59C0000
Size:	65536

Details

Name:	00000008.00000002.1871636462.0000000000ED6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	ED6000
Size:	4096

Details

Name:	00000008.00000002.1890066516.00000000062FD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	62FD000
Size:	57344

Details

Name:	0000000E.00000002.1972529480.0000000003BE1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3BE1000
Size:	49152

Details

Name:	0000000E.00000002.1965536048.00000000029C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	29C0000
Size:	28672

Details

Name:	00000008.00000002.1891037661.00000000064DA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	64DA000
Size:	8192

Details

Name:	0000000A.00000002.1856342329.00000000034C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	34C0000
Size:	315392

Details

Name:	00000008.00000002.1892657412.0000000006B2D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6B2D000
Size:	12288

Details

Name:	00000008.00000002.1875131842.0000000002AA1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2AA1000
Size:	114688

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	0000000E.00000002.1987509041.00000000075A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	75A0000
Size:	65536

Details

Name:	00000000.00000002.1761163536.0000000002EB1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2EB1000
Size:	348160

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary
URLs found in memory or binary data	Networking

Details

Name:	0000000E.00000002.1988337182.000000000775C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	775C000
Size:	49152

Details

Name:	0000000C.00000002.1832112146.00000000027AE000.00000004.00000001.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	27AE000
Size:	8192

Details

Name:	00000008.00000002.1880037858.0000000003A62000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3A62000
Size:	8192

Details

Name:	00000008.00000002.1885959369.0000000004A58000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4A58000
Size:	4096

Details

Name:	00000008.00000002.1894021226.00000000075F0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	75F0000
Size:	4096

Details

Name:	00000008.00000002.1874883118.00000000029F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	29F0000
Size:	4096

Details

Name:	0000000E.00000002.1981486051.0000000005520000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5520000
Size:	65536

Details

Name:	00000000.00000000.1670279738.0000000000C10000.00000002.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	C10000
Size:	8192

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	0000000E.00000002.1986828906.0000000006B0E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6B0E000
Size:	8192

Details

Name:	0000000E.00000002.1980465558.0000000005200000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5200000
Size:	12288

Details

Name:	0000000E.00000002.1988469379.000000000776F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	776F000
Size:	24576

Details

Name:	00000008.00000002.1888010827.0000000005500000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	5500000
Size:	65536

Details

Name:	0000000E.00000002.1982118414.0000000005590000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5590000
Size:	53248

Details

Name:	0000000E.00000002.1987627917.00000000075B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	75B0000
Size:	65536

Details

Name:	00000008.00000002.1887743956.0000000005460000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5460000
Size:	65536

Details

Name:	0000000C.00000002.1832172535.0000000002A5B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A5B000
Size:	90112

Details

Name:	00000000.00000002.1760362830.0000000002CA0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CA0000
Size:	4096

Details

Name:	00000008.00000002.1886498134.0000000005336000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5336000
Size:	45056

Details

Name:	00000000.00000002.1762890875.00000000053F6000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	53F6000
Size:	16384

Details

Name:	0000000C.00000002.1832259865.0000000002D60000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D60000
Size:	16384

Details

Name:	00000000.00000002.1762890875.0000000005402000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5402000
Size:	49152

Details

Name:	0000000E.00000002.1965581601.00000000029CD000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	29CD000
Size:	4096

Details

Name:	00000008.00000002.1887445727.0000000005430000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5430000
Size:	65536

Details

Name:	0000000E.00000002.1964139932.0000000000FF9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	FF9000
Size:	352256

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	0000000E.00000002.1982923787.00000000056D0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	56D0000
Size:	65536

Details

Name:	0000000E.00000002.1989284276.000000000812E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	812E000
Size:	8192

Details

Name:	00000000.00000002.1762890875.00000000053F1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	53F1000
Size:	16384

Details

Name:	0000000E.00000002.1980383175.0000000004D7D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4D7D000
Size:	12288

Details

Name:	00000008.00000002.1886152785.00000000050AE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	50AE000
Size:	8192

Details

Name:	0000000E.00000002.1965625470.00000000029D2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	29D2000
Size:	4096

Details

Name:	0000000A.00000002.1858559290.000000000579D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	579D000
Size:	16384

Details

Name:	00000000.00000002.1763758018.0000000005870000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	5870000
Size:	65536

Details

Name:	00000008.00000002.1894361608.0000000007660000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7660000
Size:	8192

Details

Name:	0000000A.00000002.1859174764.0000000005CB0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	5CB0000
Size:	4096

Details

Name:	00000000.00000002.1763397990.0000000005490000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5490000
Size:	8192

Details

Name:	00000008.00000002.1875102208.0000000002A40000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A40000
Size:	4096

Details

Name:	0000000E.00000002.1987014137.0000000006B40000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6B40000
Size:	65536

Details

Name:	0000000A.00000002.1859782080.000000000791E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	791E000
Size:	8192

Details

Name:	00000008.00000002.1894627404.0000000007A10000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7A10000
Size:	4096

Details

Name:	00000008.00000002.1880037858.0000000003E88000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3E88000
Size:	4096

Details

Name:	0000000E.00000002.1972529480.0000000003D65000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3D65000
Size:	20480

Details

Name:	00000008.00000002.1875131842.0000000002DF7000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2DF7000
Size:	372736

Details

Name:	00000008.00000002.1887814038.0000000005470000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	5470000
Size:	65536

Details

Name:	0000000E.00000002.1965743553.00000000029E5000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	29E5000
Size:	4096

Details

Name:	0000000E.00000002.1965283512.00000000011C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	11C0000
Size:	20480

Details

Name:	00000000.00000000.1670214684.0000000000B62000.00000002.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	B62000
Size:	708608

Details

Name:	0000000E.00000002.1980606718.0000000005220000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5220000
Size:	65536

Details

Name:	00000008.00000002.1891037661.00000000064EF000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	64EF000
Size:	4096

Details

Name:	0000000A.00000002.1856213505.0000000003203000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3203000
Size:	8192

Details

Name:	00000008.00000002.1880037858.0000000003A74000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3A74000
Size:	8192

Details

Name:	00000000.00000002.1762870336.000000000508C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	508C000
Size:	16384

Details

Name:	00000008.00000002.1891037661.00000000064C9000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	64C9000
Size:	8192

Details

Name:	0000000A.00000002.1860150693.0000000008430000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	8430000
Size:	4096

Details

Name:	00000008.00000002.1892456442.0000000006AEA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6AEA000
Size:	188416

Details

Name:	0000000E.00000002.1972529480.0000000003C0C000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3C0C000
Size:	8192

Details

Name:	00000008.00000002.1891999575.00000000065EF000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	65EF000
Size:	4096

Details

Name:	00000008.00000002.1880037858.0000000003CA2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3CA2000
Size:	1605632

Details

Name:	00000008.00000002.1893599290.00000000073D0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	73D0000
Size:	65536

Details

Name:	00000000.00000002.1760765175.0000000002D20000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2D20000
Size:	65536

Details

Name:	00000008.00000002.1886498134.0000000005351000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5351000
Size:	49152

Details

Name:	00000008.00000002.1892426784.0000000006AE0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6AE0000
Size:	4096

Details

Name:	0000000E.00000002.1984624118.0000000006530000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	6530000
Size:	65536

Details

Name:	0000000E.00000002.1980861382.00000000054D6000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	54D6000
Size:	45056

Details

Name:	00000008.00000002.1890066516.000000000630C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	630C000
Size:	65536

Details

Name:	0000000E.00000002.1964139932.0000000000F50000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	F50000
Size:	163840

Details

Name:	00000008.00000002.1880037858.0000000003BDF000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3BDF000
Size:	8192

Details

Name:	00000000.00000002.1760725454.0000000002D10000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2D10000
Size:	65536

Details

Name:	0000000E.00000002.1982763857.0000000005640000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	5640000
Size:	65536

Details

Name:	00000008.00000002.1894505351.00000000079AE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	79AE000
Size:	8192

Details

Name:	0000000E.00000002.1989436351.000000000827E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	827E000
Size:	8192

Details

Name:	0000000A.00000002.1859089196.0000000005AD0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	5AD0000
Size:	65536

Details

Name:	00000000.00000002.1767257886.0000000008C3F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8C3F000
Size:	4096

Details

Name:	0000000E.00000002.1972529480.0000000003E31000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3E31000
Size:	1601536

Details

Name:	00000000.00000002.1767550378.00000000090FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	90FE000
Size:	8192

Details

Name:	00000008.00000002.1891395307.00000000064F4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	64F4000
Size:	36864

Details

Name:	00000000.00000002.1767621007.000000000936C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	936C000
Size:	16384

Details

Name:	00000000.00000002.1762890875.00000000053EE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	53EE000
Size:	4096

Details

Name:	0000000E.00000002.1984339778.00000000064F8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	64F8000
Size:	8192

Details

Name:	0000000E.00000002.1972529480.0000000004014000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4014000
Size:	4096

Details

Name:	00000000.00000002.1763715202.0000000005860000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5860000
Size:	65536

Details

Name:	00000000.00000002.1764827174.00000000062B0000.00000004.08000000.00040000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library section
Protect:	page read and write
Base address:	62B0000
Size:	368640

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000008.00000002.1880037858.0000000003EA3000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3EA3000
Size:	1855488

Details

Name:	0000000E.00000002.1982657027.0000000005630000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5630000
Size:	65536

Details

Name:	0000000E.00000002.1983613093.000000000647C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	647C000
Size:	49152

Details

Name:	00000008.00000002.1880037858.0000000003E4D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3E4D000
Size:	4096

Details

Name:	0000000E.00000002.1983069663.00000000057E0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	57E0000
Size:	36864

Details

Name:	00000000.00000002.1763418762.00000000054A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	54A0000
Size:	4096

Details

Name:	0000000E.00000002.1972529480.0000000003C05000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3C05000
Size:	8192

Details

Name:	00000008.00000002.1874368676.000000000125B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	125B000
Size:	16384

Details

Name:	0000000E.00000002.1984950222.0000000006692000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6692000
Size:	8192

Details

Name:	00000008.00000002.1888702155.0000000005932000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5932000
Size:	12288

Details

Name:	0000000A.00000002.1859834529.0000000007B1F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7B1F000
Size:	4096

Details

Name:	00000000.00000002.1763799902.0000000005880000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5880000
Size:	12288

Details

Name:	0000000E.00000002.1972529480.0000000003DCC000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3DCC000
Size:	8192

Details

Name:	00000008.00000002.1871636462.0000000000E4E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	E4E000
Size:	40960

Details

Name:	0000000E.00000002.1972529480.0000000004030000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4030000
Size:	4096

Details

Name:	00000008.00000002.1880037858.0000000003ACF000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3ACF000
Size:	8192

Details

Name:	0000000A.00000002.1859334013.00000000062D0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	62D0000
Size:	4096

Details

Name:	00000000.00000002.1760874196.0000000002D8F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2D8F000
Size:	4096

Details

Name:	0000000E.00000002.1983238247.0000000005A7E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5A7E000
Size:	8192

Details

Name:	0000000E.00000002.1972529480.0000000003D73000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3D73000
Size:	8192

Details

Name:	0000000E.00000002.1988207961.0000000007740000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7740000
Size:	4096

Details

Name:	00000008.00000002.1875131842.0000000002CDA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CDA000
Size:	36864

Details

Name:	0000000E.00000002.1972529480.0000000003FF8000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3FF8000
Size:	4096

Details

Name:	00000008.00000002.1890410904.000000000631D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	631D000
Size:	20480

Details

Name:	00000008.00000002.1888771654.000000000605F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	605F000
Size:	4096

Details

Name:	00000000.00000002.1763367058.0000000005480000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5480000
Size:	4096

Details

Name:	00000008.00000002.1888133257.000000000560E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	560E000
Size:	8192

Details

Name:	00000000.00000002.1760848088.0000000002D7E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2D7E000
Size:	8192

Details

Name:	00000008.00000002.1871636462.0000000000E59000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	E59000
Size:	8192

Details

Name:	0000000A.00000002.1859478146.0000000006570000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6570000
Size:	172032

Details

Name:	0000000A.00000002.1860176989.000000000847E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	847E000
Size:	8192

Details

Name:	0000000E.00000002.1987178179.0000000006C90000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6C90000
Size:	8192

Details

Name:	0000000E.00000002.1972529480.0000000003C5E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3C5E000
Size:	8192

Details

Name:	0000000E.00000002.1984367115.00000000064FE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	64FE000
Size:	4096

Details

Name:	00000000.00000002.1760281968.00000000012D0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	12D0000
Size:	16384

Details

Name:	0000000E.00000002.1986057618.0000000006800000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	6800000
Size:	65536

Details

Name:	0000000A.00000002.1858784436.00000000057C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	57C0000
Size:	65536

Details

Name:	0000000E.00000002.1966151891.0000000002FFA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2FFA000
Size:	503808

Details

Name:	00000008.00000002.1891918644.00000000065D0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	65D0000
Size:	65536

Details

Name:	00000008.00000002.1893789422.0000000007590000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7590000
Size:	65536

Details

Name:	00000008.00000002.1889208272.00000000062EB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	62EB000
Size:	12288

Details

Name:	00000000.00000002.1767710806.00000000094BE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	94BE000
Size:	8192

Details

Name:	0000000E.00000002.1966151891.0000000002BE1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2BE1000
Size:	323584

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.1767423478.0000000008D7D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8D7D000
Size:	12288

Details

Name:	0000000E.00000002.1989178229.000000000795A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	795A000
Size:	4096

Details

Name:	00000008.00000002.1888173028.0000000005610000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5610000
Size:	36864

Details

Name:	0000000E.00000002.1986278766.000000000682F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	682F000
Size:	8192

Details

Name:	00000008.00000002.1886373446.0000000005110000.00000040.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	5110000
Size:	4096

Details

Name:	0000000A.00000002.1859353425.000000000640E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	640E000
Size:	8192

Details

Name:	0000000E.00000002.1983697472.0000000006489000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6489000
Size:	167936

Details

Name:	00000008.00000002.1887028478.0000000005370000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5370000
Size:	65536

Details

Name:	0000000A.00000002.1858559290.000000000578E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	578E000
Size:	4096

Details

Name:	00000000.00000002.1760343130.0000000002C90000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C90000
Size:	8192

Details

Name:	0000000A.00000002.1854755125.00000000013B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	13B0000
Size:	8192

Details

Name:	00000008.00000002.1880037858.0000000003E8D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3E8D000
Size:	20480

Details

Name:	00000000.00000002.1767106731.00000000087FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	87FE000
Size:	8192

Details

Name:	00000008.00000002.1888457340.00000000058AD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	58AD000
Size:	12288

Details

Name:	0000000E.00000002.1966129857.0000000002BD0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2BD0000
Size:	4096

Details

Name:	0000000A.00000002.1854778124.00000000013C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	13C0000
Size:	16384

Details

Name:	00000000.00000002.1767285575.0000000008C7D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8C7D000
Size:	12288

Details

Name:	00000008.00000002.1871636462.0000000000E30000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	E30000
Size:	118784

Details

Name:	00000005.00000002.1737650472.00000000033C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	33C0000
Size:	32768

Details

Name:	00000000.00000002.1760457122.0000000002CB3000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CB3000
Size:	28672

Details

Name:	0000000E.00000002.1966151891.00000000030A7000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	30A7000
Size:	12288

Details

Name:	00000000.00000002.1766507847.000000000754E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	754E000
Size:	8192

Details

Name:	0000000E.00000002.1965256516.000000000119E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	119E000
Size:	8192

Details

Name:	0000000A.00000002.1856252933.0000000003210000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3210000
Size:	65536

Details

Name:	00000008.00000002.1880037858.0000000003E6C000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3E6C000
Size:	4096

Details

Name:	00000008.00000002.1875131842.0000000002F35000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F35000
Size:	663552

Details

Name:	00000008.00000002.1871067184.0000000000DFF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	DFF000
Size:	4096

Details

Name:	00000008.00000002.1891999575.00000000065E0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	65E0000
Size:	57344

Details

Name:	00000008.00000002.1871215547.0000000000E04000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	E04000
Size:	16384

Details

Name:	0000000E.00000002.1984398817.0000000006500000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6500000
Size:	36864

Details

Name:	00000008.00000002.1875131842.0000000002FD8000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2FD8000
Size:	8192

Details

Name:	00000008.00000002.1892401901.00000000069E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	69E0000
Size:	4096

Details

Name:	0000000E.00000002.1966151891.0000000002C75000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C75000
Size:	1175552

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	0000000E.00000002.1983069663.00000000057EB000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	57EB000
Size:	8192

Details

Name:	0000000A.00000002.1854827025.0000000001417000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1417000
Size:	49152

Details

Name:	0000000E.00000002.1972529480.0000000003BEE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3BEE000
Size:	4096

Details

Name:	00000000.00000002.1760608764.0000000002CD2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CD2000
Size:	4096

Details

Name:	00000000.00000002.1761835638.0000000003EB1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3EB1000
Size:	28672

Details

Name:	0000000E.00000002.1986169106.0000000006810000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	6810000
Size:	65536

Details

Name:	00000008.00000002.1886453362.000000000531E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	531E000
Size:	8192

Details

Name:	00000000.00000002.1767233535.0000000008B3E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8B3E000
Size:	8192

Details

Name:	0000000E.00000002.1985251376.00000000066E0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	66E0000
Size:	57344

Details

Name:	0000000E.00000002.1986278766.0000000006852000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6852000
Size:	8192

Details

Name:	0000000E.00000002.1982395907.0000000005600000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5600000
Size:	65536

Details

Name:	00000008.00000002.1894647937.0000000007A20000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7A20000
Size:	4096

Details

Name:	00000008.00000002.1894052051.0000000007600000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7600000
Size:	65536

Details

Name:	00000008.00000002.1875131842.0000000002F01000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F01000
Size:	12288

Details

Name:	00000008.00000002.1880037858.0000000003AF6000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3AF6000
Size:	802816

Details

Name:	00000008.00000002.1888625350.0000000005910000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5910000
Size:	57344

Details

Name:	00000000.00000002.1764657276.00000000061AE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	61AE000
Size:	8192

Details

Name:	0000000A.00000002.1854827025.00000000013F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	13F0000
Size:	36864

Details

Name:	0000000A.00000002.1856022678.0000000003180000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3180000
Size:	16384

Details

Name:	00000008.00000002.1893162659.0000000006D75000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6D75000
Size:	36864

Details

Name:	0000000E.00000002.1981727883.0000000005540000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5540000
Size:	65536

Details

Name:	00000008.00000002.1893017962.0000000006D20000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6D20000
Size:	65536

Details

Name:	0000000A.00000002.1855255219.00000000015FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	15FE000
Size:	8192

Details

Name:	0000000A.00000002.1855292683.0000000001710000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1710000
Size:	8192

Details

Name:	00000008.00000002.1892694321.0000000006CE0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6CE0000
Size:	57344

Details

Name:	00000008.00000002.1891037661.00000000064E5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	64E5000
Size:	4096

Details

Name:	00000008.00000002.1887101732.00000000053A0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	53A0000
Size:	65536

Details

Name:	0000000E.00000002.1966151891.0000000002EE6000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2EE6000
Size:	368640

Details

Name:	00000008.00000002.1873824868.000000000102F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	102F000
Size:	4096

Details

Name:	00000008.00000002.1894569127.00000000079FD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	79FD000
Size:	12288

Details

Name:	00000008.00000002.1889208272.00000000062A2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	62A2000
Size:	229376

Details

Name:	00000008.00000002.1894391611.0000000007770000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7770000
Size:	4096

Details

Name:	0000000E.00000002.1972529480.0000000003DD9000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3DD9000
Size:	270336

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000008.00000002.1880037858.0000000003E78000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3E78000
Size:	8192

Details

Name:	0000000A.00000002.1859977240.0000000007E60000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7E60000
Size:	4096

Details

Name:	0000000A.00000002.1856342329.0000000003389000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3389000
Size:	966656

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000008.00000002.1880037858.0000000003AE6000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3AE6000
Size:	4096

Details

Name:	00000008.00000002.1887304140.00000000053D0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	53D0000
Size:	65536

Details

Name:	00000000.00000002.1760236258.00000000012CA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	12CA000
Size:	8192

Details

Name:	0000000E.00000002.1985848968.00000000067E4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	67E4000
Size:	49152

Details

Name:	0000000E.00000002.1980861382.00000000054F1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	54F1000
Size:	49152

Details

Name:	0000000E.00000002.1989150171.0000000007940000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7940000
Size:	4096

Details

Name:	0000000A.00000002.1855897669.0000000003124000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3124000
Size:	4096

Details

Name:	00000008.00000002.1893162659.0000000006D72000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6D72000
Size:	8192

Details

Name:	00000008.00000002.1880037858.0000000003E69000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3E69000
Size:	4096

Details

Name:	00000008.00000002.1880037858.0000000003A68000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3A68000
Size:	16384

Details

Name:	0000000E.00000002.1987480154.0000000007590000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7590000
Size:	4096

Details

Name:	0000000E.00000002.1984950222.00000000066BF000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	66BF000
Size:	4096

Details

Name:	00000008.00000002.1893162659.0000000006D6D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6D6D000
Size:	4096

Details

Name:	0000000E.00000002.1988594123.000000000777F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	777F000
Size:	28672

Details

Name:	00000000.00000002.1760204118.000000000127E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	127E000
Size:	8192

Details

Name:	00000008.00000002.1874606273.00000000029AC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	29AC000
Size:	16384

Details

Name:	0000000A.00000002.1859913630.0000000007E5D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7E5D000
Size:	12288

Details

Name:	0000000E.00000002.1982492905.000000000561D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	561D000
Size:	12288

Details

Name:	0000000A.00000002.1860263095.00000000086D0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	86D0000
Size:	4096

Details

Name:	0000000E.00000002.1966151891.0000000002F42000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F42000
Size:	368640

Details

Name:	00000008.00000002.1886247718.0000000005100000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5100000
Size:	65536

Details

Name:	00000000.00000002.1761835638.0000000003EB9000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3EB9000
Size:	4096

Details

Name:	0000000E.00000002.1987453509.0000000006F10000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6F10000
Size:	4096

Details

Name:	0000000A.00000002.1860218099.00000000085BE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	85BE000
Size:	8192

Details

Name:	0000000E.00000002.1984553071.0000000006522000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6522000
Size:	12288

Details

Name:	0000000E.00000002.1965230946.000000000109E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	109E000
Size:	8192

Details

Name:	00000008.00000002.1880037858.0000000003C38000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3C38000
Size:	8192

Details

Name:	0000000E.00000002.1980445889.00000000051FF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	51FF000
Size:	4096

Details

Name:	00000008.00000002.1880037858.0000000003C44000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3C44000
Size:	8192

Details

Name:	00000000.00000002.1762816078.0000000004F10000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	4F10000
Size:	32768

Details

Name:	0000000E.00000002.1972529480.0000000003C6B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3C6B000
Size:	4096

Details

Name:	00000005.00000002.1737415387.00000000030D0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	30D0000
Size:	4096

Details

Name:	0000000E.00000002.1983042657.00000000057DF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	57DF000
Size:	4096

Details

Name:	00000000.00000002.1761163536.00000000030A6000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	30A6000
Size:	1556480

Details

Name:	00000008.00000002.1886958206.0000000005360000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5360000
Size:	65536

Details

Name:	0000000A.00000002.1858559290.0000000005796000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5796000
Size:	16384

Details

Name:	00000008.00000002.1892945822.0000000006D10000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6D10000
Size:	65536

Details

Name:	00000000.00000002.1760546175.0000000002CC6000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	2CC6000
Size:	8192

Details

Name:	00000008.00000002.1875131842.0000000002A51000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2A51000
Size:	323584

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.1760671881.0000000002CF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CF0000
Size:	4096

Details

Name:	00000008.00000002.1874301303.0000000001070000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1070000
Size:	16384

Details

Name:	00000008.00000002.1873922470.0000000001035000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	1035000
Size:	4096

Details

Name:	0000000E.00000002.1983697472.00000000064B3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	64B3000
Size:	110592

Details

Name:	0000000A.00000002.1855394739.0000000001730000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1730000
Size:	16384

Details

Name:	00000000.00000002.1763828235.000000000597E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	597E000
Size:	8192

Details

Name:	0000000A.00000002.1858249007.0000000004339000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4339000
Size:	4096

Details

Name:	0000000E.00000002.1972529480.0000000003FF1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3FF1000
Size:	4096

Details

Name:	0000000E.00000002.1988234584.000000000774D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	774D000
Size:	53248

Details

Name:	0000000E.00000002.1983379178.00000000063FF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	63FF000
Size:	4096

Details

Name:	00000008.00000002.1870762041.0000000000CF5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	CF5000
Size:	16384

Details

Name:	00000008.00000002.1892138897.000000000665E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	665E000
Size:	8192

Details

Name:	00000008.00000002.1874724428.00000000029D4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	29D4000
Size:	20480

Details

Name:	0000000C.00000002.1832156569.0000000002A3E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2A3E000
Size:	8192

Details

Name:	0000000E.00000002.1989250947.000000000802E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	802E000
Size:	8192

Details

Name:	00000000.00000002.1760003930.00000000010AF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	10AF000
Size:	4096

Details

Name:	00000008.00000002.1875131842.0000000002CD6000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CD6000
Size:	4096

Details

Name:	00000008.00000002.1880037858.0000000003C3D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3C3D000
Size:	8192

Details

Name:	00000008.00000002.1886498134.0000000005342000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5342000
Size:	36864

Details

Name:	0000000E.00000002.1966151891.00000000030AD000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	30AD000
Size:	151552

Details

Name:	0000000A.00000002.1855723967.0000000001A60000.00000040.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	1A60000
Size:	65536

Details

Name:	00000000.00000002.1767524975.0000000008FFE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8FFE000
Size:	8192

Details

Name:	00000008.00000002.1888955198.0000000006264000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6264000
Size:	4096

Details

Name:	00000000.00000002.1760003930.00000000010BE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	10BE000
Size:	20480

Details

Name:	00000008.00000002.1870395366.00000000007EB000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7EB000
Size:	20480

Details

Name:	0000000A.00000002.1855374077.000000000172D000.00000040.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	172D000
Size:	4096

Details

Name:	00000008.00000002.1871305559.0000000000E0D000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	E0D000
Size:	4096

Details

Name:	00000008.00000002.1887178075.00000000053B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	53B0000
Size:	65536

Details

Name:	0000000A.00000002.1858831419.0000000005800000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5800000
Size:	4096

Details

Name:	0000000E.00000002.1988553576.0000000007778000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7778000
Size:	12288

Details

Name:	0000000E.00000002.1982205579.00000000055A0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	55A0000
Size:	65536

Details

Name:	00000008.00000002.1870431418.0000000000AF7000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	AF7000
Size:	36864

Details

Name:	0000000A.00000002.1854691716.0000000001357000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	1357000
Size:	36864

Details

Name:	0000000A.00000002.1859375532.000000000644E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	644E000
Size:	8192

Details

Name:	00000008.00000002.1875131842.0000000002E53000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2E53000
Size:	507904

Details

Name:	0000000E.00000002.1966151891.0000000002C71000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C71000
Size:	4096

Details

Name:	0000000E.00000002.1986278766.000000000682C000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	682C000
Size:	4096

Details

Name:	00000008.00000002.1891037661.00000000064DF000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	64DF000
Size:	8192

Details

Name:	0000000A.00000002.1859709953.00000000076C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	76C0000
Size:	8192

Details

Name:	00000008.00000002.1880037858.0000000003AC1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3AC1000
Size:	12288

Details

Name:	00000000.00000002.1759317214.0000000001037000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1037000
Size:	49152

Details

Name:	00000000.00000002.1767602745.000000000923E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	923E000
Size:	8192

Details

Name:	00000000.00000002.1760382284.0000000002CA3000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	2CA3000
Size:	4096

Details

Name:	00000008.00000002.1886498134.0000000005331000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5331000
Size:	16384

Details

Name:	00000000.00000002.1767573131.000000000913D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	913D000
Size:	12288

Details

Name:	0000000C.00000002.1832096055.0000000002760000.00000004.00000020.00040000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2760000
Size:	4096

Details

Name:	00000000.00000002.1767653925.000000000946C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	946C000
Size:	16384

Details

Name:	00000000.00000002.1764020088.0000000005FEB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5FEB000
Size:	4096

Details

Name:	0000000E.00000002.1983348845.00000000062FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	62FE000
Size:	8192

Details

Name:	0000000E.00000002.1986278766.0000000006838000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6838000
Size:	4096

Details

Name:	00000008.00000002.1880037858.0000000003EA1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3EA1000
Size:	4096

Details

Name:	00000008.00000002.1873984797.0000000001050000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1050000
Size:	4096

Details

Name:	00000008.00000002.1871469605.0000000000E22000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	E22000
Size:	4096

Details

Name:	0000000E.00000002.1972529480.0000000004032000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4032000
Size:	1855488

Details

Name:	0000000E.00000002.1988816410.00000000077B3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	77B3000
Size:	24576

Details

Name:	0000000A.00000002.1860123330.000000000842C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	842C000
Size:	16384

Details

Name:	00000000.00000002.1765491801.0000000007321000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7321000
Size:	4096

Details

Name:	00000008.00000002.1875131842.0000000002D9B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2D9B000
Size:	372736

Details

Name:	0000000A.00000002.1855352786.0000000001724000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1724000
Size:	4096

Details

Name:	0000000A.00000002.1856296590.0000000003220000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3220000
Size:	4096

Details

Name:	00000008.00000002.1874954807.0000000002A20000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2A20000
Size:	65536

Details

Name:	0000000E.00000002.1988177646.0000000007640000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7640000
Size:	4096

Details

Name:	0000000E.00000002.1966151891.0000000002C63000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C63000
Size:	4096

Details

Name:	00000000.00000002.1762773333.0000000004EF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4EF0000
Size:	12288

Details

Name:	00000008.00000002.1871138682.0000000000E00000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	E00000
Size:	12288

Details

Name:	0000000E.00000002.1986278766.000000000684D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	684D000
Size:	4096

Details

Name:	0000000E.00000002.1987875076.00000000075F0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	75F0000
Size:	65536

Details

Name:	00000008.00000002.1891037661.00000000064D8000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	64D8000
Size:	4096

Details

Name:	0000000A.00000002.1858853283.0000000005810000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5810000
Size:	4096

Details

Name:	00000000.00000002.1767502190.0000000008FBE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8FBE000
Size:	8192

Details

Name:	00000005.00000002.1735312627.0000000002D70000.00000004.00000020.00040000.00000000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D70000
Size:	4096

Details

Name:	00000000.00000002.1759317214.0000000001051000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1051000
Size:	4096

Details

Name:	0000000E.00000002.1972529480.0000000003BF9000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3BF9000
Size:	16384

Details

Name:	0000000A.00000002.1854731505.00000000013A0000.00000004.00000020.00040000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	13A0000
Size:	4096

Details

Name:	0000000A.00000002.1854806830.00000000013C5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	13C5000
Size:	4096

Details

Name:	0000000E.00000002.1981994626.0000000005580000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5580000
Size:	65536

Details

Name:	0000000E.00000002.1984186018.00000000064DD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	64DD000
Size:	16384

Details

Name:	0000000E.00000002.1987242725.0000000006DDB000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6DDB000
Size:	20480

Details

Name:	00000008.00000002.1890450420.0000000006325000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6325000
Size:	32768

Details

Name:	0000000E.00000002.1965763955.00000000029E7000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	29E7000
Size:	4096

Details

Name:	0000000E.00000002.1965643927.00000000029D6000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	29D6000
Size:	40960

Details

Name:	00000008.00000002.1887940548.00000000054BD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	54BD000
Size:	12288

Details

Name:	00000000.00000002.1760111061.00000000011E5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	11E5000
Size:	16384

Details

Name:	0000000A.00000002.1855830747.000000000310C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	310C000
Size:	16384

Details

Name:	0000000A.00000002.1854659491.0000000001259000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	1259000
Size:	28672

Details

Name:	0000000A.00000002.1856159652.00000000031F5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	31F5000
Size:	45056

Details

Name:	00000008.00000002.1894128768.0000000007610000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7610000
Size:	65536

Details

Name:	00000008.00000002.1880037858.0000000003BEB000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3BEB000
Size:	8192

Details

Name:	0000000A.00000002.1860199788.000000000857F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	857F000
Size:	4096

Details

Name:	0000000E.00000002.1983069663.00000000057EE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	57EE000
Size:	8192

Details

Name:	0000000E.00000002.1963901950.0000000000DF0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	DF0000
Size:	16384

Details

Name:	0000000A.00000002.1855812094.00000000030CE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	30CE000
Size:	8192

Details

Name:	0000000A.00000002.1855332054.0000000001723000.00000040.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	1723000
Size:	4096

Details

Name:	0000000E.00000002.1972529480.0000000003DC7000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3DC7000
Size:	8192

Details

Name:	0000000A.00000002.1855595620.0000000001A2A000.00000040.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	1A2A000
Size:	4096

Details

Name:	00000000.00000002.1763188901.0000000005410000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5410000
Size:	65536

Details

Name:	00000000.00000002.1760111061.00000000011E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	11E0000
Size:	16384

Details

Name:	00000008.00000002.1874660536.00000000029C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	29C0000
Size:	65536

Details

Name:	00000008.00000002.1875131842.0000000002CE5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CE5000
Size:	364544

Details

Name:	0000000E.00000002.1972529480.0000000003FEB000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3FEB000
Size:	8192

Details

Name:	0000000A.00000002.1858559290.0000000005791000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5791000
Size:	16384

Details

Name:	0000000A.00000002.1855418845.000000000177E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	177E000
Size:	8192

Details

Name:	00000008.00000002.1886011519.0000000004BED000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4BED000
Size:	12288

Details

Name:	00000008.00000002.1894605659.0000000007A00000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7A00000
Size:	4096

Details

Name:	0000000E.00000002.1988667197.000000000779D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	779D000
Size:	8192

Details

Name:	0000000A.00000002.1860070296.00000000081DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	81DE000
Size:	8192

Details

Name:	00000008.00000002.1875131842.0000000002AD5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2AD5000
Size:	4096

Details

Name:	00000000.00000002.1762890875.00000000053DB000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	53DB000
Size:	65536

Details

Name:	0000000E.00000002.1972529480.0000000003C13000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3C13000
Size:	172032

Details

Name:	0000000E.00000002.1972529480.0000000003C64000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3C64000
Size:	4096

Details

Name:	00000000.00000002.1763271803.0000000005443000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5443000
Size:	8192

Details

Name:	0000000A.00000002.1859281158.0000000005D00000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5D00000
Size:	65536

Details

Name:	0000000A.00000002.1859243525.0000000005CF1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5CF1000
Size:	49152

Details

Name:	00000008.00000002.1894531776.00000000079B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	79B0000
Size:	12288

Details

Name:	00000008.00000002.1893674138.000000000757E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	757E000
Size:	8192

Details

Name:	0000000E.00000002.1985382324.000000000678E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	678E000
Size:	8192

Details

Name:	0000000C.00000002.1832058469.00000000026BD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	26BD000
Size:	12288

Details

Name:	00000000.00000002.1761163536.000000000308E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	308E000
Size:	90112

Details

Name:	0000000E.00000002.1964139932.0000000000F84000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	F84000
Size:	4096

Details

Name:	00000008.00000002.1888173028.000000000561E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	561E000
Size:	8192

Details

Name:	0000000E.00000002.1972529480.000000000400D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	400D000
Size:	4096

Details

Name:	00000008.00000002.1894418944.000000000778A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	778A000
Size:	4096

Details

Name:	0000000A.00000002.1855662990.0000000001A37000.00000040.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	1A37000
Size:	4096

Details

Name:	00000008.00000002.1873902355.0000000001032000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1032000
Size:	4096

Details

Name:	00000000.00000002.1762890875.00000000053FD000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	53FD000
Size:	16384

Details

Name:	00000008.00000002.1893162659.0000000006D5E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6D5E000
Size:	4096

Details

Name:	00000008.00000002.1880037858.0000000003E9A000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3E9A000
Size:	4096

Details

Name:	00000000.00000002.1767786579.00000000095BE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	95BE000
Size:	8192

Details

Name:	0000000E.00000002.1989322207.0000000008130000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	8130000
Size:	16384

Details

Name:	0000000E.00000002.1985726352.00000000067DA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	67DA000
Size:	20480

Details

Name:	00000000.00000002.1760651634.0000000002CDB000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	2CDB000
Size:	4096

Details

Name:	00000008.00000002.1874636911.00000000029B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	29B0000
Size:	8192

Details

Name:	00000008.00000002.1893713711.0000000007580000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7580000
Size:	65536

Details

Name:	00000008.00000002.1875131842.0000000002ACB000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2ACB000
Size:	20480

Details

Name:	00000005.00000002.1737625755.00000000031D0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	31D0000
Size:	20480

Details

Name:	00000000.00000002.1761163536.0000000002F09000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F09000
Size:	1589248

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000008.00000002.1880037858.0000000003A6F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3A6F000
Size:	4096

Details

Name:	0000000E.00000002.1972529480.0000000003C75000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3C75000
Size:	4096

Details

Name:	0000000E.00000002.1984272617.00000000064F2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	64F2000
Size:	12288

Details

Name:	0000000E.00000002.1984856741.0000000006580000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	6580000
Size:	16384

Details

Name:	00000000.00000002.1763226231.0000000005430000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5430000
Size:	65536

Details

Name:	00000000.00000002.1760167415.00000000011F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	11F0000
Size:	8192

Details

Name:	0000000E.00000002.1982492905.000000000561A000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	561A000
Size:	8192

Details

Name:	0000000E.00000002.1987849833.00000000075E0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	75E0000
Size:	4096

Details

Name:	00000008.00000002.1875131842.0000000002B8E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2B8E000
Size:	86016

Details

Name:	00000000.00000002.1763470107.00000000054B0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	54B0000
Size:	65536

Details

Name:	0000000E.00000002.1966151891.0000000002F9E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F9E000
Size:	368640

Details

Name:	0000000E.00000002.1980317395.0000000004BE0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4BE0000
Size:	4096

Details

Name:	00000008.00000002.1874008817.0000000001060000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	1060000
Size:	65536

Details

Name:	00000000.00000002.1763852790.0000000005980000.00000004.08000000.00040000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library section
Protect:	page read and write
Base address:	5980000
Size:	36864

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	0000000E.00000002.1972529480.0000000003FDC000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3FDC000
Size:	4096

Details

Name:	0000000A.00000002.1858559290.0000000005774000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5774000
Size:	16384

Details

Name:	0000000E.00000002.1966151891.0000000002C5A000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C5A000
Size:	24576

Details

Name:	0000000E.00000002.1986983448.0000000006B30000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	6B30000
Size:	4096

Details

Name:	00000008.00000002.1874724428.00000000029D0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	29D0000
Size:	12288

Details

Name:	00000000.00000000.1670196865.0000000000B60000.00000002.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	B60000
Size:	4096

Details

Name:	00000005.00000002.1737593875.000000000316F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	316F000
Size:	4096

Details

Name:	00000008.00000002.1891556173.0000000006502000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6502000
Size:	8192

Details

Name:	0000000E.00000002.1965603720.00000000029D0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	29D0000
Size:	4096

Details

Name:	00000000.00000002.1763271803.0000000005440000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5440000
Size:	4096

Details

Name:	0000000E.00000002.1966151891.000000000307F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	307F000
Size:	151552

Details

Name:	0000000A.00000002.1859856204.0000000007C1E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7C1E000
Size:	8192

Details

Name:	00000000.00000002.1760436835.0000000002CB0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CB0000
Size:	8192

Details

Name:	0000000E.00000002.1972529480.0000000003C85000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3C85000
Size:	798720

Details

Name:	00000000.00000002.1759317214.000000000101E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	101E000
Size:	98304

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000000.00000002.1759317214.0000000001010000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1010000
Size:	28672

Details

Name:	00000008.00000002.1893162659.0000000006D41000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6D41000
Size:	8192

Details

Name:	00000008.00000002.1894781423.000000007EE10000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7EE10000
Size:	4096

Details

Name:	0000000E.00000002.1987298075.0000000006EDD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6EDD000
Size:	12288

Details

Name:	0000000E.00000002.1965782461.00000000029EB000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	29EB000
Size:	8192

Details

Name:	00000000.00000002.1761123212.0000000002DA0000.00000040.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	2DA0000
Size:	4096

Details

Name:	0000000E.00000002.1981847054.0000000005570000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	5570000
Size:	65536

Details

Name:	00000000.00000002.1763523529.00000000054C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	54C0000
Size:	65536

Details

Name:	0000000E.00000002.1985848968.00000000067E0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	67E0000
Size:	4096

Details

Name:	00000000.00000002.1760948240.0000000002D95000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2D95000
Size:	45056

Details

Name:	0000000E.00000002.1983403537.0000000006404000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6404000
Size:	4096

Details

Name:	00000000.00000002.1760187169.000000000123D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	123D000
Size:	12288

Details

Name:	0000000A.00000002.1859478146.0000000006550000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6550000
Size:	86016

Details

Name:	0000000E.00000002.1972529480.0000000003C0F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3C0F000
Size:	12288

Details

Name:	00000008.00000002.1890667592.0000000006341000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6341000
Size:	122880

Details

Name:	0000000E.00000002.1986718683.0000000006AB0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6AB0000
Size:	65536

Details

Name:	00000008.00000002.1875131842.0000000002AD3000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2AD3000
Size:	4096

Details

Name:	00000008.00000002.1880037858.0000000003E62000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3E62000
Size:	4096

Details

Name:	0000000E.00000002.1981606887.0000000005530000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5530000
Size:	65536

Details

Name:	0000000E.00000002.1987738926.00000000075D0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	75D0000
Size:	65536

Details

Name:	0000000E.00000002.1972529480.0000000004007000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4007000
Size:	8192

Details

Name:	00000008.00000002.1891395307.00000000064F0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	64F0000
Size:	4096

Details

Name:	00000008.00000002.1871636462.0000000000E65000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	E65000
Size:	180224

Details

Name:	00000000.00000002.1763913964.00000000059A0000.00000004.08000000.00040000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library section
Protect:	page read and write
Base address:	59A0000
Size:	24576

Details

Name:	0000000A.00000002.1854827025.0000000001424000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1424000
Size:	16384

Details

Name:	0000000E.00000002.1986864954.0000000006B20000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6B20000
Size:	65536

Details

Name:	0000000A.00000002.1855760702.0000000001A7A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1A7A000
Size:	8192

Details

Name:	00000008.00000002.1890829139.0000000006360000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	6360000
Size:	65536

Details

Name:	00000008.00000002.1893162659.0000000006D58000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6D58000
Size:	4096

Details

Name:	0000000A.00000002.1854827025.0000000001488000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1488000
Size:	32768

Details

Name:	0000000E.00000002.1965861492.0000000002A8C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2A8C000
Size:	16384

Details

Name:	0000000C.00000002.1832172535.0000000002A50000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2A50000
Size:	32768

Details

Name:	00000008.00000002.1880037858.0000000003E94000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3E94000
Size:	8192

Details

Name:	0000000A.00000002.1858915471.0000000005820000.00000040.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	5820000
Size:	65536

Details

Name:	00000000.00000002.1759240826.0000000001000000.00000004.00000020.00040000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1000000
Size:	4096

Details

Name:	00000005.00000002.1735601396.0000000002DBE000.00000004.00000001.00020000.00000000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2DBE000
Size:	8192

Details

Name:	00000000.00000002.1761835638.0000000003FA3000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3FA3000
Size:	4096

Details

Name:	0000000A.00000002.1856342329.0000000003476000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3476000
Size:	299008

Details

Name:	0000000E.00000002.1980861382.00000000054D1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	54D1000
Size:	16384

Details

Name:	00000008.00000002.1880037858.0000000003BD6000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3BD6000
Size:	20480

Details

Name:	00000008.00000002.1894673056.00000000080DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	80DE000
Size:	8192

Details

Name:	0000000A.00000002.1858559290.000000000577B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	577B000
Size:	65536

Details

Name:	0000000E.00000002.1972529480.0000000003C52000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3C52000
Size:	4096

Details

Name:	0000000E.00000002.1980836750.00000000054BF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	54BF000
Size:	4096

Details

Name:	0000000E.00000002.1963880799.0000000000D10000.00000004.00000020.00040000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	D10000
Size:	4096

Details

Name:	00000008.00000002.1875131842.0000000002D40000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2D40000
Size:	368640

Details

Name:	0000000E.00000002.1986278766.0000000006841000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6841000
Size:	8192

Details

Name:	00000000.00000002.1762890875.00000000053D4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	53D4000
Size:	16384

Details

Name:	0000000E.00000002.1980704179.0000000005230000.00000040.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	5230000
Size:	4096

Details

Name:	00000008.00000002.1891037661.00000000064C5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	64C5000
Size:	12288

Details

Name:	0000000E.00000002.1964139932.0000000000FA3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	FA3000
Size:	323584

Details

Name:	0000000A.00000002.1855530675.0000000001A20000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1A20000
Size:	4096

Details

Name:	0000000E.00000002.1966151891.00000000030D6000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	30D6000
Size:	12288

Details

Name:	0000000A.00000002.1859153055.0000000005BEE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5BEE000
Size:	8192

Details

Name:	00000000.00000002.1767810928.00000000095D0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	95D0000
Size:	8192

Details

Name:	00000008.00000002.1893162659.0000000006D54000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6D54000
Size:	8192

Details

Name:	00000008.00000002.1880037858.0000000003A7B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3A7B000
Size:	8192

Details

Name:	0000000A.00000002.1855468858.0000000001A10000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1A10000
Size:	8192

Details

Name:	00000000.00000002.1760523078.0000000002CC2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CC2000
Size:	4096

Details

Name:	0000000E.00000002.1980317395.0000000004BE8000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4BE8000
Size:	8192

Details

Name:	0000000E.00000002.1985036063.00000000066C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	66C0000
Size:	4096

Details

Name:	00000008.00000002.1894418944.0000000007786000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7786000
Size:	12288

Details

Name:	00000008.00000002.1871434926.0000000000E20000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	E20000
Size:	4096

Details

Name:	0000000A.00000002.1859891270.0000000007D5E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7D5E000
Size:	8192

Details

Name:	00000008.00000002.1875131842.0000000002ED3000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2ED3000
Size:	12288

Details

Name:	00000008.00000002.1887616275.0000000005450000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5450000
Size:	65536

Details

Name:	0000000E.00000002.1986278766.0000000006822000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6822000
Size:	4096

Details

Name:	00000008.00000002.1880037858.0000000003AC8000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3AC8000
Size:	20480

Details

Name:	00000000.00000002.1764442545.0000000006015000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6015000
Size:	12288

Details

Name:	0000000A.00000002.1856319782.000000000332E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	332E000
Size:	8192

Details

Name:	00000000.00000002.1763893521.0000000005990000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	5990000
Size:	4096

Details

Name:	0000000E.00000002.1965283512.00000000011CB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	11CB000
Size:	16384

Details

Name:	0000000E.00000002.1966151891.0000000002C65000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C65000
Size:	4096

Details

Name:	0000000E.00000002.1972529480.0000000004023000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4023000
Size:	8192

Details

Name:	0000000A.00000002.1858249007.0000000004359000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4359000
Size:	176128

Details

Name:	00000008.00000002.1891885582.00000000065BF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	65BF000
Size:	4096

Details

Name:	00000008.00000002.1875131842.0000000002AE5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2AE5000
Size:	679936

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000008.00000002.1892854745.0000000006D00000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6D00000
Size:	32768

Details

Name:	00000008.00000002.1880037858.0000000003E71000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3E71000
Size:	20480

Details

Name:	00000008.00000002.1874853045.00000000029E0000.00000040.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	29E0000
Size:	4096

Details

Name:	00000000.00000002.1761835638.0000000003ED9000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3ED9000
Size:	180224

Details

Name:	00000008.00000002.1893962966.00000000075B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	75B0000
Size:	4096

Details

Name:	00000008.00000002.1880037858.0000000003E7E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3E7E000
Size:	4096

Details

Name:	0000000E.00000002.1981365527.0000000005501000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5501000
Size:	61440

Details

Name:	0000000E.00000002.1984820308.000000000657E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	657E000
Size:	8192

Details

Name:	0000000E.00000002.1965283512.00000000011C7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	11C7000
Size:	12288

Details

Name:	00000008.00000002.1891037661.00000000064EA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	64EA000
Size:	8192

Details

Name:	0000000A.00000002.1854827025.00000000014AF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	14AF000
Size:	262144

Details

Name:	0000000A.00000002.1855706807.0000000001A50000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1A50000
Size:	4096

Details

Name:	00000000.00000002.1760324161.00000000014DF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	14DF000
Size:	4096

Details

Name:	0000000E.00000002.1984226751.00000000064E9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	64E9000
Size:	12288

Details

Name:	00000000.00000002.1762753408.0000000004EEE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4EEE000
Size:	8192

Details

Name:	00000008.00000002.1892104465.0000000006610000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6610000
Size:	4096

Details

Name:	0000000E.00000002.1965404786.00000000029A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	29A0000
Size:	8192

Details

Name:	0000000E.00000002.1963835827.0000000000CF7000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	CF7000
Size:	36864

Details

Name:	00000008.00000002.1893162659.0000000006D68000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6D68000
Size:	4096

Details

Name:	0000000E.00000002.1986278766.0000000006824000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6824000
Size:	4096

Details

Name:	00000008.00000002.1880037858.0000000003A5E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3A5E000
Size:	4096

Details

Name:	00000000.00000002.1767167329.00000000089FF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	89FF000
Size:	4096

Details

Name:	00000008.00000002.1892375110.00000000069DF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	69DF000
Size:	4096

Details

Name:	0000000A.00000002.1859220143.0000000005CE0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5CE0000
Size:	8192

Details

Name:	00000000.00000002.1760236258.00000000012C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	12C0000
Size:	32768

Details

Name:	00000008.00000002.1891037661.00000000064C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	64C0000
Size:	4096

Details

Name:	00000000.00000002.1759317214.0000000001053000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1053000
Size:	307200

Details

Name:	0000000C.00000002.1832142315.00000000027F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	27F0000
Size:	4096

Details

Name:	0000000E.00000002.1985036063.00000000066C4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	66C4000
Size:	36864

Details

Name:	00000008.00000002.1874907110.0000000002A10000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2A10000
Size:	36864

Details

Name:	0000000A.00000002.1855855329.0000000003110000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3110000
Size:	65536

Details

Name:	0000000E.00000002.1965927245.0000000002B9E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2B9E000
Size:	8192

Details

Name:	0000000E.00000002.1966151891.0000000002D95000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2D95000
Size:	1376256

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000008.00000002.1888955198.000000000627C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	627C000
Size:	4096

Details

Name:	0000000C.00000002.1832245209.0000000002C7F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2C7F000
Size:	4096

Details

Name:	00000008.00000002.1890985252.00000000064BF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	64BF000
Size:	4096

Details

Name:	00000008.00000002.1871337052.0000000000E10000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	E10000
Size:	28672

Details

Name:	00000008.00000002.1880037858.0000000003E55000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3E55000
Size:	20480

Details

Name:	00000000.00000002.1763688802.000000000585D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	585D000
Size:	12288

Details

Name:	00000008.00000002.1886062207.0000000004F6E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4F6E000
Size:	8192

Details

Name:	0000000E.00000002.1982860253.000000000568E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	568E000
Size:	8192

Details

Name:	00000008.00000002.1889208272.00000000062DB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	62DB000
Size:	36864

Details

Name:	0000000E.00000002.1986278766.000000000683E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	683E000
Size:	4096

Details

Name:	00000008.00000002.1891037661.00000000064C2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	64C2000
Size:	8192

Details

Name:	0000000E.00000002.1986278766.0000000006855000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6855000
Size:	36864

Details

Name:	0000000A.00000002.1856159652.00000000031F0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	31F0000
Size:	16384

Details

Name:	0000000E.00000002.1988873609.00000000077BC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	77BC000
Size:	176128

Details

Name:	00000005.00000002.1734958241.0000000002D0A000.00000004.00000010.00020000.00000000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2D0A000
Size:	24576

Details

Name:	0000000E.00000002.1989498729.0000000008290000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	8290000
Size:	4096

Details

Name:	00000008.00000002.1871378649.0000000000E1D000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	E1D000
Size:	4096

Details

Name:	00000000.00000002.1767453721.0000000008D80000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	8D80000
Size:	4096

Details

Name:	0000000E.00000002.1965830925.0000000002A4E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2A4E000
Size:	8192

Details

Name:	00000000.00000002.1761142895.0000000002EAE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2EAE000
Size:	8192

Details

Name:	00000008.00000002.1888955198.0000000006260000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6260000
Size:	4096

Details

Name:	0000000A.00000002.1856075296.00000000031A0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	31A0000
Size:	32768

Details

Name:	0000000A.00000002.1854827025.0000000001430000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1430000
Size:	4096

Details

Name:	0000000E.00000002.1972529480.0000000003D6E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3D6E000
Size:	8192

Details

Name:	00000008.00000002.1890909620.00000000063AE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	63AE000
Size:	8192

Details

Name:	0000000A.00000002.1859478146.000000000656C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	656C000
Size:	12288

Details

Name:	00000005.00000002.1737537599.0000000003120000.00000004.00000020.00020000.00000000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3120000
Size:	16384

Details

Name:	0000000E.00000002.1984919471.000000000668E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	668E000
Size:	8192

Details

Name:	0000000A.00000002.1859759702.00000000078DF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	78DF000
Size:	4096

Details

Name:	0000000A.00000002.1858970629.0000000005830000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5830000
Size:	65536

Details

Name:	00000000.00000002.1764707538.00000000061B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	61B0000
Size:	4096

Details

Name:	0000000A.00000002.1859811249.000000000795E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	795E000
Size:	8192

Details

Name:	00000008.00000002.1870762041.0000000000CF0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	CF0000
Size:	16384

Details

Name:	0000000A.00000002.1855640693.0000000001A32000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1A32000
Size:	4096

Details

Name:	00000008.00000002.1886185794.00000000050EE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	50EE000
Size:	8192

Details

Name:	0000000A.00000002.1856104003.00000000031EF000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	31EF000
Size:	4096

Details

Name:	00000000.00000002.1762773333.0000000004EF5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4EF5000
Size:	40960

Details

Name:	0000000E.00000002.1987122414.0000000006C2E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6C2E000
Size:	8192

Details

Name:	00000008.00000002.1891556173.0000000006505000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6505000
Size:	45056

Details

Name:	0000000E.00000002.1972529480.0000000003D80000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3D80000
Size:	274432

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	0000000E.00000002.1964139932.0000000000F79000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	F79000
Size:	20480

Details

Name:	0000000E.00000002.1985514950.00000000067B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	67B0000
Size:	65536

Details

Name:	00000008.00000002.1888173028.000000000561B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	561B000
Size:	8192

Details

Name:	00000000.00000002.1767139317.000000000883E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	883E000
Size:	8192

Details

Name:	00000008.00000002.1871636462.0000000000ECE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	ECE000
Size:	8192

Details

Name:	00000008.00000002.1894476898.00000000078AE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	78AE000
Size:	8192

Details

Name:	0000000E.00000002.1972529480.0000000003D7A000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3D7A000
Size:	8192

Details

Name:	00000000.00000002.1760696200.0000000002D00000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	2D00000
Size:	65536

Details

Name:	0000000A.00000002.1854827025.00000000013FA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	13FA000
Size:	8192

Details

Name:	0000000E.00000002.1966151891.0000000002C31000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C31000
Size:	114688

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	0000000A.00000002.1855549270.0000000001A22000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1A22000
Size:	4096

Details

Name:	0000000A.00000002.1854827025.0000000001432000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1432000
Size:	311296

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000008.00000002.1880037858.0000000003E50000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3E50000
Size:	4096

Details

Name:	0000000E.00000002.1965513842.00000000029BD000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	29BD000
Size:	4096

Details

Name:	00000008.00000002.1888702155.0000000005930000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5930000
Size:	4096

Details

Name:	0000000E.00000002.1982890345.00000000056CD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	56CD000
Size:	12288

Details

Name:	0000000E.00000002.1986278766.0000000006846000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6846000
Size:	4096

Details

Name:	0000000E.00000002.1972529480.0000000003FE4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3FE4000
Size:	20480

Details

Name:	0000000A.00000002.1856022678.0000000003185000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3185000
Size:	45056

Details

Name:	0000000C.00000002.1832227143.0000000002B60000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2B60000
Size:	24576

Details

Name:	0000000E.00000002.1972529480.0000000003C00000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3C00000
Size:	4096

Details

Name:	0000000E.00000002.1987981053.0000000007630000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7630000
Size:	65536

Details

Name:	0000000A.00000002.1855619014.0000000001A30000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1A30000
Size:	4096

Details

Name:	00000008.00000002.1886498134.000000000532B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	532B000
Size:	20480

Details

Name:	00000000.00000002.1767687908.0000000009470000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	9470000
Size:	4096

Details

Name:	0000000A.00000002.1859015704.0000000005ABB000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5ABB000
Size:	20480

Details

Name:	00000000.00000002.1764020088.0000000005FEE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5FEE000
Size:	151552

Details

Name:	00000005.00000002.1736075723.0000000002DFF000.00000004.00000001.00020000.00000000.sdmp
TargetID:	5
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2DFF000
Size:	4096

Details

Name:	0000000E.00000002.1983272346.0000000005ABD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5ABD000
Size:	12288

Details

Name:	00000008.00000002.1875131842.0000000002B8C000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2B8C000
Size:	4096

Details

Name:	00000000.00000002.1759206350.0000000000DA7000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	DA7000
Size:	36864

Details

Name:	0000000E.00000002.1980861382.00000000054CB000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	54CB000
Size:	20480

Details

Name:	00000008.00000002.1892338592.000000000699E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	699E000
Size:	8192

Details

Name:	0000000E.00000002.1965700615.00000000029E0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	29E0000
Size:	4096

Details

Name:	0000000A.00000002.1855313357.0000000001720000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1720000
Size:	4096

Details

Name:	0000000E.00000002.1965428820.00000000029B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	29B0000
Size:	12288

Details

Name:	0000000E.00000002.1989603898.000000007FBA0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7FBA0000
Size:	4096

Details

Name:	00000008.00000002.1871636462.0000000000E92000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	E92000
Size:	8192

Details

Name:	00000008.00000002.1875131842.0000000002BA4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2BA4000
Size:	1249280

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	0000000E.00000002.1989529674.00000000082A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	82A0000
Size:	4096

Details

Name:	0000000A.00000002.1856000190.000000000317E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	317E000
Size:	8192

Details

Name:	0000000E.00000002.1988737514.00000000077A2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	77A2000
Size:	32768

Details

Name:	00000008.00000002.1892184605.0000000006680000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6680000
Size:	65536

Details

Name:	00000000.00000002.1762845985.0000000004F8C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4F8C000
Size:	16384

Details

Name:	00000000.00000002.1764020088.0000000005FE3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5FE3000
Size:	24576

Details

Name:	00000008.00000002.1888899833.000000000625E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	625E000
Size:	8192

Details

Name:	0000000A.00000002.1856342329.0000000003526000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3526000
Size:	1556480

Details

Name:	00000008.00000002.1870584034.0000000000C60000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	C60000
Size:	12288

Details

Name:	0000000E.00000002.1965476776.00000000029B4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	29B4000
Size:	16384

Details

Name:	0000000E.00000002.1985726352.00000000067D0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	67D0000
Size:	36864

Details

Name:	0000000A.00000002.1855897669.0000000003126000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3126000
Size:	40960

Details

Name:	0000000E.00000002.1984161570.00000000064D9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	64D9000
Size:	4096

Details

Name:	00000000.00000002.1763667331.0000000005660000.00000040.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	5660000
Size:	4096

Details

Name:	0000000A.00000002.1860020155.000000000809E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	809E000
Size:	8192

Details

Name:	0000000E.00000002.1965385840.0000000002970000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2970000
Size:	4096

Details

Name:	00000008.00000002.1873856457.0000000001030000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1030000
Size:	4096

Details

Name:	0000000E.00000002.1984553071.0000000006520000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6520000
Size:	4096

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
lZ8NRWShfC.exe

Files

Processes

URLs

Domains

IPs

Registry

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC ReportlZ8NRWShfC.exe

Files

Processes

URLs

Domains

IPs

Registry

Memdumps

IOC Report
lZ8NRWShfC.exe