Automated Malware Analysis IOC Report for

Details

Name:	00000008.00000002.2242729605.0000000000402000.00000040.00000400.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	remote allocation
Protect:	page execute and read and write
Base address:	402000
Size:	102400

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected RedLine Stealer	Stealing of Sensitive Information, Remote Access Functionality
Sample file is different than original file name gathered from version info	System Summary
Yara detected Credential Stealer	Stealing of Sensitive Information
Yara signature match	System Summary
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.2133731245.0000000003E0A000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3E0A000
Size:	294912

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected RedLine Stealer	Stealing of Sensitive Information, Remote Access Functionality
Sample file is different than original file name gathered from version info	System Summary
Yara detected Credential Stealer	Stealing of Sensitive Information
Yara signature match	System Summary

Details

Name:	0000000A.00000002.2218778326.000000000424B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	424B000
Size:	294912

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected RedLine Stealer	Stealing of Sensitive Information, Remote Access Functionality
Yara detected Credential Stealer	Stealing of Sensitive Information
Yara signature match	System Summary
URLs found in memory or binary data	Networking

Details

Name:	0000000A.00000002.2227319860.0000000008DB0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	8DB0000
Size:	4096

Details

Name:	00000006.00000002.2103380054.00000000032A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	32A0000
Size:	16384

Details

Name:	00000008.00000002.2244863181.00000000034DB000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	34DB000
Size:	339968

Details

Name:	00000000.00000002.2135225458.0000000005715000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5715000
Size:	45056

Details

Name:	0000000A.00000002.2215256335.00000000012ED000.00000040.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	12ED000
Size:	4096

Details

Name:	00000000.00000002.2130953867.0000000000FCC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	FCC000
Size:	16384

Details

Name:	0000000E.00000002.2349697804.0000000006820000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6820000
Size:	65536

Details

Name:	00000008.00000002.2261215960.0000000007316000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7316000
Size:	4096

Details

Name:	00000008.00000002.2243396679.0000000001347000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	1347000
Size:	4096

Details

Name:	0000000A.00000002.2221135788.000000000580E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	580E000
Size:	8192

Details

Name:	0000000E.00000002.2349885099.00000000068C7000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	68C7000
Size:	20480

Details

Name:	0000000C.00000002.2193462800.0000000002E70000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2E70000
Size:	4096

Details

Name:	0000000E.00000002.2345513699.0000000005670000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5670000
Size:	65536

Details

Name:	0000000E.00000002.2353199730.0000000006F80000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6F80000
Size:	65536

Details

Name:	00000008.00000002.2255328064.0000000005926000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5926000
Size:	45056

Details

Name:	0000000E.00000002.2348933285.0000000006702000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6702000
Size:	8192

Details

Name:	0000000A.00000002.2221214288.0000000005820000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5820000
Size:	8192

Details

Name:	0000000E.00000002.2348468693.0000000006590000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6590000
Size:	4096

Details

Name:	00000008.00000002.2258085566.0000000006903000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6903000
Size:	20480

Details

Name:	00000000.00000002.2130972981.0000000001004000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1004000
Size:	12288

Details

Name:	0000000E.00000002.2352354389.0000000006F62000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6F62000
Size:	8192

Details

Name:	00000008.00000002.2260927422.000000000715C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	715C000
Size:	16384

Details

Name:	0000000E.00000002.2350748858.0000000006D34000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6D34000
Size:	98304

Details

Name:	0000000E.00000002.2350974408.0000000006D4D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6D4D000
Size:	4096

Details

Name:	00000008.00000002.2256425145.0000000005A5D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5A5D000
Size:	12288

Details

Name:	00000000.00000002.2130371091.0000000000E5E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	E5E000
Size:	8192

Details

Name:	00000008.00000002.2258617980.0000000006AFA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6AFA000
Size:	8192

Details

Name:	0000000E.00000002.2329592554.000000000325F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	325F000
Size:	196608

Details

Name:	0000000E.00000002.2326375186.0000000000E10000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	E10000
Size:	323584

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000000.00000002.2131342264.00000000011CE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	11CE000
Size:	8192

Details

Name:	00000000.00000002.2136701637.0000000008B2D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8B2D000
Size:	12288

Details

Name:	0000000A.00000002.2215532868.0000000001380000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1380000
Size:	4096

Details

Name:	0000000E.00000002.2328037529.0000000001292000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1292000
Size:	4096

Details

Name:	0000000A.00000002.2215737357.0000000001426000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1426000
Size:	40960

Details

Name:	00000008.00000002.2258320711.000000000694B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	694B000
Size:	16384

Details

Name:	00000000.00000002.2130972981.0000000001089000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1089000
Size:	286720

Details

Name:	0000000E.00000002.2352354389.0000000006F56000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6F56000
Size:	4096

Details

Name:	0000000A.00000002.2227614920.000000000963F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	963F000
Size:	4096

Details

Name:	0000000E.00000002.2329592554.0000000002FAF000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2FAF000
Size:	36864

Details

Name:	0000000E.00000002.2326375186.0000000000D60000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	D60000
Size:	159744

Details

Name:	0000000E.00000002.2351084802.0000000006D50000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6D50000
Size:	57344

Details

Name:	00000008.00000002.2262056805.0000000007A40000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7A40000
Size:	4096

Details

Name:	0000000E.00000002.2353016441.0000000006F74000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6F74000
Size:	4096

Details

Name:	00000008.00000002.2258052620.0000000006900000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6900000
Size:	8192

Details

Name:	0000000E.00000002.2348033096.0000000006552000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6552000
Size:	12288

Details

Name:	00000000.00000002.2130103510.0000000000D20000.00000004.00000020.00040000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	D20000
Size:	4096

Details

Name:	0000000A.00000002.2216901362.0000000002FF0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2FF0000
Size:	4096

Details

Name:	00000000.00000002.2135570246.000000000720F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	720F000
Size:	4096

Details

Name:	0000000E.00000002.2350505811.0000000006D20000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6D20000
Size:	4096

Details

Name:	00000008.00000002.2244832829.00000000030AE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	30AE000
Size:	8192

Details

Name:	00000008.00000002.2243328888.0000000001340000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1340000
Size:	4096

Details

Name:	0000000A.00000002.2220816381.00000000055A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	55A0000
Size:	65536

Details

Name:	00000008.00000002.2249959676.00000000043CE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	43CE000
Size:	8192

Details

Name:	0000000E.00000002.2353016441.0000000006F70000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6F70000
Size:	4096

Details

Name:	00000000.00000002.2134862858.00000000055B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	55B0000
Size:	126976

Details

Name:	00000008.00000002.2256732160.0000000005ACE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5ACE000
Size:	8192

Details

Name:	0000000E.00000002.2345005982.00000000055B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	55B0000
Size:	65536

Details

Name:	0000000E.00000002.2349813308.000000000689E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	689E000
Size:	8192

Details

Name:	0000000E.00000002.2348901404.00000000066FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	66FE000
Size:	8192

Details

Name:	00000000.00000002.2132896027.0000000002D60000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D60000
Size:	4096

Details

Name:	0000000A.00000002.2227594155.000000000953E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	953E000
Size:	8192

Details

Name:	0000000A.00000002.2221944441.0000000006240000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6240000
Size:	401408

Details

Name:	00000008.00000002.2255190158.00000000056CE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	56CE000
Size:	8192

Details

Name:	00000008.00000002.2260552415.0000000007119000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7119000
Size:	16384

Details

Name:	00000008.00000002.2255150017.000000000568E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	568E000
Size:	8192

Details

Name:	0000000E.00000002.2344836340.0000000005590000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5590000
Size:	65536

Details

Name:	0000000E.00000002.2327723444.0000000001270000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1270000
Size:	12288

Details

Name:	00000008.00000002.2263867210.000000000874E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	874E000
Size:	8192

Details

Name:	0000000E.00000002.2352176571.0000000006DC9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6DC9000
Size:	4096

Details

Name:	0000000A.00000002.2215022149.000000000124E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	124E000
Size:	8192

Details

Name:	0000000E.00000002.2347164005.0000000006494000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6494000
Size:	4096

Details

Name:	00000000.00000002.2130777481.0000000000F00000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	F00000
Size:	4096

Details

Name:	00000008.00000002.2255224116.00000000057CE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	57CE000
Size:	8192

Details

Name:	0000000A.00000002.2215360719.0000000001300000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1300000
Size:	4096

Details

Name:	00000000.00000002.2132522967.0000000002CE6000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CE6000
Size:	16384

Details

Name:	00000008.00000002.2244863181.0000000003124000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3124000
Size:	4096

Details

Name:	00000008.00000002.2261215960.00000000072FF000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	72FF000
Size:	8192

Details

Name:	0000000E.00000002.2344260793.0000000005571000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5571000
Size:	28672

Details

Name:	00000008.00000002.2243215327.000000000132D000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	132D000
Size:	4096

Details

Name:	0000000E.00000002.2347125792.000000000647E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	647E000
Size:	8192

Details

Name:	0000000E.00000002.2327524141.000000000111E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	111E000
Size:	8192

Details

Name:	0000000E.00000002.2354120773.00000000077E0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	77E0000
Size:	4096

Details

Name:	0000000A.00000002.2215810861.000000000143E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	143E000
Size:	98304

Details

Name:	0000000E.00000002.2352354389.0000000006F34000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6F34000
Size:	4096

Details

Name:	00000008.00000002.2244863181.00000000033B2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	33B2000
Size:	32768

Details

Name:	0000000A.00000002.2217562708.0000000003226000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3226000
Size:	987136

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000006.00000002.2103215990.0000000002F5A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2F5A000
Size:	106496

Details

Name:	00000008.00000002.2256094695.00000000059D0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	59D0000
Size:	53248

Details

Name:	0000000C.00000002.2193565782.00000000030C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	30C0000
Size:	16384

Details

Name:	00000006.00000002.2103292757.000000000315E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	315E000
Size:	8192

Details

Name:	00000008.00000002.2258617980.0000000006AD5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6AD5000
Size:	12288

Details

Name:	00000000.00000002.2132176339.00000000013F0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	13F0000
Size:	16384

Details

Name:	00000008.00000002.2242955847.0000000001270000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1270000
Size:	8192

Details

Name:	00000008.00000002.2257605924.00000000068CE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	68CE000
Size:	69632

Details

Name:	0000000E.00000002.2329592554.0000000002E89000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2E89000
Size:	12288

Details

Name:	0000000C.00000002.2193364834.0000000002C99000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2C99000
Size:	28672

Details

Name:	00000008.00000002.2259152282.0000000006B15000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6B15000
Size:	45056

Details

Name:	00000000.00000002.2137847760.000000000910C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	910C000
Size:	16384

Details

Name:	00000000.00000002.2135351929.0000000005E3D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5E3D000
Size:	12288

Details

Name:	0000000A.00000002.2227239640.0000000008C6F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8C6F000
Size:	4096

Details

Name:	0000000A.00000002.2215105745.00000000012D0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	12D0000
Size:	16384

Details

Name:	00000000.00000002.2132522967.0000000002CF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CF0000
Size:	4096

Details

Name:	0000000E.00000002.2348272832.000000000656C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	656C000
Size:	28672

Details

Name:	0000000E.00000002.2345718739.0000000005690000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5690000
Size:	65536

Details

Name:	00000008.00000002.2243442345.0000000001360000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1360000
Size:	4096

Details

Name:	0000000E.00000002.2353441921.0000000006FC2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6FC2000
Size:	57344

Details

Name:	00000008.00000002.2255752350.0000000005970000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5970000
Size:	65536

Details

Name:	00000006.00000002.2103066149.0000000002EB0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2EB0000
Size:	20480

Details

Name:	00000008.00000002.2243746245.00000000014C2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	14C2000
Size:	4096

Details

Name:	0000000E.00000002.2327932542.000000000128D000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	128D000
Size:	4096

Details

Name:	00000008.00000002.2261215960.00000000072F4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	72F4000
Size:	4096

Details

Name:	00000008.00000002.2244863181.00000000033BB000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	33BB000
Size:	712704

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000000.00000002.2132522967.0000000002CF2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CF2000
Size:	49152

Details

Name:	00000008.00000002.2259811530.0000000006C80000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6C80000
Size:	36864

Details

Name:	0000000E.00000002.2349263899.0000000006740000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6740000
Size:	4096

Details

Name:	0000000E.00000002.2329592554.00000000031E4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	31E4000
Size:	32768

Details

Name:	0000000E.00000002.2355205828.000000000837E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	837E000
Size:	8192

Details

Name:	00000008.00000002.2242904980.0000000001150000.00000004.00000020.00040000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1150000
Size:	4096

Details

Name:	0000000E.00000002.2348827463.00000000065F0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	65F0000
Size:	16384

Details

Name:	00000008.00000002.2256425145.0000000005A5A000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5A5A000
Size:	8192

Details

Name:	00000008.00000002.2249959676.00000000042D3000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	42D3000
Size:	180224

Details

Name:	00000000.00000002.2132522967.0000000002CE1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CE1000
Size:	16384

Details

Name:	00000008.00000002.2249959676.00000000042C6000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	42C6000
Size:	4096

Details

Name:	00000008.00000002.2244477798.0000000001760000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1760000
Size:	16384

Details

Name:	00000000.00000002.2131690824.00000000013C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	13C0000
Size:	65536

Details

Name:	0000000E.00000002.2348794848.00000000065EE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	65EE000
Size:	8192

Details

Name:	00000000.00000002.2134660630.0000000005210000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5210000
Size:	65536

Details

Name:	00000008.00000002.2260487294.0000000007106000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7106000
Size:	24576

Details

Name:	0000000E.00000002.2348165228.0000000006556000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6556000
Size:	20480

Details

Name:	00000008.00000002.2243594310.000000000141C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	141C000
Size:	16384

Details

Name:	0000000E.00000002.2329592554.0000000002FA6000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2FA6000
Size:	32768

Details

Name:	00000000.00000002.2132025882.00000000013EF000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	13EF000
Size:	4096

Details

Name:	00000008.00000002.2258174263.000000000691F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	691F000
Size:	8192

Details

Name:	00000008.00000002.2255677640.0000000005960000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5960000
Size:	65536

Details

Name:	0000000E.00000002.2329592554.00000000031AD000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	31AD000
Size:	217088

Details

Name:	00000008.00000002.2244863181.00000000032D8000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	32D8000
Size:	196608

Details

Name:	00000008.00000002.2243464140.0000000001370000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1370000
Size:	16384

Details

Name:	00000008.00000002.2243515684.00000000013C0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	13C0000
Size:	65536

Details

Name:	0000000A.00000002.2227431844.000000000912E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	912E000
Size:	8192

Details

Name:	00000000.00000002.2130659751.0000000000EE0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	EE0000
Size:	4096

Details

Name:	00000008.00000002.2263555832.0000000007DB0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7DB0000
Size:	65536

Details

Name:	0000000E.00000002.2346374048.000000000585E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	585E000
Size:	8192

Details

Name:	00000008.00000002.2263773418.0000000007F20000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7F20000
Size:	4096

Details

Name:	00000008.00000002.2259708680.0000000006C70000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6C70000
Size:	49152

Details

Name:	00000008.00000002.2242729605.0000000000400000.00000040.00000400.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	remote allocation
Protect:	page execute and read and write
Base address:	400000
Size:	4096

Details

Name:	0000000E.00000002.2327757470.0000000001273000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	1273000
Size:	4096

Details

Name:	00000000.00000002.2136477709.00000000089F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	89F0000
Size:	4096

Details

Name:	0000000A.00000002.2219908520.000000000554D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	554D000
Size:	16384

Details

Name:	00000008.00000002.2257201094.0000000005F20000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5F20000
Size:	57344

Details

Name:	0000000A.00000002.2216939833.0000000003050000.00000040.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	3050000
Size:	40960

Details

Name:	00000000.00000002.2132868860.0000000002D20000.00000040.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	2D20000
Size:	4096

Details

Name:	0000000E.00000002.2326217678.0000000000D37000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	D37000
Size:	36864

Details

Name:	0000000E.00000002.2329592554.0000000002FC2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2FC2000
Size:	135168

Details

Name:	0000000A.00000002.2215433043.0000000001310000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1310000
Size:	4096

Details

Name:	00000008.00000002.2263663023.0000000007DDA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7DDA000
Size:	4096

Details

Name:	0000000E.00000002.2326375186.0000000000D95000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	D95000
Size:	98304

Details

Name:	0000000A.00000002.2219908520.0000000005520000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5520000
Size:	12288

Details

Name:	0000000E.00000002.2349779132.0000000006850000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6850000
Size:	4096

Details

Name:	00000008.00000002.2255328064.0000000005941000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5941000
Size:	49152

Details

Name:	0000000E.00000002.2327985362.0000000001290000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1290000
Size:	4096

Details

Name:	0000000E.00000002.2353441921.0000000006FC0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6FC0000
Size:	4096

Details

Name:	00000008.00000002.2243374237.0000000001345000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	1345000
Size:	4096

Details

Name:	0000000E.00000002.2329414408.0000000002B80000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2B80000
Size:	4096

Details

Name:	00000008.00000002.2244863181.0000000003120000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3120000
Size:	4096

Details

Name:	00000008.00000002.2259023254.0000000006B04000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6B04000
Size:	36864

Details

Name:	0000000E.00000002.2354736218.0000000007870000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7870000
Size:	45056

Details

Name:	0000000A.00000002.2214977118.0000000001200000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1200000
Size:	8192

Details

Name:	0000000A.00000002.2219908520.000000000553E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	553E000
Size:	4096

Details

Name:	0000000E.00000002.2347710402.000000000651E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	651E000
Size:	155648

Details

Name:	00000000.00000002.2135225458.0000000005710000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5710000
Size:	12288

Details

Name:	00000000.00000002.2137814651.000000000900C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	900C000
Size:	16384

Details

Name:	0000000A.00000002.2215810861.00000000014A2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	14A2000
Size:	151552

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	0000000E.00000002.2329592554.0000000002E99000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2E99000
Size:	4096

Details

Name:	0000000E.00000002.2352354389.0000000006F5D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6F5D000
Size:	4096

Details

Name:	00000008.00000002.2249959676.00000000043CB000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	43CB000
Size:	4096

Details

Name:	0000000E.00000002.2329592554.00000000032D1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	32D1000
Size:	192512

Details

Name:	00000008.00000002.2260815088.0000000007135000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7135000
Size:	40960

Details

Name:	0000000E.00000002.2329592554.000000000317C000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	317C000
Size:	196608

Details

Name:	00000008.00000002.2249959676.00000000043BB000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	43BB000
Size:	8192

Details

Name:	00000008.00000002.2260001060.0000000006E70000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6E70000
Size:	36864

Details

Name:	0000000E.00000002.2350046056.0000000006B9E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6B9E000
Size:	8192

Details

Name:	0000000A.00000002.2214884230.00000000010F7000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	10F7000
Size:	36864

Details

Name:	0000000A.00000002.2215710274.0000000001410000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1410000
Size:	65536

Details

Name:	00000008.00000002.2243418525.000000000134B000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	134B000
Size:	8192

Details

Name:	0000000E.00000002.2352354389.0000000006F3C000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6F3C000
Size:	4096

Details

Name:	0000000E.00000002.2329592554.0000000002F39000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F39000
Size:	45056

Details

Name:	00000008.00000002.2257605924.0000000006892000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6892000
Size:	217088

Details

Name:	0000000E.00000002.2328995448.0000000002AFA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2AFA000
Size:	24576

Details

Name:	0000000E.00000002.2329592554.0000000002E9B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2E9B000
Size:	12288

Details

Name:	0000000E.00000002.2329592554.0000000002C91000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2C91000
Size:	1941504

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	0000000E.00000002.2352354389.0000000006F3F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6F3F000
Size:	8192

Details

Name:	0000000C.00000002.2193525112.0000000002FCE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2FCE000
Size:	8192

Details

Name:	00000000.00000002.2134740884.0000000005270000.00000004.08000000.00040000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library section
Protect:	page read and write
Base address:	5270000
Size:	53248

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000008.00000002.2258511269.00000000069C0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	69C0000
Size:	16384

Details

Name:	0000000A.00000002.2218778326.00000000043BE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	43BE000
Size:	4096

Details

Name:	00000008.00000002.2243746245.00000000014BE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	14BE000
Size:	12288

Details

Name:	0000000E.00000002.2327409173.0000000000F05000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	F05000
Size:	16384

Details

Name:	0000000E.00000002.2327836547.000000000127D000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	127D000
Size:	4096

Details

Name:	0000000A.00000002.2215810861.000000000143A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	143A000
Size:	8192

Details

Name:	0000000E.00000002.2329592554.000000000301B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	301B000
Size:	32768

Details

Name:	0000000A.00000002.2216452236.000000000162E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	162E000
Size:	8192

Details

Name:	00000000.00000002.2137161417.0000000008C2E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8C2E000
Size:	8192

Details

Name:	00000000.00000002.2130682161.0000000000EE3000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	EE3000
Size:	4096

Details

Name:	0000000E.00000002.2329592554.0000000003090000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3090000
Size:	32768

Details

Name:	0000000A.00000002.2221368793.0000000005A0F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5A0F000
Size:	196608

Details

Name:	0000000E.00000002.2352176571.0000000006DDF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6DDF000
Size:	4096

Details

Name:	00000008.00000002.2244863181.0000000003309000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3309000
Size:	217088

Details

Name:	00000000.00000002.2135400131.0000000005F40000.00000004.08000000.00040000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library section
Protect:	page read and write
Base address:	5F40000
Size:	368640

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	0000000E.00000002.2348033096.000000000654D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	654D000
Size:	16384

Details

Name:	00000008.00000002.2249959676.00000000042B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	42B0000
Size:	8192

Details

Name:	0000000E.00000002.2347255191.00000000064C2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	64C2000
Size:	184320

Details

Name:	00000008.00000002.2249959676.000000000423D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	423D000
Size:	57344

Details

Name:	00000008.00000002.2261189038.0000000007171000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7171000
Size:	8192

Details

Name:	00000000.00000002.2133731245.0000000003F7E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3F7E000
Size:	1540096

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	0000000E.00000002.2352354389.0000000006F58000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6F58000
Size:	4096

Details

Name:	00000000.00000002.2132522967.0000000002CC4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CC4000
Size:	16384

Details

Name:	0000000A.00000002.2218778326.00000000044D3000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	44D3000
Size:	4096

Details

Name:	00000008.00000002.2257485426.0000000006850000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6850000
Size:	4096

Details

Name:	00000008.00000002.2259537326.0000000006BF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6BF0000
Size:	65536

Details

Name:	00000008.00000002.2244863181.0000000003226000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3226000
Size:	217088

Details

Name:	00000008.00000002.2261215960.0000000007325000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7325000
Size:	36864

Details

Name:	00000000.00000002.2132938941.0000000002D70000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2D70000
Size:	65536

Details

Name:	00000000.00000002.2135294012.0000000005720000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5720000
Size:	8192

Details

Name:	00000008.00000002.2244679963.0000000002F6E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2F6E000
Size:	8192

Details

Name:	00000008.00000002.2261117474.0000000007165000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7165000
Size:	8192

Details

Name:	00000008.00000002.2244771529.0000000002F91000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F91000
Size:	61440

Details

Name:	0000000E.00000002.2329592554.0000000002F2F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F2F000
Size:	36864

Details

Name:	00000000.00000002.2130222303.0000000000E05000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	E05000
Size:	12288

Details

Name:	0000000A.00000002.2227544562.00000000093FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	93FE000
Size:	8192

Details

Name:	00000000.00000002.2130713618.0000000000EED000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	EED000
Size:	4096

Details

Name:	00000008.00000002.2249959676.00000000043D1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	43D1000
Size:	4096

Details

Name:	00000000.00000002.2134710503.000000000526E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	526E000
Size:	8192

Details

Name:	00000000.00000002.2133035914.0000000002D90000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D90000
Size:	4096

Details

Name:	0000000E.00000002.2352102940.0000000006DB9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6DB9000
Size:	12288

Details

Name:	00000008.00000002.2249959676.00000000040DA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	40DA000
Size:	28672

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	0000000E.00000002.2349097732.0000000006734000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6734000
Size:	36864

Details

Name:	00000000.00000000.2039377454.00000000008B2000.00000002.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	8B2000
Size:	544768

Details

Name:	00000000.00000002.2131400882.0000000001320000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	1320000
Size:	45056

Details

Name:	0000000E.00000002.2329102758.0000000002B00000.00000040.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	2B00000
Size:	4096

Details

Name:	0000000A.00000002.2215088864.00000000012C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	12C0000
Size:	8192

Details

Name:	0000000E.00000002.2344260793.000000000556E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	556E000
Size:	8192

Details

Name:	00000000.00000002.2135377559.0000000005E40000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5E40000
Size:	4096

Details

Name:	00000008.00000002.2258229982.0000000006936000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6936000
Size:	8192

Details

Name:	0000000E.00000002.2329592554.0000000003255000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3255000
Size:	36864

Details

Name:	00000008.00000002.2259677035.0000000006C6E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6C6E000
Size:	8192

Details

Name:	0000000E.00000002.2344152242.00000000052FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	52FE000
Size:	8192

Details

Name:	0000000E.00000002.2344260793.000000000557C000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	557C000
Size:	4096

Details

Name:	00000000.00000002.2130825028.0000000000F0A000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	F0A000
Size:	4096

Details

Name:	0000000E.00000002.2328294939.00000000012A7000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	12A7000
Size:	4096

Details

Name:	0000000A.00000002.2216918793.000000000303E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	303E000
Size:	8192

Details

Name:	0000000A.00000002.2217197413.00000000031A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	31A0000
Size:	65536

Details

Name:	0000000A.00000002.2221040553.00000000056D0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	56D0000
Size:	4096

Details

Name:	00000008.00000002.2263487351.0000000007D9E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7D9E000
Size:	8192

Details

Name:	00000008.00000002.2243291173.0000000001336000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	1336000
Size:	40960

Details

Name:	00000008.00000002.2258617980.0000000006AD2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6AD2000
Size:	8192

Details

Name:	0000000A.00000002.2227185007.0000000008A6E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8A6E000
Size:	8192

Details

Name:	0000000A.00000002.2218778326.0000000004535000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4535000
Size:	4096

Details

Name:	0000000E.00000002.2329592554.0000000002EF9000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2EF9000
Size:	217088

Details

Name:	0000000E.00000002.2354292894.0000000007820000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7820000
Size:	4096

Details

Name:	00000008.00000002.2258599436.0000000006ACF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6ACF000
Size:	4096

Details

Name:	0000000A.00000002.2218778326.00000000041E9000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	41E9000
Size:	4096

Details

Name:	00000008.00000002.2243746245.0000000001465000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1465000
Size:	360448

Details

Name:	00000006.00000002.2103034272.0000000002E90000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2E90000
Size:	4096

Details

Name:	0000000E.00000002.2350082419.0000000006BDE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6BDE000
Size:	8192

Details

Name:	00000008.00000002.2249959676.00000000042AA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	42AA000
Size:	8192

Details

Name:	0000000E.00000002.2346038996.00000000056FD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	56FD000
Size:	12288

Details

Name:	0000000A.00000002.2215518305.000000000137E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	137E000
Size:	8192

Details

Name:	00000008.00000002.2259470048.0000000006BE0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	6BE0000
Size:	65536

Details

Name:	00000008.00000002.2263732919.0000000007F1D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7F1D000
Size:	12288

Details

Name:	0000000E.00000002.2349534775.00000000067FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	67FE000
Size:	8192

Details

Name:	00000008.00000002.2244863181.00000000031E9000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	31E9000
Size:	32768

Details

Name:	00000008.00000002.2244570329.0000000002F1A000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F1A000
Size:	24576

Details

Name:	0000000C.00000002.2193390376.0000000002D00000.00000004.00000020.00040000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2D00000
Size:	4096

Details

Name:	00000008.00000002.2249959676.00000000043D3000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	43D3000
Size:	8192

Details

Name:	00000000.00000002.2130869162.0000000000F1B000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	F1B000
Size:	4096

Details

Name:	00000000.00000002.2130791233.0000000000F02000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	F02000
Size:	4096

Details

Name:	00000000.00000002.2137660863.0000000008D6E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8D6E000
Size:	8192

Details

Name:	00000000.00000002.2130891160.0000000000F30000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	F30000
Size:	16384

Details

Name:	00000008.00000002.2262620013.0000000007A90000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7A90000
Size:	65536

Details

Name:	0000000E.00000002.2346885965.0000000005B2E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5B2E000
Size:	8192

Details

Name:	0000000A.00000002.2221368793.00000000059E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	59E0000
Size:	188416

Details

Name:	0000000E.00000002.2355053804.0000000007A26000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7A26000
Size:	12288

Details

Name:	00000008.00000002.2244863181.000000000337B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	337B000
Size:	217088

Details

Name:	0000000E.00000002.2354018044.00000000076D0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	76D0000
Size:	12288

Details

Name:	0000000E.00000002.2349885099.00000000068C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	68C0000
Size:	24576

Details

Name:	00000008.00000002.2244863181.00000000032CE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	32CE000
Size:	36864

Details

Name:	00000008.00000002.2243132232.0000000001314000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1314000
Size:	16384

Details

Name:	0000000A.00000002.2221249474.00000000058B1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	58B1000
Size:	57344

Details

Name:	00000008.00000002.2244863181.00000000031D0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	31D0000
Size:	4096

Details

Name:	00000000.00000002.2135064245.00000000056C1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	56C1000
Size:	61440

Details

Name:	00000008.00000002.2259152282.0000000006B12000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6B12000
Size:	8192

Details

Name:	00000006.00000002.2103215990.0000000002F50000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2F50000
Size:	32768

Details

Name:	0000000E.00000002.2346101685.000000000573E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	573E000
Size:	8192

Details

Name:	00000008.00000002.2249959676.00000000042B7000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	42B7000
Size:	4096

Details

Name:	00000008.00000002.2263964720.000000007F9C0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7F9C0000
Size:	4096

Details

Name:	00000008.00000002.2261215960.0000000007304000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7304000
Size:	8192

Details

Name:	0000000E.00000002.2329567939.0000000002C8F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2C8F000
Size:	4096

Details

Name:	0000000A.00000002.2226498292.00000000075DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	75DE000
Size:	8192

Details

Name:	0000000E.00000002.2329592554.0000000003172000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3172000
Size:	36864

Details

Name:	00000000.00000002.2130328105.0000000000E10000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	E10000
Size:	8192

Details

Name:	00000000.00000002.2130928584.0000000000F8E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	F8E000
Size:	8192

Details

Name:	0000000E.00000002.2353882038.00000000076C0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	76C0000
Size:	65536

Details

Name:	00000008.00000002.2256944306.0000000005C2B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5C2B000
Size:	8192

Details

Name:	00000008.00000002.2260352129.00000000070F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	70F0000
Size:	73728

Details

Name:	00000000.00000002.2137904186.000000000924E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	924E000
Size:	8192

Details

Name:	0000000E.00000002.2347255191.00000000064FC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	64FC000
Size:	4096

Details

Name:	00000008.00000002.2262763571.0000000007AA0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7AA0000
Size:	65536

Details

Name:	0000000E.00000002.2329592554.0000000002F47000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F47000
Size:	8192

Signature Hits	Behavior Group	Mitre Attack
SQL strings found in memory and binary data	System Summary

Details

Name:	00000000.00000002.2136339737.00000000088ED000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	88ED000
Size:	12288

Details

Name:	0000000E.00000002.2328995448.0000000002AF4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2AF4000
Size:	20480

Details

Name:	00000008.00000002.2261215960.00000000072FC000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	72FC000
Size:	4096

Details

Name:	0000000A.00000002.2215810861.0000000001472000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1472000
Size:	184320

Details

Name:	0000000E.00000002.2345948910.00000000056B0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	56B0000
Size:	65536

Details

Name:	0000000E.00000002.2347990733.0000000006545000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6545000
Size:	16384

Details

Name:	00000000.00000002.2135962140.00000000084EE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	84EE000
Size:	8192

Details

Name:	0000000A.00000002.2217562708.0000000003366000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3366000
Size:	696320

Details

Name:	00000008.00000002.2249959676.00000000044BE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	44BE000
Size:	966656

Details

Name:	00000008.00000002.2243746245.00000000014C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	14C4000
Size:	8192

Details

Name:	0000000E.00000002.2344260793.000000000554B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	554B000
Size:	8192

Details

Name:	0000000E.00000002.2326147208.0000000000C3B000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	C3B000
Size:	20480

Details

Name:	0000000E.00000002.2328384642.00000000012AB000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	12AB000
Size:	8192

Details

Name:	0000000E.00000002.2348645088.00000000065A0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	65A0000
Size:	65536

Details

Name:	00000008.00000002.2244863181.000000000334A000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	334A000
Size:	196608

Details

Name:	0000000E.00000002.2344260793.0000000005556000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5556000
Size:	20480

Details

Name:	0000000E.00000002.2349097732.0000000006730000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6730000
Size:	4096

Details

Name:	00000008.00000002.2244362839.000000000162F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	162F000
Size:	4096

Details

Name:	00000008.00000002.2259889368.0000000006C90000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6C90000
Size:	4096

Details

Name:	0000000E.00000002.2346526097.0000000005AEE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5AEE000
Size:	8192

Details

Name:	00000008.00000002.2242979779.0000000001295000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1295000
Size:	16384

Details

Name:	0000000E.00000002.2355053804.0000000007A2A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7A2A000
Size:	4096

Details

Name:	0000000E.00000002.2347164005.0000000006488000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6488000
Size:	4096

Details

Name:	00000000.00000002.2130859251.0000000000F17000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	F17000
Size:	4096

Details

Name:	0000000E.00000002.2346325738.000000000584E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	584E000
Size:	8192

Details

Name:	00000008.00000002.2249959676.0000000004124000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4124000
Size:	1048576

Details

Name:	00000008.00000002.2249959676.00000000040C2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	40C2000
Size:	90112

Details

Name:	0000000E.00000002.2337066239.0000000003CC2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3CC2000
Size:	176128

Details

Name:	0000000E.00000002.2351084802.0000000006D61000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6D61000
Size:	8192

Signature Hits	Behavior Group	Mitre Attack
SQL strings found in memory and binary data	System Summary

Details

Name:	0000000E.00000002.2344260793.000000000555D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	555D000
Size:	16384

Details

Name:	00000008.00000002.2256494554.0000000005A60000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5A60000
Size:	65536

Details

Name:	00000008.00000002.2261215960.00000000072F2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	72F2000
Size:	4096

Details

Name:	0000000A.00000002.2217494276.00000000031D0000.00000040.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	31D0000
Size:	4096

Details

Name:	00000000.00000002.2135932067.00000000084AE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	84AE000
Size:	8192

Details

Name:	0000000E.00000002.2354156444.00000000077F0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	77F0000
Size:	65536

Details

Name:	00000008.00000002.2255328064.0000000005921000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5921000
Size:	16384

Details

Name:	0000000E.00000002.2354416785.0000000007840000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7840000
Size:	65536

Details

Name:	00000008.00000002.2243492111.00000000013BE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	13BE000
Size:	8192

Details

Name:	0000000E.00000002.2352354389.0000000006F36000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6F36000
Size:	4096

Details

Name:	0000000A.00000002.2219908520.000000000552B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	552B000
Size:	65536

Details

Name:	00000008.00000002.2244477798.0000000001766000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1766000
Size:	16384

Details

Name:	00000000.00000002.2133731245.0000000003DC9000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3DC9000
Size:	184320

Details

Name:	0000000A.00000002.2217004824.000000000309E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	309E000
Size:	8192

Details

Name:	0000000E.00000002.2329160794.0000000002B50000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2B50000
Size:	4096

Details

Name:	0000000A.00000002.2217562708.00000000031E1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	31E1000
Size:	274432

Details

Name:	0000000E.00000002.2328995448.0000000002AF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2AF0000
Size:	12288

Details

Name:	0000000A.00000002.2216645516.0000000002FCE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2FCE000
Size:	8192

Details

Name:	0000000E.00000002.2353796503.00000000076B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	76B0000
Size:	65536

Details

Name:	00000008.00000002.2257110190.0000000005EBD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5EBD000
Size:	12288

Details

Name:	0000000E.00000002.2337066239.0000000003CC0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3CC0000
Size:	4096

Details

Name:	00000008.00000002.2256884318.0000000005C1E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5C1E000
Size:	8192

Details

Name:	00000000.00000002.2130972981.0000000000FD0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	FD0000
Size:	49152

Details

Name:	00000008.00000002.2256581573.0000000005A70000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5A70000
Size:	65536

Details

Name:	00000008.00000002.2255328064.0000000005932000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5932000
Size:	36864

Details

Name:	00000000.00000002.2134772848.0000000005490000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	5490000
Size:	65536

Details

Name:	0000000A.00000002.2215810861.0000000001464000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1464000
Size:	20480

Details

Name:	0000000E.00000002.2355283571.000000007F1C0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7F1C0000
Size:	4096

Details

Name:	0000000E.00000002.2348468693.0000000006592000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6592000
Size:	12288

Details

Name:	00000008.00000002.2255328064.0000000005910000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5910000
Size:	36864

Details

Name:	0000000E.00000002.2329211073.0000000002B60000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2B60000
Size:	65536

Details

Name:	0000000E.00000002.2329126217.0000000002B4C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2B4C000
Size:	16384

Details

Name:	0000000E.00000002.2345615992.000000000568A000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	568A000
Size:	8192

Details

Name:	0000000A.00000002.2216690963.0000000002FD0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2FD0000
Size:	57344

Details

Name:	0000000A.00000002.2215737357.0000000001420000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1420000
Size:	4096

Details

Name:	0000000E.00000002.2352176571.0000000006DBD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6DBD000
Size:	20480

Details

Name:	00000008.00000002.2261215960.00000000072F6000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	72F6000
Size:	4096

Details

Name:	00000008.00000002.2260108710.000000000706E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	706E000
Size:	8192

Details

Name:	00000000.00000002.2131359895.00000000012CE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	12CE000
Size:	8192

Details

Name:	00000000.00000002.2127493721.00000000009CA000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	9CA000
Size:	24576

Details

Name:	00000000.00000002.2132499230.0000000002CBE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2CBE000
Size:	8192

Details

Name:	0000000A.00000002.2227402828.000000000902E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	902E000
Size:	8192

Details

Name:	00000008.00000002.2243746245.00000000014CA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	14CA000
Size:	413696

Signature Hits	Behavior Group	Mitre Attack
AV process strings found (often used to terminate AV products)	Lowering of HIPS / PFW / Operating System Security Settings	Security Software Discovery
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	0000000E.00000002.2345183275.00000000055F0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	55F0000
Size:	65536

Details

Name:	00000008.00000002.2262869922.0000000007AD0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7AD0000
Size:	12288

Details

Name:	00000008.00000002.2258006805.00000000068FB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	68FB000
Size:	8192

Details

Name:	0000000A.00000002.2215042047.000000000128E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	128E000
Size:	8192

Details

Name:	0000000A.00000002.2222391092.00000000073B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	73B0000
Size:	4096

Details

Name:	00000000.00000002.2133731245.0000000003DA1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3DA1000
Size:	28672

Details

Name:	00000008.00000002.2263633017.0000000007DC0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7DC0000
Size:	4096

Details

Name:	00000006.00000002.2102873336.0000000002BDD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2BDD000
Size:	12288

Details

Name:	00000000.00000002.2134810380.00000000054A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	54A0000
Size:	8192

Details

Name:	0000000A.00000002.2215105745.00000000012D5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	12D5000
Size:	12288

Details

Name:	0000000A.00000002.2221332444.00000000059DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	59DE000
Size:	8192

Details

Name:	00000000.00000002.2131774184.00000000013D0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	13D0000
Size:	4096

Details

Name:	00000000.00000002.2135031066.00000000056B0000.00000004.08000000.00040000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library section
Protect:	page read and write
Base address:	56B0000
Size:	20480

Details

Name:	0000000A.00000002.2215469367.0000000001317000.00000040.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	1317000
Size:	4096

Details

Name:	00000008.00000002.2249959676.00000000045BE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	45BE000
Size:	966656

Details

Name:	00000008.00000002.2244863181.00000000030B1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	30B1000
Size:	319488

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	0000000E.00000002.2347255191.000000000650E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	650E000
Size:	57344

Details

Name:	00000008.00000002.2263307687.0000000007D20000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7D20000
Size:	65536

Details

Name:	00000000.00000002.2135186634.0000000005700000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5700000
Size:	65536

Details

Name:	0000000E.00000002.2352354389.0000000006F51000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6F51000
Size:	8192

Details

Name:	0000000A.00000002.2215810861.0000000001430000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1430000
Size:	36864

Details

Name:	0000000E.00000002.2329592554.0000000003024000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3024000
Size:	36864

Details

Name:	00000008.00000002.2257485426.0000000006864000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6864000
Size:	4096

Details

Name:	0000000C.00000002.2193543945.000000000300F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	300F000
Size:	4096

Details

Name:	0000000A.00000002.2227340188.0000000008EED000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8EED000
Size:	12288

Details

Name:	0000000E.00000002.2344260793.0000000005563000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5563000
Size:	4096

Details

Name:	00000000.00000002.2136281461.00000000087AF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	87AF000
Size:	4096

Details

Name:	0000000E.00000002.2351084802.0000000006D75000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6D75000
Size:	20480

Details

Name:	0000000E.00000002.2354811128.0000000007880000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7880000
Size:	8192

Details

Name:	0000000E.00000002.2354322702.0000000007830000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7830000
Size:	65536

Details

Name:	0000000A.00000002.2221606416.0000000005B2B000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5B2B000
Size:	20480

Details

Name:	0000000E.00000002.2329592554.0000000003099000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3099000
Size:	196608

Details

Name:	0000000E.00000002.2350654817.0000000006D26000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6D26000
Size:	40960

Details

Name:	0000000A.00000002.2217124999.000000000319C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	319C000
Size:	16384

Details

Name:	0000000A.00000002.2217562708.0000000003411000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3411000
Size:	8192

Details

Name:	00000008.00000002.2244704205.0000000002F70000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F70000
Size:	36864

Details

Name:	00000008.00000002.2263395614.0000000007D30000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7D30000
Size:	24576

Details

Name:	00000008.00000002.2249959676.00000000043D9000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	43D9000
Size:	8192

Details

Name:	00000008.00000002.2261919379.000000000739B000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	739B000
Size:	20480

Details

Name:	00000008.00000002.2260207053.00000000070AE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	70AE000
Size:	8192

Details

Name:	0000000E.00000002.2355184030.000000000827F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	827F000
Size:	4096

Details

Name:	0000000E.00000002.2327870082.0000000001280000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1280000
Size:	28672

Details

Name:	00000008.00000002.2244863181.00000000031F2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	31F2000
Size:	208896

Details

Name:	0000000A.00000002.2219908520.0000000005552000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5552000
Size:	49152

Details

Name:	0000000E.00000002.2354857936.00000000079DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	79DE000
Size:	8192

Details

Name:	0000000E.00000002.2329592554.0000000003030000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3030000
Size:	8192

Signature Hits	Behavior Group	Mitre Attack
SQL strings found in memory and binary data	System Summary

Details

Name:	0000000E.00000002.2353587741.000000000765B000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	765B000
Size:	20480

Details

Name:	00000006.00000002.2102975385.0000000002E80000.00000004.00000020.00040000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2E80000
Size:	4096

Details

Name:	00000008.00000002.2263395614.0000000007D37000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7D37000
Size:	20480

Details

Name:	0000000E.00000002.2328929188.0000000002AE0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2AE0000
Size:	65536

Details

Name:	0000000E.00000002.2329592554.0000000002F4D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F4D000
Size:	135168

Details

Name:	00000000.00000002.2135119844.00000000056D0000.00000004.08000000.00040000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library section
Protect:	page read and write
Base address:	56D0000
Size:	28672

Details

Name:	00000008.00000002.2257155985.0000000005EFE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5EFE000
Size:	8192

Details

Name:	0000000A.00000002.2217562708.0000000003364000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3364000
Size:	4096

Details

Name:	00000000.00000002.2130972981.0000000000FDE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	FDE000
Size:	98304

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	0000000E.00000002.2354891738.0000000007A00000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7A00000
Size:	65536

Details

Name:	0000000E.00000002.2328221357.00000000012A2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	12A2000
Size:	4096

Details

Name:	0000000A.00000002.2214934565.0000000001120000.00000004.00000020.00040000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1120000
Size:	4096

Details

Name:	0000000E.00000002.2349371908.0000000006750000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6750000
Size:	65536

Details

Name:	0000000A.00000002.2219908520.0000000005541000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5541000
Size:	16384

Details

Name:	00000000.00000002.2136019724.0000000008500000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	8500000
Size:	4096

Details

Name:	0000000A.00000002.2215416177.000000000130A000.00000040.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	130A000
Size:	4096

Details

Name:	00000008.00000002.2256000584.00000000059C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	59C0000
Size:	65536

Details

Name:	00000000.00000002.2130763748.0000000000EFD000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	EFD000
Size:	4096

Details

Name:	0000000E.00000002.2344090616.00000000051EE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	51EE000
Size:	8192

Details

Name:	0000000A.00000002.2227160554.00000000088AE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	88AE000
Size:	8192

Details

Name:	00000008.00000002.2259152282.0000000006B10000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6B10000
Size:	4096

Details

Name:	00000008.00000002.2263214187.0000000007D10000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7D10000
Size:	65536

Details

Name:	00000000.00000002.2134836413.00000000055AF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	55AF000
Size:	4096

Details

Name:	00000000.00000002.2134862858.00000000055D0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	55D0000
Size:	237568

Details

Name:	00000008.00000002.2243746245.0000000001459000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1459000
Size:	45056

Details

Name:	00000000.00000002.2133067683.0000000002DA1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2DA1000
Size:	274432

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000008.00000002.2258487616.00000000069BE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	69BE000
Size:	8192

Details

Name:	00000008.00000002.2259644743.0000000006C20000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6C20000
Size:	4096

Details

Name:	00000008.00000002.2256651081.0000000005A80000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	5A80000
Size:	65536

Details

Name:	00000000.00000002.2137936015.0000000009261000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	9261000
Size:	4096

Details

Name:	0000000E.00000002.2349263899.0000000006745000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6745000
Size:	45056

Details

Name:	00000000.00000002.2132441609.0000000001419000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1419000
Size:	8192

Details

Name:	0000000A.00000002.2215219921.00000000012E4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	12E4000
Size:	4096

Details

Name:	0000000A.00000002.2227287957.0000000008DAD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8DAD000
Size:	12288

Details

Name:	00000000.00000002.2134610985.0000000004E9C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4E9C000
Size:	16384

Details

Name:	00000008.00000002.2244863181.000000000346C000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	346C000
Size:	208896

Details

Name:	00000000.00000002.2130585572.0000000000E9E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	E9E000
Size:	8192

Details

Name:	0000000E.00000002.2327258871.0000000000E80000.00000004.00000020.00040000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	E80000
Size:	4096

Details

Name:	0000000A.00000002.2218778326.0000000004479000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4479000
Size:	4096

Details

Name:	00000008.00000002.2243163126.000000000131D000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	131D000
Size:	4096

Details

Name:	00000000.00000002.2132833516.0000000002D10000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2D10000
Size:	65536

Details

Name:	0000000A.00000002.2221639488.0000000005B30000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5B30000
Size:	65536

Details

Name:	0000000A.00000002.2215379064.0000000001302000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1302000
Size:	4096

Details

Name:	0000000E.00000002.2352354389.0000000006F65000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6F65000
Size:	36864

Details

Name:	00000008.00000002.2249959676.0000000004305000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4305000
Size:	700416

Details

Name:	0000000A.00000002.2221700734.0000000005B40000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5B40000
Size:	12288

Details

Name:	00000008.00000002.2258425881.0000000006970000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	6970000
Size:	65536

Details

Name:	0000000E.00000002.2329592554.0000000002E91000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2E91000
Size:	28672

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000008.00000002.2258617980.0000000006AD0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6AD0000
Size:	4096

Details

Name:	0000000E.00000002.2347164005.0000000006480000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6480000
Size:	4096

Details

Name:	00000008.00000002.2256806967.0000000005B10000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	5B10000
Size:	65536

Details

Name:	00000008.00000002.2242979779.0000000001290000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1290000
Size:	16384

Details

Name:	0000000E.00000002.2350150848.0000000006C1E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6C1E000
Size:	8192

Details

Name:	00000008.00000002.2244863181.0000000003100000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3100000
Size:	122880

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	0000000E.00000002.2327637093.000000000124F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	124F000
Size:	4096

Details

Name:	00000000.00000002.2136437737.00000000089ED000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	89ED000
Size:	12288

Details

Name:	00000008.00000002.2255328064.000000000591B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	591B000
Size:	20480

Details

Name:	00000008.00000002.2249959676.00000000042CE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	42CE000
Size:	8192

Details

Name:	0000000C.00000002.2193409407.0000000002E1E000.00000004.00000001.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2E1E000
Size:	8192

Details

Name:	00000000.00000002.2135519719.0000000005FB0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5FB0000
Size:	8192

Details

Name:	00000008.00000002.2255253230.000000000580E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	580E000
Size:	8192

Details

Name:	00000000.00000002.2132977723.0000000002D80000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	2D80000
Size:	65536

Details

Name:	00000000.00000002.2129634850.0000000000CF7000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	CF7000
Size:	36864

Details

Name:	0000000E.00000002.2328770996.00000000012EB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	12EB000
Size:	16384

Details

Name:	00000008.00000002.2244477798.000000000176B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	176B000
Size:	16384

Details

Name:	0000000E.00000002.2327796933.0000000001274000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1274000
Size:	16384

Details

Name:	00000008.00000002.2261215960.0000000007308000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7308000
Size:	4096

Details

Name:	0000000A.00000002.2215810861.00000000014F6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	14F6000
Size:	233472

Details

Name:	00000008.00000002.2258617980.0000000006AE8000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6AE8000
Size:	4096

Details

Name:	00000008.00000002.2257441640.000000000684E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	684E000
Size:	8192

Details

Name:	0000000E.00000002.2344260793.0000000005566000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5566000
Size:	20480

Details

Name:	00000008.00000002.2258617980.0000000006AEF000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6AEF000
Size:	8192

Details

Name:	00000008.00000002.2249959676.00000000043C5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	43C5000
Size:	8192

Details

Name:	00000000.00000002.2131539569.0000000001390000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1390000
Size:	4096

Details

Name:	0000000E.00000002.2345615992.000000000568D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	568D000
Size:	12288

Details

Name:	00000008.00000002.2243034350.00000000012DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	12DE000
Size:	8192

Details

Name:	00000008.00000002.2261215960.0000000007311000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7311000
Size:	8192

Details

Name:	00000008.00000002.2244863181.0000000003141000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3141000
Size:	8192

Details

Name:	00000000.00000002.2131496109.0000000001380000.00000040.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	1380000
Size:	4096

Details

Name:	00000000.00000002.2130972981.000000000105D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	105D000
Size:	8192

Details

Name:	00000000.00000002.2136173047.00000000086AE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	86AE000
Size:	8192

Details

Name:	0000000A.00000002.2215625375.00000000013B0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	13B0000
Size:	65536

Details

Name:	0000000A.00000002.2215482798.000000000131B000.00000040.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	131B000
Size:	4096

Details

Name:	00000000.00000002.2137876330.000000000914D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	914D000
Size:	12288

Details

Name:	0000000A.00000002.2222662401.00000000074D5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	74D5000
Size:	40960

Details

Name:	0000000E.00000002.2337066239.0000000003CBC000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3CBC000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	0000000A.00000002.2227695078.000000007F880000.00000040.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7F880000
Size:	4096

Details

Name:	00000000.00000002.2132176339.00000000013F5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	13F5000
Size:	45056

Details

Name:	00000008.00000002.2244863181.000000000325D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	325D000
Size:	36864

Details

Name:	0000000E.00000002.2351543150.0000000006D7F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6D7F000
Size:	20480

Details

Name:	0000000E.00000002.2327592506.0000000001140000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1140000
Size:	16384

Details

Name:	00000008.00000002.2249959676.00000000040B1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	40B1000
Size:	49152

Details

Name:	00000008.00000002.2255020204.00000000050B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	50B0000
Size:	4096

Details

Name:	0000000A.00000002.2215810861.0000000001457000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1457000
Size:	49152

Details

Name:	0000000E.00000002.2348933285.0000000006700000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6700000
Size:	4096

Details

Name:	00000008.00000002.2244863181.00000000031CE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	31CE000
Size:	4096

Details

Name:	0000000E.00000002.2343980439.0000000004C98000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4C98000
Size:	8192

Details

Name:	00000008.00000002.2243746245.0000000001444000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1444000
Size:	36864

Details

Name:	0000000A.00000002.2217562708.0000000003318000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3318000
Size:	307200

Details

Name:	00000008.00000002.2244863181.00000000031D2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	31D2000
Size:	86016

Details

Name:	0000000E.00000002.2348272832.0000000006568000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6568000
Size:	12288

Details

Name:	00000000.00000002.2132025882.00000000013E0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	13E0000
Size:	57344

Details

Name:	0000000A.00000002.2214843422.0000000000DCA000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	DCA000
Size:	24576

Details

Name:	0000000E.00000002.2345267275.0000000005600000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5600000
Size:	53248

Details

Name:	0000000E.00000002.2329592554.0000000002F6F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F6F000
Size:	217088

Details

Name:	0000000E.00000002.2329592554.0000000003037000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3037000
Size:	135168

Details

Name:	00000008.00000002.2244863181.000000000352F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	352F000
Size:	2039808

Details

Name:	00000000.00000002.2131612003.00000000013B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	13B0000
Size:	65536

Details

Name:	0000000E.00000002.2346150985.0000000005740000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	5740000
Size:	65536

Details

Name:	0000000E.00000002.2326375186.0000000000DB3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	DB3000
Size:	4096

Details

Name:	0000000A.00000002.2221744629.0000000005C4D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5C4D000
Size:	12288

Details

Name:	0000000A.00000002.2220895877.00000000055B0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	55B0000
Size:	65536

Details

Name:	0000000A.00000002.2218778326.00000000042D3000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	42D3000
Size:	4096

Details

Name:	00000008.00000002.2257393983.000000000674E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	674E000
Size:	8192

Details

Name:	0000000A.00000002.2218778326.0000000004420000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4420000
Size:	4096

Details

Name:	00000000.00000002.2136312589.00000000088AF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	88AF000
Size:	4096

Details

Name:	0000000E.00000002.2354083587.00000000077DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	77DE000
Size:	8192

Details

Name:	00000008.00000002.2243352124.0000000001342000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1342000
Size:	4096

Details

Name:	00000008.00000002.2259297378.0000000006B20000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6B20000
Size:	65536

Details

Name:	00000008.00000002.2244386365.000000000172F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	172F000
Size:	4096

Details

Name:	0000000E.00000002.2328770996.00000000012E6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	12E6000
Size:	16384

Details

Name:	00000008.00000002.2257956227.00000000068F6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	68F6000
Size:	12288

Details

Name:	00000008.00000002.2242866012.00000000010F8000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	10F8000
Size:	32768

Details

Name:	0000000E.00000002.2348234602.000000000655D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	655D000
Size:	12288

Details

Name:	00000008.00000002.2249959676.00000000043C2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	43C2000
Size:	4096

Details

Name:	00000008.00000002.2243238458.0000000001330000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1330000
Size:	4096

Details

Name:	0000000E.00000002.2348383568.0000000006578000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6578000
Size:	28672

Details

Name:	00000000.00000002.2135319436.000000000576C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	576C000
Size:	16384

Details

Name:	00000008.00000002.2244732843.0000000002F80000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F80000
Size:	65536

Details

Name:	00000008.00000002.2244863181.00000000034A1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	34A1000
Size:	32768

Details

Name:	00000008.00000002.2258134612.0000000006909000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6909000
Size:	20480

Details

Name:	0000000A.00000002.2227135747.000000000886E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	886E000
Size:	8192

Details

Name:	0000000A.00000002.2215272189.00000000012F0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	12F0000
Size:	8192

Details

Name:	0000000A.00000002.2220722092.0000000005590000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5590000
Size:	4096

Details

Name:	00000008.00000002.2242930001.000000000126E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	126E000
Size:	8192

Details

Name:	0000000E.00000002.2351734880.0000000006D87000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6D87000
Size:	196608

Signature Hits	Behavior Group	Mitre Attack
AV process strings found (often used to terminate AV products)	Lowering of HIPS / PFW / Operating System Security Settings	Security Software Discovery

Details

Name:	00000008.00000002.2261215960.000000000731D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	731D000
Size:	4096

Details

Name:	00000008.00000002.2257296755.000000000664E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	664E000
Size:	8192

Details

Name:	00000008.00000002.2244806883.0000000002FA0000.00000040.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	2FA0000
Size:	4096

Details

Name:	00000000.00000002.2132349168.0000000001400000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1400000
Size:	65536

Details

Name:	00000008.00000002.2249959676.00000000042C9000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	42C9000
Size:	4096

Details

Name:	00000008.00000002.2262535851.0000000007A80000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7A80000
Size:	4096

Details

Name:	0000000A.00000002.2227218764.0000000008B6F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8B6F000
Size:	4096

Details

Name:	00000008.00000002.2249959676.00000000040E2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	40E2000
Size:	180224

Details

Name:	00000008.00000002.2259889368.0000000006C94000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6C94000
Size:	49152

Details

Name:	00000008.00000002.2263663023.0000000007DD6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7DD6000
Size:	12288

Details

Name:	00000008.00000002.2263096974.0000000007CF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7CF0000
Size:	4096

Details

Name:	0000000A.00000002.2221295155.00000000058D0000.00000040.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	58D0000
Size:	4096

Details

Name:	00000000.00000002.2132522967.0000000002CCB000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CCB000
Size:	65536

Details

Name:	0000000E.00000002.2352354389.0000000006F48000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6F48000
Size:	4096

Details

Name:	00000008.00000002.2257485426.000000000685C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	685C000
Size:	4096

Details

Name:	0000000E.00000002.2351084802.0000000006D67000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6D67000
Size:	45056

Details

Name:	00000008.00000002.2255020204.00000000050B8000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	50B8000
Size:	12288

Details

Name:	0000000A.00000002.2219908520.0000000005546000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5546000
Size:	16384

Details

Name:	0000000E.00000002.2337066239.0000000003CBA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3CBA000
Size:	4096

Details

Name:	00000000.00000000.2039294844.00000000008B0000.00000002.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	8B0000
Size:	4096

Details

Name:	00000008.00000002.2263129306.0000000007D00000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7D00000
Size:	61440

Details

Name:	0000000A.00000002.2227258110.0000000008CAD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8CAD000
Size:	12288

Details

Name:	00000008.00000002.2244863181.0000000003723000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3723000
Size:	139264

Details

Name:	00000000.00000002.2130842590.0000000000F12000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	F12000
Size:	4096

Details

Name:	00000008.00000002.2261215960.0000000007318000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7318000
Size:	4096

Details

Name:	0000000E.00000002.2329592554.000000000310A000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	310A000
Size:	196608

Details

Name:	00000000.00000002.2137989030.000000007EF70000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7EF70000
Size:	4096

Details

Name:	0000000E.00000002.2328770996.00000000012E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	12E0000
Size:	16384

Details

Name:	0000000E.00000002.2353016441.0000000006F76000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6F76000
Size:	40960

Details

Name:	0000000E.00000002.2344260793.0000000005540000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5540000
Size:	36864

Details

Name:	00000008.00000002.2261215960.0000000007322000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7322000
Size:	8192

Details

Name:	00000008.00000002.2258354189.0000000006960000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6960000
Size:	4096

Details

Name:	0000000E.00000002.2346942995.0000000005B50000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5B50000
Size:	36864

Details

Name:	00000008.00000002.2255328064.000000000593E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	593E000
Size:	8192

Details

Name:	00000000.00000002.2133067683.0000000002F28000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F28000
Size:	700416

Details

Name:	00000000.00000002.2131774184.00000000013D3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	13D3000
Size:	8192

Details

Name:	0000000A.00000002.2221854589.0000000005C80000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5C80000
Size:	65536

Details

Name:	0000000A.00000002.2227511830.00000000093BC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	93BC000
Size:	16384

Details

Name:	00000008.00000002.2256356874.0000000005A40000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5A40000
Size:	65536

Details

Name:	0000000E.00000002.2349570618.0000000006810000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	6810000
Size:	65536

Details

Name:	00000008.00000002.2244863181.0000000003298000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3298000
Size:	217088

Details

Name:	0000000E.00000002.2349458999.00000000067BE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	67BE000
Size:	8192

Details

Name:	0000000A.00000002.2227459796.0000000009240000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	9240000
Size:	4096

Details

Name:	0000000E.00000002.2344025059.0000000004E2D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4E2D000
Size:	12288

Details

Name:	00000006.00000002.2103105662.0000000002EFE000.00000004.00000001.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2EFE000
Size:	8192

Details

Name:	00000000.00000002.2135148528.00000000056F0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	56F0000
Size:	65536

Details

Name:	0000000A.00000002.2222662401.00000000074D0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	74D0000
Size:	16384

Details

Name:	0000000E.00000002.2345094526.00000000055E0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	55E0000
Size:	65536

Details

Name:	0000000A.00000002.2215678651.000000000140C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	140C000
Size:	16384

Details

Name:	00000008.00000002.2249959676.00000000042C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	42C0000
Size:	4096

Details

Name:	00000006.00000002.2103166100.0000000002F3F000.00000004.00000001.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2F3F000
Size:	4096

Details

Name:	0000000E.00000002.2329592554.0000000002FBC000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2FBC000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
SQL strings found in memory and binary data	System Summary

Details

Name:	0000000E.00000002.2329592554.000000000313C000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	313C000
Size:	217088

Details

Name:	00000008.00000002.2262950616.0000000007BDE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7BDE000
Size:	8192

Details

Name:	00000008.00000002.2249959676.0000000004225000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4225000
Size:	4096

Details

Name:	0000000E.00000002.2327689602.0000000001260000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1260000
Size:	8192

Details

Name:	00000008.00000002.2244570329.0000000002F14000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F14000
Size:	20480

Details

Name:	0000000A.00000002.2215810861.00000000014A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	14A0000
Size:	4096

Details

Name:	0000000E.00000002.2327293038.0000000000ECE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	ECE000
Size:	8192

Details

Name:	00000008.00000002.2258617980.0000000006AD9000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6AD9000
Size:	8192

Details

Name:	00000008.00000002.2263799798.0000000007F30000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7F30000
Size:	4096

Details

Name:	00000008.00000002.2259383745.0000000006B8D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6B8D000
Size:	12288

Details

Name:	00000008.00000002.2244452556.0000000001740000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1740000
Size:	4096

Details

Name:	0000000E.00000002.2353689458.00000000076A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	76A0000
Size:	65536

Details

Name:	0000000E.00000002.2329592554.000000000321F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	321F000
Size:	217088

Details

Name:	00000008.00000002.2258255493.0000000006939000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6939000
Size:	65536

Details

Name:	0000000E.00000002.2337066239.0000000003CA9000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3CA9000
Size:	8192

Details

Name:	00000008.00000002.2262435052.0000000007A70000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7A70000
Size:	4096

Details

Name:	0000000E.00000002.2326375186.0000000000D88000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	D88000
Size:	49152

Details

Name:	00000008.00000002.2260286556.00000000070EF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	70EF000
Size:	4096

Details

Name:	00000008.00000002.2249959676.000000000422D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	422D000
Size:	4096

Details

Name:	0000000A.00000002.2217334353.00000000031C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	31C0000
Size:	65536

Details

Name:	00000008.00000002.2256944306.0000000005C2E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5C2E000
Size:	8192

Details

Name:	00000008.00000002.2244863181.00000000031C8000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	31C8000
Size:	20480

Details

Name:	00000008.00000002.2260927422.0000000007142000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7142000
Size:	102400

Details

Name:	00000008.00000002.2259432162.0000000006BCF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6BCF000
Size:	4096

Details

Name:	0000000E.00000002.2344060278.00000000051AE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	51AE000
Size:	8192

Details

Name:	00000008.00000002.2255118217.000000000524D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	524D000
Size:	12288

Details

Name:	0000000C.00000002.2193478701.0000000002E90000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2E90000
Size:	36864

Details

Name:	0000000E.00000002.2354610426.0000000007860000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7860000
Size:	65536

Details

Name:	0000000A.00000002.2215450612.0000000001312000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1312000
Size:	4096

Details

Name:	0000000E.00000002.2326375186.0000000000DAE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	DAE000
Size:	12288

Signature Hits	Behavior Group	Mitre Attack
AV process strings found (often used to terminate AV products)	Lowering of HIPS / PFW / Operating System Security Settings	Security Software Discovery

Details

Name:	00000000.00000002.2133731245.0000000003DA9000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3DA9000
Size:	4096

Details

Name:	00000008.00000002.2263518950.0000000007DA0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7DA0000
Size:	8192

Details

Name:	0000000A.00000002.2215199151.00000000012E3000.00000040.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	12E3000
Size:	4096

Details

Name:	0000000E.00000002.2327496160.00000000010DF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	10DF000
Size:	4096

Details

Name:	00000008.00000002.2263018823.0000000007CE0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7CE0000
Size:	65536

Details

Name:	00000008.00000002.2261849106.0000000007330000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7330000
Size:	65536

Details

Name:	0000000A.00000002.2227636224.0000000009640000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	9640000
Size:	8192

Details

Name:	00000008.00000002.2255834870.0000000005980000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5980000
Size:	65536

Details

Name:	0000000E.00000002.2344260793.0000000005579000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5579000
Size:	8192

Details

Name:	00000008.00000002.2243265271.0000000001332000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1332000
Size:	4096

Details

Name:	00000000.00000002.2130972981.0000000000FF7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	FF7000
Size:	49152

Details

Name:	00000000.00000002.2133731245.0000000003E93000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3E93000
Size:	4096

Details

Name:	0000000E.00000002.2329592554.0000000002E8E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2E8E000
Size:	8192

Details

Name:	00000008.00000002.2256288593.0000000005A30000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5A30000
Size:	65536

Details

Name:	0000000E.00000002.2328129023.00000000012A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	12A0000
Size:	4096

Details

Name:	00000008.00000002.2244654672.0000000002F20000.00000040.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	2F20000
Size:	4096

Details

Name:	00000008.00000002.2243568299.00000000013D0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	13D0000
Size:	4096

Details

Name:	00000008.00000002.2243652387.0000000001438000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1438000
Size:	45056

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	0000000A.00000002.2221163450.0000000005810000.00000040.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	5810000
Size:	65536

Details

Name:	0000000E.00000002.2328246285.00000000012A5000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	12A5000
Size:	4096

Details

Name:	00000008.00000002.2258617980.0000000006AEA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6AEA000
Size:	8192

Details

Name:	00000000.00000002.2132441609.0000000001410000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1410000
Size:	28672

Details

Name:	0000000A.00000002.2216556535.000000000172F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	172F000
Size:	4096

Details

Name:	00000008.00000002.2256944306.0000000005C20000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5C20000
Size:	36864

Details

Name:	0000000A.00000002.2215655293.00000000013C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	13C0000
Size:	16384

Details

Name:	0000000C.00000002.2193446073.0000000002E6F000.00000004.00000001.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2E6F000
Size:	4096

Details

Name:	00000008.00000002.2249959676.0000000004260000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4260000
Size:	282624

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000008.00000002.2258201330.000000000692E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	692E000
Size:	12288

Details

Name:	0000000E.00000002.2344922410.00000000055A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	55A0000
Size:	65536

Details

Name:	0000000E.00000002.2355021470.0000000007A10000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7A10000
Size:	4096

Details

Name:	00000008.00000002.2249959676.0000000004254000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4254000
Size:	4096

Details

Name:	0000000E.00000002.2345335488.0000000005610000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	5610000
Size:	65536

Details

Name:	00000008.00000002.2263834198.000000000864F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	864F000
Size:	4096

Details

Name:	0000000E.00000002.2337066239.0000000003C91000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3C91000
Size:	49152

Details

Name:	0000000E.00000002.2326375186.0000000000DBC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	DBC000
Size:	311296

Details

Name:	0000000E.00000002.2329592554.0000000002E9F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2E9F000
Size:	364544

Details

Name:	0000000E.00000002.2337066239.0000000003C9E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3C9E000
Size:	4096

Details

Name:	00000008.00000002.2261967088.00000000079F0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	79F0000
Size:	65536

Details

Name:	0000000A.00000002.2227376648.0000000008FEE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8FEE000
Size:	8192

Details

Name:	00000000.00000002.2130805396.0000000000F06000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	F06000
Size:	8192

Details

Name:	00000008.00000002.2244410306.0000000001730000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1730000
Size:	65536

Details

Name:	00000008.00000002.2243058734.0000000001300000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1300000
Size:	8192

Details

Name:	00000008.00000002.2243652387.0000000001430000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1430000
Size:	28672

Details

Name:	00000000.00000002.2130730575.0000000000EF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	EF0000
Size:	8192

Details

Name:	0000000E.00000002.2354501752.0000000007850000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7850000
Size:	65536

Details

Name:	00000000.00000002.2130908648.0000000000F40000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	F40000
Size:	4096

Details

Name:	0000000A.00000002.2215503063.0000000001330000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1330000
Size:	4096

Details

Name:	00000008.00000002.2243187092.0000000001320000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1320000
Size:	28672

Details

Name:	00000000.00000002.2130222303.0000000000E00000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	E00000
Size:	16384

Details

Name:	0000000E.00000002.2352354389.0000000006F32000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6F32000
Size:	4096

Details

Name:	0000000E.00000002.2337066239.0000000003EE4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3EE4000
Size:	2617344

Details

Name:	00000008.00000002.2262359458.0000000007A60000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7A60000
Size:	65536

Details

Name:	00000000.00000002.2130699011.0000000000EE4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	EE4000
Size:	4096

Details

Name:	00000000.00000002.2137681144.0000000008ECE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8ECE000
Size:	8192

Details

Name:	00000000.00000002.2137635354.0000000008C6E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8C6E000
Size:	8192

Details

Name:	00000008.00000002.2262056805.0000000007A42000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7A42000
Size:	57344

Details

Name:	0000000A.00000002.2216690963.0000000002FDF000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2FDF000
Size:	4096

Details

Name:	00000008.00000002.2249959676.00000000042C3000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	42C3000
Size:	8192

Details

Name:	0000000E.00000002.2344235444.000000000553F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	553F000
Size:	4096

Details

Name:	00000008.00000002.2258354189.0000000006962000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6962000
Size:	12288

Details

Name:	0000000A.00000002.2218778326.00000000044DC000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	44DC000
Size:	4096

Details

Name:	00000008.00000002.2249959676.00000000042BA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	42BA000
Size:	8192

Details

Name:	0000000A.00000002.2215810861.0000000001470000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1470000
Size:	4096

Details

Name:	0000000E.00000002.2347038569.000000000627E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	627E000
Size:	8192

Details

Name:	0000000A.00000002.2216823067.0000000002FE0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2FE0000
Size:	16384

Details

Name:	00000000.00000002.2130972981.000000000100F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	100F000
Size:	4096

Details

Name:	0000000E.00000002.2344127619.00000000051F0000.00000040.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	51F0000
Size:	4096

Details

Name:	00000008.00000002.2261145582.0000000007168000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7168000
Size:	24576

Details

Name:	0000000E.00000002.2344260793.000000000554E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	554E000
Size:	8192

Details

Name:	00000008.00000002.2243625091.0000000001420000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1420000
Size:	8192

Details

Name:	0000000E.00000002.2345837773.00000000056A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	56A0000
Size:	65536

Details

Name:	0000000E.00000002.2344180144.00000000053FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	53FE000
Size:	8192

Details

Name:	0000000E.00000002.2327560840.0000000001120000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1120000
Size:	4096

Details

Name:	00000000.00000002.2130972981.000000000106C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	106C000
Size:	8192

Details

Name:	00000008.00000002.2244863181.0000000003267000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3267000
Size:	196608

Details

Name:	00000008.00000002.2244570329.0000000002F10000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2F10000
Size:	12288

Details

Name:	00000000.00000002.2133067683.0000000002DE6000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2DE6000
Size:	1314816

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary
URLs found in memory or binary data	Networking

Details

Name:	00000008.00000002.2244863181.0000000003340000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3340000
Size:	36864

Details

Name:	0000000E.00000002.2337066239.0000000003DE3000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3DE3000
Size:	966656

Details

Name:	00000008.00000002.2258617980.0000000006AF5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6AF5000
Size:	4096

Details

Name:	0000000E.00000002.2328614618.00000000012D0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	12D0000
Size:	65536

Details

Name:	0000000E.00000002.2346374048.0000000005850000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5850000
Size:	36864

Details

Name:	0000000E.00000002.2350241685.0000000006C20000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6C20000
Size:	36864

Details

Name:	0000000E.00000002.2329592554.0000000003059000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3059000
Size:	217088

Details

Name:	0000000E.00000002.2328876722.0000000002ACE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2ACE000
Size:	8192

Details

Name:	00000000.00000002.2132522967.0000000002CED000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CED000
Size:	8192

Details

Name:	0000000E.00000002.2355117404.0000000007B4E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7B4E000
Size:	8192

Details

Name:	00000008.00000002.2260654225.0000000007128000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7128000
Size:	8192

Details

Name:	00000000.00000002.2131460876.0000000001370000.00000040.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	1370000
Size:	65536

Details

Name:	00000008.00000002.2249959676.00000000043DE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	43DE000
Size:	835584

Details

Name:	0000000E.00000002.2337066239.0000000003D02000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3D02000
Size:	839680

Details

Name:	00000008.00000002.2259023254.0000000006B00000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6B00000
Size:	4096

Details

Name:	00000000.00000002.2131418901.000000000136E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	136E000
Size:	8192

Details

Name:	00000008.00000002.2256190586.00000000059E0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	59E0000
Size:	65536

Details

Name:	0000000E.00000002.2354836967.0000000007890000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7890000
Size:	4096

Details

Name:	0000000E.00000002.2327373283.0000000000ED0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	ED0000
Size:	12288

Details

Name:	0000000E.00000002.2329282334.0000000002B71000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2B71000
Size:	61440

Details

Name:	0000000E.00000002.2329592554.00000000031ED000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	31ED000
Size:	200704

Details

Name:	00000006.00000002.2103331452.000000000319F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	319F000
Size:	4096

Details

Name:	00000000.00000002.2131382951.000000000130E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	130E000
Size:	8192

Details

Name:	0000000A.00000002.2215554027.00000000013A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	13A0000
Size:	28672

Details

Name:	0000000A.00000002.2215291656.00000000012F3000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	12F3000
Size:	12288

Details

Name:	00000008.00000002.2249959676.00000000043B5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	43B5000
Size:	8192

Details

Name:	0000000A.00000002.2218778326.00000000041E1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	41E1000
Size:	28672

Details

Name:	00000008.00000002.2243110262.0000000001313000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	1313000
Size:	4096

Details

Name:	0000000E.00000002.2350241685.0000000006C30000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6C30000
Size:	32768

Details

Name:	0000000E.00000002.2352354389.0000000006F4E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6F4E000
Size:	4096

Details

Name:	0000000E.00000002.2329592554.00000000032C7000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	32C7000
Size:	36864

Details

Name:	0000000A.00000002.2215737357.0000000001424000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1424000
Size:	4096

Details

Name:	0000000E.00000002.2329592554.00000000030CA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	30CA000
Size:	217088

Details

Name:	0000000A.00000002.2220978283.00000000055F0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	55F0000
Size:	65536

Details

Name:	0000000E.00000002.2328455657.00000000012C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	12C0000
Size:	4096

Details

Name:	00000008.00000002.2262170954.0000000007A50000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	7A50000
Size:	65536

Details

Name:	00000008.00000002.2249959676.00000000040BE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	40BE000
Size:	4096

Details

Name:	0000000A.00000002.2215396351.0000000001306000.00000040.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	1306000
Size:	8192

Details

Name:	00000000.00000000.2039485781.0000000000938000.00000002.00000001.01000000.00000003.sdmp
TargetID:	0
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	938000
Size:	8192

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary

Details

Name:	00000008.00000002.2256769341.0000000005B0E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5B0E000
Size:	8192

Details

Name:	00000008.00000002.2243746245.000000000144E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	144E000
Size:	40960

Details

Name:	0000000E.00000002.2348933285.000000000672F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	672F000
Size:	4096

Details

Name:	00000008.00000002.2260001060.0000000006E80000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6E80000
Size:	32768

Details

Name:	0000000E.00000002.2347079161.000000000637E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	637E000
Size:	8192

Details

Name:	00000006.00000002.2102922922.0000000002E3A000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2E3A000
Size:	24576

Details

Name:	0000000E.00000002.2355161681.0000000007B60000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	7B60000
Size:	4096

Details

Name:	0000000E.00000002.2344260793.0000000005552000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5552000
Size:	12288

Details

Name:	00000000.00000002.2132522967.0000000002CC0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CC0000
Size:	12288

Details

Name:	0000000A.00000002.2221040553.00000000056D3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	56D3000
Size:	8192

Details

Name:	0000000A.00000002.2227488194.00000000092BC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	92BC000
Size:	16384

Details

Name:	0000000A.00000002.2215343186.00000000012FD000.00000040.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	12FD000
Size:	4096

Details

Name:	0000000C.00000002.2193330837.0000000002C5D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2C5D000
Size:	12288

Details

Name:	00000008.00000002.2257885933.00000000068E2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	68E2000
Size:	69632

Details

Name:	00000000.00000002.2130972981.0000000001011000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1011000
Size:	303104

Details

Name:	0000000A.00000002.2219908520.0000000005524000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5524000
Size:	16384

Details

Name:	0000000A.00000002.2215179531.00000000012E0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	12E0000
Size:	4096

Details

Name:	00000000.00000002.2130617681.0000000000ED0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	ED0000
Size:	8192

Details

Name:	0000000E.00000002.2345422236.0000000005660000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5660000
Size:	65536

Details

Name:	00000000.00000002.2130972981.0000000001062000.00000004.00000020.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1062000
Size:	32768

Details

Name:	00000008.00000002.2244863181.0000000003134000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3134000
Size:	8192

Details

Name:	0000000E.00000002.2327409173.0000000000F00000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	F00000
Size:	16384

Details

Name:	0000000E.00000002.2352277434.0000000006F20000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6F20000
Size:	36864

Details

Name:	0000000E.00000002.2352354389.0000000006F44000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6F44000
Size:	8192

Details

Name:	0000000E.00000002.2329592554.0000000003101000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3101000
Size:	32768

Details

Name:	0000000E.00000002.2328062340.0000000001296000.00000040.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	1296000
Size:	40960

Details

Name:	00000008.00000002.2244863181.0000000003146000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3146000
Size:	528384

Signature Hits	Behavior Group	Mitre Attack
Sample file is different than original file name gathered from version info	System Summary
URLs found in memory or binary data	Networking

Details

Name:	00000008.00000002.2255299862.000000000590E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	590E000
Size:	8192

Details

Name:	00000008.00000002.2243083478.0000000001310000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1310000
Size:	12288

Details

Name:	00000008.00000002.2249959676.000000000424E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	424E000
Size:	8192

Details

Name:	00000000.00000002.2130746586.0000000000EF3000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	EF3000
Size:	28672

Details

Name:	0000000E.00000002.2328904304.0000000002AD0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2AD0000
Size:	8192

Details

Name:	0000000A.00000002.2218778326.0000000004209000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4209000
Size:	184320

Details

Name:	00000008.00000002.2244863181.000000000312E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	312E000
Size:	12288

Details

Name:	00000008.00000002.2242804435.0000000000DFB000.00000004.00000010.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	DFB000
Size:	20480

Details

Name:	00000008.00000002.2255921410.00000000059B0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	59B0000
Size:	65536

Details

Name:	0000000E.00000002.2329592554.0000000002FE4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2FE4000
Size:	217088

Details

Name:	0000000E.00000002.2329592554.0000000003290000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3290000
Size:	217088

Details

Name:	0000000A.00000002.2216823067.0000000002FE5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2FE5000
Size:	45056

Details

Name:	0000000E.00000002.2353317074.0000000006FB0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6FB0000
Size:	65536

Details

Name:	00000008.00000002.2244863181.00000000034AA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	34AA000
Size:	196608

Details

Name:	00000000.00000002.2137791940.0000000008FCE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8FCE000
Size:	8192

Details

Name:	00000008.00000002.2261215960.000000000730E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	730E000
Size:	4096

Details

Name:	0000000A.00000002.2215554027.00000000013A9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	13A9000
Size:	8192

Details

Name:	0000000C.00000002.2193478701.0000000002E9B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2E9B000
Size:	94208

Details

Name:	00000008.00000002.2244863181.000000000346A000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	346A000
Size:	4096

Details

Name:	0000000A.00000002.2227568364.00000000094FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	10
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	94FE000
Size:	8192

Details

Name:	0000000E.00000002.2344207640.000000000543E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	543E000
Size:	8192

Details

Name:	0000000E.00000002.2355143254.0000000007B50000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	7B50000
Size:	4096

Details

Name:	00000000.00000002.2132522967.0000000002CDE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	0
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2CDE000
Size:	4096

Details

Name:	00000008.00000002.2258617980.0000000006AFF000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6AFF000
Size:	4096

Details

Name:	00000008.00000002.2249959676.000000000425B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	8
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	425B000
Size:	4096

Details

Name:	0000000C.00000002.2193427548.0000000002E20000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2E20000
Size:	24576

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
RgIbrhxoEx.exe

Files

Processes

URLs

Domains

IPs

Registry

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC ReportRgIbrhxoEx.exe

Files

Processes

URLs

Domains

IPs

Registry

Memdumps

IOC Report
RgIbrhxoEx.exe