|
2652000
|
trusted library allocation
|
page read and write
|
 |
|
|
| Name: |
00000000.00000002.2923795440.0000000002652000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2652000
|
| Size: |
143360
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected XWorm |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2591000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2923795440.0000000002591000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2591000
|
| Size: |
294912
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected XWorm |
Stealing of Sensitive Information, Remote Access Functionality |
|
| URLs found in memory or binary data |
Networking |
|
|
|
362000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1645308645.0000000000362000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
362000
|
| Size: |
53248
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected XWorm |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
|
|
1C0EC7EB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2014105281.000001C0EC7EB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0EC7EB000
|
| Size: |
4096
|
|
|
1173509000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2067775670.0000001173509000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1173509000
|
| Size: |
28672
|
|
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2043276134.00007FFD9BA30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA30000
|
| Size: |
65536
|
|
|
8C233FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721507231.0000008C233FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C233FF000
|
| Size: |
4096
|
|
|
7FFD9BB90000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2046668303.00007FFD9BB90000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9BB90000
|
| Size: |
4096
|
|
|
F00000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2374480095.0000000000F00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F00000
|
| Size: |
4096
|
|
|
12E606D3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1782050477.0000012E606D3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E606D3000
|
| Size: |
4096
|
|
|
7FFD9B836000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1879294304.00007FFD9B836000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B836000
|
| Size: |
24576
|
|
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1883831426.00007FFD9BAA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAA0000
|
| Size: |
16384
|
|
|
1B2A0DE0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1722325261.000001B2A0DE0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1B2A0DE0000
|
| Size: |
4096
|
|
|
720000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2916679110.0000000000720000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
720000
|
| Size: |
4096
|
|
|
1B2A19F9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A19F9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A19F9000
|
| Size: |
225280
|
|
|
12E7A650000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.1875207405.0000012E7A650000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
12E7A650000
|
| Size: |
20480
|
|
|
102E000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2375448232.000000000102E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
102E000
|
| Size: |
16384
|
|
|
1B2A2576000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A2576000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A2576000
|
| Size: |
929792
|
|
|
47D1D7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1908769678.00000047D1D7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47D1D7E000
|
| Size: |
8192
|
|
|
7FFD9B826000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2039549303.00007FFD9B826000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B826000
|
| Size: |
24576
|
|
|
16543D69000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.0000016543D69000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16543D69000
|
| Size: |
778240
|
|
|
7FFD9B78B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1753190985.00007FFD9B78B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B78B000
|
| Size: |
8192
|
|
|
1B29F1C6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721674052.000001B29F1C6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B29F1C6000
|
| Size: |
4096
|
|
|
1B2A1E86000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A1E86000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A1E86000
|
| Size: |
176128
|
|
|
ADB7BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000D.00000002.2336186287.0000000ADB7BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
ADB7BF000
|
| Size: |
4096
|
|
|
1655AB20000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2297964278.000001655AB20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655AB20000
|
| Size: |
16384
|
|
|
F50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2374545114.0000000000F50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
F50000
|
| Size: |
4096
|
|
|
1C0F4B86000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2037973133.000001C0F4B86000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F4B86000
|
| Size: |
20480
|
|
|
25DB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2923795440.00000000025DB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
25DB000
|
| Size: |
61440
|
|
|
1B458000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2929290109.000000001B458000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B458000
|
| Size: |
12288
|
|
|
8C22EFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721337208.0000008C22EFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C22EFE000
|
| Size: |
8192
|
|
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2041217774.00007FFD9B990000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B990000
|
| Size: |
65536
|
|
|
1052000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2375931988.0000000001052000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1052000
|
| Size: |
65536
|
|
|
7FFD9B912000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2311872515.00007FFD9B912000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B912000
|
| Size: |
57344
|
|
|
7FFD9B79B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2935264973.00007FFD9B79B000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B79B000
|
| Size: |
4096
|
|
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1754121712.00007FFD9B980000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B980000
|
| Size: |
65536
|
|
|
165408A9000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2068163642.00000165408A9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
165408A9000
|
| Size: |
409600
|
|
|
8C2337C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721489406.0000008C2337C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C2337C000
|
| Size: |
16384
|
|
|
1CEC3630000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000D.00000002.2336223291.000001CEC3630000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CEC3630000
|
| Size: |
8192
|
|
|
8C232FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721463134.0000008C232FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C232FE000
|
| Size: |
8192
|
|
|
7FFD9BBE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1756567473.00007FFD9BBE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BBE0000
|
| Size: |
8192
|
|
|
12E7A955000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1878595439.0000012E7A955000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A955000
|
| Size: |
8192
|
|
|
1B2A1F9D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A1F9D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A1F9D000
|
| Size: |
196608
|
|
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000012.00000002.2592291635.00007FFD9B78D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B78D000
|
| Size: |
4096
|
|
|
11726B6000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2066626704.00000011726B6000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
11726B6000
|
| Size: |
40960
|
|
|
1C0DD255000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DD255000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DD255000
|
| Size: |
32768
|
|
|
7FFD9B781000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2591739927.00007FFD9B781000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B781000
|
| Size: |
4096
|
|
|
12E63DF6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783319483.0000012E63DF6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E63DF6000
|
| Size: |
49152
|
|
|
1222000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2580706282.0000000001222000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1222000
|
| Size: |
8192
|
|
|
1C0DD483000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DD483000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DD483000
|
| Size: |
389120
|
|
|
47D1EF8000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1908940058.00000047D1EF8000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47D1EF8000
|
| Size: |
32768
|
|
|
1C0DD453000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DD453000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DD453000
|
| Size: |
184320
|
|
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2317092638.00007FFD9BA60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA60000
|
| Size: |
65536
|
|
|
7FFD9BB6A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2319570747.00007FFD9BB6A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BB6A000
|
| Size: |
4096
|
|
|
1655AC15000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2308439319.000001655AC15000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655AC15000
|
| Size: |
57344
|
|
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2043767887.00007FFD9BA50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA50000
|
| Size: |
65536
|
|
|
12E71FD1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1854477434.0000012E71FD1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E71FD1000
|
| Size: |
77824
|
|
|
12E63002000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783319483.0000012E63002000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E63002000
|
| Size: |
401408
|
|
|
1C0DD603000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DD603000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DD603000
|
| Size: |
237568
|
|
|
1C0DE2BB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DE2BB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DE2BB000
|
| Size: |
143360
|
|
|
1655AC27000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2309013233.000001655AC27000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655AC27000
|
| Size: |
16384
|
|
|
7FFD9BBE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1891992990.00007FFD9BBE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BBE0000
|
| Size: |
65536
|
|
|
7FFD9BA80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2317722317.00007FFD9BA80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA80000
|
| Size: |
61440
|
|
|
47D1CF9000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1908698882.00000047D1CF9000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47D1CF9000
|
| Size: |
28672
|
|
|
7DF4F7CA0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2038914766.00007DF4F7CA0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7DF4F7CA0000
|
| Size: |
4096
|
|
|
47D2ECE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1909764002.00000047D2ECE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47D2ECE000
|
| Size: |
8192
|
|
|
1C0DC360000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1913319388.000001C0DC360000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0DC360000
|
| Size: |
4096
|
|
|
7FFD9BAF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2045708965.00007FFD9BAF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAF0000
|
| Size: |
65536
|
|
|
7FFD9BA80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2044723628.00007FFD9BA80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA80000
|
| Size: |
49152
|
|
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1882346688.00007FFD9BA20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA20000
|
| Size: |
65536
|
|
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1754196202.00007FFD9B990000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B990000
|
| Size: |
65536
|
|
|
1BFFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2591231768.000000001BFFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BFFE000
|
| Size: |
8192
|
|
|
7FFD9B922000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1879917442.00007FFD9B922000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B922000
|
| Size: |
57344
|
|
|
11A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2580279623.00000000011A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11A0000
|
| Size: |
4096
|
|
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2313900815.00007FFD9B9A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B9A0000
|
| Size: |
65536
|
|
|
1C0DC1F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1912766153.000001C0DC1F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DC1F0000
|
| Size: |
4096
|
|
|
7FFD9B856000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2039865549.00007FFD9B856000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B856000
|
| Size: |
86016
|
|
|
740000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2916734290.0000000000740000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
740000
|
| Size: |
4096
|
|
|
16552501000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2256933254.0000016552501000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16552501000
|
| Size: |
249856
|
|
|
12E7A5BA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1874886508.0000012E7A5BA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A5BA000
|
| Size: |
139264
|
|
|
1A5C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2928739316.000000001A5C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1A5C0000
|
| Size: |
4096
|
|
|
1C0DC555000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DC555000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DC555000
|
| Size: |
1757184
|
|
|
1C0F4820000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2031373620.000001C0F4820000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F4820000
|
| Size: |
45056
|
|
|
7E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2916937655.00000000007E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7E0000
|
| Size: |
4096
|
|
|
13851000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2590093966.0000000013851000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
13851000
|
| Size: |
4096
|
|
|
7FFD9B92A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2312113430.00007FFD9B92A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B92A000
|
| Size: |
24576
|
|
|
7FFD9B92A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1753703588.00007FFD9B92A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B92A000
|
| Size: |
24576
|
|
|
1655ABEC000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2299331952.000001655ABEC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655ABEC000
|
| Size: |
12288
|
|
|
7DF4F7C90000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2038885777.00007DF4F7C90000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7DF4F7C90000
|
| Size: |
4096
|
|
|
117273B000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2066827162.000000117273B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
117273B000
|
| Size: |
20480
|
|
|
7FFD9B783000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.1878884542.00007FFD9B783000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B783000
|
| Size: |
4096
|
|
|
ADB73F000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000D.00000002.2336169966.0000000ADB73F000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
ADB73F000
|
| Size: |
4096
|
|
|
12E7A859000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1876687071.0000012E7A859000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A859000
|
| Size: |
98304
|
|
|
7FFD9BBB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1756372808.00007FFD9BBB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BBB0000
|
| Size: |
36864
|
|
|
7FFD9BAC9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2045113531.00007FFD9BAC9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAC9000
|
| Size: |
28672
|
|
|
7FFD9BADC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1755807365.00007FFD9BADC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BADC000
|
| Size: |
8192
|
|
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2591801872.00007FFD9B784000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B784000
|
| Size: |
8192
|
|
|
7FFD9B826000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2935420558.00007FFD9B826000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B826000
|
| Size: |
4096
|
|
|
7DF4CF550000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2309620584.00007DF4CF550000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7DF4CF550000
|
| Size: |
4096
|
|
|
8C23178000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721418558.0000008C23178000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C23178000
|
| Size: |
32768
|
|
|
12E6317B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783319483.0000012E6317B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E6317B000
|
| Size: |
200704
|
|
|
12E7AA30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1878742174.0000012E7AA30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7AA30000
|
| Size: |
4096
|
|
|
12E7A690000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1875354317.0000012E7A690000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A690000
|
| Size: |
28672
|
|
|
1C0EC7ED000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2014105281.000001C0EC7ED000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0EC7ED000
|
| Size: |
1011712
|
|
|
1655AB49000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2297964278.000001655AB49000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655AB49000
|
| Size: |
135168
|
|
|
8C2404C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721599671.0000008C2404C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C2404C000
|
| Size: |
4096
|
|
|
12EA8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2378834218.0000000012EA8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12EA8000
|
| Size: |
4096
|
|
|
7FFD9B7CC000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000012.00000002.2592397794.00007FFD9B7CC000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B7CC000
|
| Size: |
4096
|
|
|
7FFD9BBA0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1756355577.00007FFD9BBA0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9BBA0000
|
| Size: |
4096
|
|
|
1B2A2BD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A2BD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A2BD0000
|
| Size: |
143360
|
|
|
12E621F8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783319483.0000012E621F8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E621F8000
|
| Size: |
2768896
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
8B6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2917443037.00000000008B6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8B6000
|
| Size: |
20480
|
|
|
1B2B91CF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1750617006.000001B2B91CF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2B91CF000
|
| Size: |
45056
|
|
|
117293F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2067447036.000000117293F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
117293F000
|
| Size: |
4096
|
|
|
2627000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2923795440.0000000002627000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2627000
|
| Size: |
4096
|
|
|
7FFD9B773000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2309764959.00007FFD9B773000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B773000
|
| Size: |
4096
|
|
|
7FFD9BB70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1887921448.00007FFD9BB70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BB70000
|
| Size: |
4096
|
|
|
47D18B2000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1908405130.00000047D18B2000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47D18B2000
|
| Size: |
57344
|
|
|
165436A8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.00000165436A8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
165436A8000
|
| Size: |
229376
|
|
|
1655AB25000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2297964278.000001655AB25000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655AB25000
|
| Size: |
20480
|
|
|
8C22CFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721281192.0000008C22CFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C22CFE000
|
| Size: |
8192
|
|
|
7FFD9B773000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2038971608.00007FFD9B773000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B773000
|
| Size: |
4096
|
|
|
8C230FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721393794.0000008C230FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C230FE000
|
| Size: |
8192
|
|
|
1654299D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.000001654299D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1654299D000
|
| Size: |
5779456
|
|
|
1CEC39E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000D.00000002.2336318651.000001CEC39E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CEC39E0000
|
| Size: |
16384
|
|
|
1C0DC240000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1912812726.000001C0DC240000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DC240000
|
| Size: |
16384
|
|
|
2140000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000012.00000002.2587149282.0000000002140000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
2140000
|
| Size: |
4096
|
|
|
802000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2916790413.0000000000802000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
802000
|
| Size: |
12288
|
|
|
165430CF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.00000165430CF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
165430CF000
|
| Size: |
28672
|
|
|
1B2A0C05000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722084836.000001B2A0C05000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2A0C05000
|
| Size: |
24576
|
|
|
7FF4D6870000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2379677076.00007FF4D6870000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF4D6870000
|
| Size: |
4096
|
|
|
1655A9A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2295864647.000001655A9A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655A9A0000
|
| Size: |
16384
|
|
|
12E606D8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1782050477.0000012E606D8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E606D8000
|
| Size: |
352256
|
|
|
12E60675000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1782050477.0000012E60675000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E60675000
|
| Size: |
90112
|
|
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2315927071.00007FFD9BA20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA20000
|
| Size: |
65536
|
|
|
820000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2917059412.0000000000820000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
820000
|
| Size: |
4096
|
|
|
11F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2501447545.00000000011F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
11F0000
|
| Size: |
4096
|
|
|
1B29F17F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721674052.000001B29F17F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B29F17F000
|
| Size: |
4096
|
|
|
1B2A21B7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A21B7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A21B7000
|
| Size: |
3923968
|
|
|
1B2A0CAC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722209456.000001B2A0CAC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2A0CAC000
|
| Size: |
798720
|
|
|
1B06E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2929130701.000000001B06E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B06E000
|
| Size: |
8192
|
|
|
7FFD9B820000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2935381638.00007FFD9B820000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B820000
|
| Size: |
4096
|
|
|
7FFD9BBA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2046705141.00007FFD9BBA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BBA0000
|
| Size: |
36864
|
|
|
1C0F4DA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2038851547.000001C0F4DA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F4DA0000
|
| Size: |
4096
|
|
|
11722FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2065804564.00000011722FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
11722FF000
|
| Size: |
4096
|
|
|
23A1C8C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1781444768.00000023A1C8C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23A1C8C000
|
| Size: |
16384
|
|
|
1C0DC378000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1913347928.000001C0DC378000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0DC378000
|
| Size: |
798720
|
|
|
12E7A9C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1878718067.0000012E7A9C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E7A9C0000
|
| Size: |
4096
|
|
|
8C23079000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721379348.0000008C23079000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C23079000
|
| Size: |
28672
|
|
|
1B2A0B70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722016918.000001B2A0B70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A0B70000
|
| Size: |
4096
|
|
|
23A0EBB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1781089166.00000023A0EBB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23A0EBB000
|
| Size: |
20480
|
|
|
7FFD9BBDD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1891716178.00007FFD9BBDD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BBDD000
|
| Size: |
12288
|
|
|
7FFD9BAEC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1884202067.00007FFD9BAEC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAEC000
|
| Size: |
8192
|
|
|
7FFD9B890000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2380280542.00007FFD9B890000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B890000
|
| Size: |
12288
|
|
|
7FFD9B856000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2935515570.00007FFD9B856000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B856000
|
| Size: |
4096
|
|
|
11CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2501409228.00000000011CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
11CF000
|
| Size: |
4096
|
|
|
12E7A4E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1873106188.0000012E7A4E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A4E0000
|
| Size: |
159744
|
|
|
1BCFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2379590364.000000001BCFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BCFF000
|
| Size: |
4096
|
|
|
1B2A1E21000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A1E21000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A1E21000
|
| Size: |
401408
|
|
|
1B2A0C00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722084836.000001B2A0C00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2A0C00000
|
| Size: |
12288
|
|
|
12DE8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2502160881.0000000012DE8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12DE8000
|
| Size: |
4096
|
|
|
12E7A946000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1878537874.0000012E7A946000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A946000
|
| Size: |
20480
|
|
|
1B29F140000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721674052.000001B29F140000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B29F140000
|
| Size: |
28672
|
|
|
7FFD9B830000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2935482751.00007FFD9B830000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B830000
|
| Size: |
4096
|
|
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2318017116.00007FFD9BA90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA90000
|
| Size: |
16384
|
|
|
F90000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2374634535.0000000000F90000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
F90000
|
| Size: |
4096
|
|
|
1B2A0B30000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721966755.000001B2A0B30000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
1B2A0B30000
|
| Size: |
4096
|
|
|
12E7A929000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1878438294.0000012E7A929000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A929000
|
| Size: |
4096
|
|
|
47D227C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1909358869.00000047D227C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47D227C000
|
| Size: |
16384
|
|
|
12E7A878000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1876687071.0000012E7A878000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A878000
|
| Size: |
176128
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7FFD9B820000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2380140832.00007FFD9B820000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B820000
|
| Size: |
4096
|
|
|
800000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2916986039.0000000000800000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
800000
|
| Size: |
12288
|
|
|
12E7A69B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1875354317.0000012E7A69B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A69B000
|
| Size: |
24576
|
|
|
165422C5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2072435032.00000165422C5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
165422C5000
|
| Size: |
24576
|
|
|
1200000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2580364736.0000000001200000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1200000
|
| Size: |
73728
|
|
|
23A1D8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1781641209.00000023A1D8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23A1D8E000
|
| Size: |
8192
|
|
|
47D2D4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1909535345.00000047D2D4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47D2D4E000
|
| Size: |
8192
|
|
|
1655291A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2256933254.000001655291A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1655291A000
|
| Size: |
454656
|
|
|
7FFD9BBC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1756420539.00007FFD9BBC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BBC0000
|
| Size: |
65536
|
|
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1879255455.00007FFD9B830000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B830000
|
| Size: |
8192
|
|
|
11727B8000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2066940236.00000011727B8000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
11727B8000
|
| Size: |
32768
|
|
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1753624780.00007FFD9B910000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B910000
|
| Size: |
65536
|
|
|
210D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2587040380.000000000210D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
210D000
|
| Size: |
12288
|
|
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1755530332.00007FFD9BA70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA70000
|
| Size: |
24576
|
|
|
7FFD9B826000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2310798165.00007FFD9B826000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B826000
|
| Size: |
24576
|
|
|
1C0F4BB9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2038190215.000001C0F4BB9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F4BB9000
|
| Size: |
12288
|
|
|
7FFD9BADA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2045285856.00007FFD9BADA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BADA000
|
| Size: |
4096
|
|
|
12E605C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1781808545.0000012E605C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E605C0000
|
| Size: |
8192
|
|
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1882729643.00007FFD9BA40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA40000
|
| Size: |
65536
|
|
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1881333677.00007FFD9B9B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B9B0000
|
| Size: |
65536
|
|
|
7FFD9B787000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2591801872.00007FFD9B787000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B787000
|
| Size: |
8192
|
|
|
224F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2587301937.000000000224F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
224F000
|
| Size: |
4096
|
|
|
1B2A1B67000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A1B67000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A1B67000
|
| Size: |
32768
|
|
|
7FFD9BBF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1756587499.00007FFD9BBF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BBF0000
|
| Size: |
65536
|
|
|
385F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2587398021.000000000385F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
385F000
|
| Size: |
4096
|
|
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2935197499.00007FFD9B790000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B790000
|
| Size: |
4096
|
|
|
1C0F4863000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2031373620.000001C0F4863000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F4863000
|
| Size: |
102400
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
8C229CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721248428.0000008C229CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C229CE000
|
| Size: |
8192
|
|
|
1655AAF5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2297252623.000001655AAF5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655AAF5000
|
| Size: |
16384
|
|
|
165422D7000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2072633577.00000165422D7000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
165422D7000
|
| Size: |
12288
|
|
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2044897521.00007FFD9BA90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA90000
|
| Size: |
16384
|
|
|
7FFD9BAF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2319247960.00007FFD9BAF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAF0000
|
| Size: |
16384
|
|
|
7FFD9BC00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1892482202.00007FFD9BC00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BC00000
|
| Size: |
65536
|
|
|
7FFD9B930000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2936089702.00007FFD9B930000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B930000
|
| Size: |
4096
|
|
|
7FFD9BBC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2047205403.00007FFD9BBC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BBC0000
|
| Size: |
4096
|
|
|
1502000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2377809419.0000000001502000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1502000
|
| Size: |
4096
|
|
|
1C0DE305000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DE305000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DE305000
|
| Size: |
49152
|
|
|
7FFD9B962000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1880425858.00007FFD9B962000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B962000
|
| Size: |
4096
|
|
|
1C0DC9AD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DC9AD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DC9AD000
|
| Size: |
5779456
|
|
|
7FFD9B9A2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2041426359.00007FFD9B9A2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B9A2000
|
| Size: |
8192
|
|
|
7DF4CF560000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2309662291.00007DF4CF560000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7DF4CF560000
|
| Size: |
4096
|
|
|
7FFD9BA55000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2316802824.00007FFD9BA55000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA55000
|
| Size: |
45056
|
|
|
12E7A8F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1878237947.0000012E7A8F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A8F0000
|
| Size: |
4096
|
|
|
7FFD9BBA0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2320085480.00007FFD9BBA0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9BBA0000
|
| Size: |
4096
|
|
|
7FFD9B921000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2040379870.00007FFD9B921000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B921000
|
| Size: |
32768
|
|
|
7FFD9B794000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2503002448.00007FFD9B794000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B794000
|
| Size: |
24576
|
|
|
7FFD9BAA3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2318205600.00007FFD9BAA3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAA3000
|
| Size: |
28672
|
|
|
12E7A592000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1874706712.0000012E7A592000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A592000
|
| Size: |
12288
|
|
|
7FFD9BAE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1884202067.00007FFD9BAE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAE0000
|
| Size: |
4096
|
|
|
7FFD9B940000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1753825669.00007FFD9B940000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B940000
|
| Size: |
4096
|
|
|
165430D7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.00000165430D7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
165430D7000
|
| Size: |
176128
|
|
|
7FFD9BADC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2045285856.00007FFD9BADC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BADC000
|
| Size: |
8192
|
|
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2379803958.00007FFD9B77D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B77D000
|
| Size: |
4096
|
|
|
1B29F189000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721674052.000001B29F189000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B29F189000
|
| Size: |
12288
|
|
|
1655A8B5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2293488165.000001655A8B5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655A8B5000
|
| Size: |
319488
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7FFD9BAC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2045113531.00007FFD9BAC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAC0000
|
| Size: |
4096
|
|
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1878913463.00007FFD9B784000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B784000
|
| Size: |
36864
|
|
|
1C0F482C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2031373620.000001C0F482C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F482C000
|
| Size: |
20480
|
|
|
1C0DA96D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1910325167.000001C0DA96D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0DA96D000
|
| Size: |
16384
|
|
|
7FFD9B7CC000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2380108970.00007FFD9B7CC000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B7CC000
|
| Size: |
4096
|
|
|
2620000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2923795440.0000000002620000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2620000
|
| Size: |
4096
|
|
|
165423B1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2073374986.00000165423B1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
165423B1000
|
| Size: |
798720
|
|
|
1180000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2580202633.0000000001180000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1180000
|
| Size: |
4096
|
|
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1755021854.00007FFD9BA40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA40000
|
| Size: |
65536
|
|
|
23A0A7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1780600827.00000023A0A7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23A0A7E000
|
| Size: |
8192
|
|
|
7FFD9B782000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1878830924.00007FFD9B782000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B782000
|
| Size: |
4096
|
|
|
7FFD9B9F2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2042319270.00007FFD9B9F2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B9F2000
|
| Size: |
4096
|
|
|
1C0DD0DC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DD0DC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DD0DC000
|
| Size: |
36864
|
|
|
2629000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2923795440.0000000002629000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2629000
|
| Size: |
61440
|
|
|
1C0DE300000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DE300000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DE300000
|
| Size: |
16384
|
|
|
47D2E4D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1909721489.00000047D2E4D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47D2E4D000
|
| Size: |
12288
|
|
|
1C0EC7DA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2014105281.000001C0EC7DA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0EC7DA000
|
| Size: |
8192
|
|
|
E11000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2498126585.0000000000E11000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E11000
|
| Size: |
4096
|
|
|
1B29F18F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721674052.000001B29F18F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B29F18F000
|
| Size: |
4096
|
|
|
890000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2917157742.0000000000890000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
890000
|
| Size: |
4096
|
|
|
7FFD9B7CC000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1753287716.00007FFD9B7CC000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B7CC000
|
| Size: |
4096
|
|
|
1655ABC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2299331952.000001655ABC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655ABC1000
|
| Size: |
4096
|
|
|
165407E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2068045121.00000165407E0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
165407E0000
|
| Size: |
4096
|
|
|
47D20FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1909259491.00000047D20FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47D20FE000
|
| Size: |
8192
|
|
|
1B2A2C1A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A2C1A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A2C1A000
|
| Size: |
49152
|
|
|
1B2A1D93000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A1D93000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A1D93000
|
| Size: |
393216
|
|
|
1C0DA8E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1910146015.000001C0DA8E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0DA8E0000
|
| Size: |
12288
|
|
|
7DF4C4450000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.1878795246.00007DF4C4450000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7DF4C4450000
|
| Size: |
4096
|
|
|
16542240000
|
heap
|
page readonly
|
|
|
|
| Name: |
0000000B.00000002.2072302951.0000016542240000.00000002.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page readonly
|
| Base address: |
16542240000
|
| Size: |
4096
|
|
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000010.00000002.2502900167.00007FFD9B78D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B78D000
|
| Size: |
4096
|
|
|
1B2A1EB2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A1EB2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A1EB2000
|
| Size: |
401408
|
|
|
12E63067000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783319483.0000012E63067000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E63067000
|
| Size: |
176128
|
|
|
1C0EC501000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2014105281.000001C0EC501000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0EC501000
|
| Size: |
8192
|
|
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1881921604.00007FFD9B9F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B9F0000
|
| Size: |
65536
|
|
|
1247000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2581242749.0000000001247000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1247000
|
| Size: |
36864
|
|
|
1B5A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2502399440.000000001B5A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B5A0000
|
| Size: |
4096
|
|
|
E40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2499462881.0000000000E40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E40000
|
| Size: |
12288
|
|
|
7FFD9B773000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2934708412.00007FFD9B773000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B773000
|
| Size: |
4096
|
|
|
12DE1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2502160881.0000000012DE1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12DE1000
|
| Size: |
4096
|
|
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2314278583.00007FFD9B9B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B9B0000
|
| Size: |
65536
|
|
|
3861000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2587398021.0000000003861000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3861000
|
| Size: |
16384
|
|
|
7FFD9BBF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2321000551.00007FFD9BBF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BBF0000
|
| Size: |
65536
|
|
|
12E6072F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1782050477.0000012E6072F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E6072F000
|
| Size: |
131072
|
|
|
1C0EC987000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2014105281.000001C0EC987000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0EC987000
|
| Size: |
81920
|
|
|
15E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2585058284.00000000015E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15E0000
|
| Size: |
4096
|
|
|
1B2A0C40000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1722144831.000001B2A0C40000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1B2A0C40000
|
| Size: |
20480
|
|
|
12E7A7A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1875648478.0000012E7A7A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A7A0000
|
| Size: |
139264
|
|
|
8C22E79000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721322699.0000008C22E79000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C22E79000
|
| Size: |
28672
|
|
|
7FFD9B82C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2310942407.00007FFD9B82C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B82C000
|
| Size: |
61440
|
|
|
1C0DA870000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1909813605.000001C0DA870000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0DA870000
|
| Size: |
16384
|
|
|
FD0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2374698988.0000000000FD0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
FD0000
|
| Size: |
4096
|
|
|
25F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2923795440.00000000025F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
25F0000
|
| Size: |
4096
|
|
|
AB3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2923066316.0000000000AB3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
AB3000
|
| Size: |
53248
|
|
|
7FFD9B78B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2039254736.00007FFD9B78B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B78B000
|
| Size: |
4096
|
|
|
1B29F135000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721647470.000001B29F135000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B29F135000
|
| Size: |
40960
|
|
|
7FFD9B93A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1880075516.00007FFD9B93A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B93A000
|
| Size: |
24576
|
|
|
16543891000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.0000016543891000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16543891000
|
| Size: |
3977216
|
|
|
12E7A58D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1874257049.0000012E7A58D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A58D000
|
| Size: |
16384
|
|
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2044471355.00007FFD9BA70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA70000
|
| Size: |
65536
|
|
|
165527CA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2256933254.00000165527CA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
165527CA000
|
| Size: |
4096
|
|
|
12E62FD6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783319483.0000012E62FD6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E62FD6000
|
| Size: |
176128
|
|
|
1AF60000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2929051145.000000001AF60000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1AF60000
|
| Size: |
4096
|
|
|
1C0DC4B0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1917407750.000001C0DC4B0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1C0DC4B0000
|
| Size: |
4096
|
|
|
B64000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2497496125.0000000000B64000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B64000
|
| Size: |
49152
|
|
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000010.00000002.2503440546.00007FFD9B8A0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B8A0000
|
| Size: |
12288
|
|
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2041899664.00007FFD9B9E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B9E0000
|
| Size: |
65536
|
|
|
7FFD9B940000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2936131280.00007FFD9B940000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B940000
|
| Size: |
4096
|
|
|
12E7A8AD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1878096206.0000012E7A8AD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A8AD000
|
| Size: |
4096
|
|
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1755669447.00007FFD9BAA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAA0000
|
| Size: |
4096
|
|
|
15D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2584857600.00000000015D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
15D0000
|
| Size: |
4096
|
|
|
12E60600000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1781831074.0000012E60600000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E60600000
|
| Size: |
4096
|
|
|
1655ABE2000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2299331952.000001655ABE2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655ABE2000
|
| Size: |
28672
|
|
|
12E7A596000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1874790919.0000012E7A596000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A596000
|
| Size: |
36864
|
|
|
B03000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2923362378.0000000000B03000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B03000
|
| Size: |
12288
|
|
|
1B8FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2502527570.000000001B8FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B8FE000
|
| Size: |
8192
|
|
|
7FFD9BBCD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2320348234.00007FFD9BBCD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BBCD000
|
| Size: |
12288
|
|
|
1C0EC4F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2014105281.000001C0EC4F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0EC4F0000
|
| Size: |
16384
|
|
|
12FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2377612850.00000000012FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
12FF000
|
| Size: |
4096
|
|
|
1B2B0E64000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1746315456.000001B2B0E64000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2B0E64000
|
| Size: |
2576384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
12E7A8D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1878237947.0000012E7A8D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A8D1000
|
| Size: |
28672
|
|
|
117257E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2066251357.000000117257E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
117257E000
|
| Size: |
8192
|
|
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000012.00000002.2591486561.00007FFD9B77D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B77D000
|
| Size: |
4096
|
|
|
12E63DF1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783319483.0000012E63DF1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E63DF1000
|
| Size: |
16384
|
|
|
1B75E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2379245311.000000001B75E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B75E000
|
| Size: |
8192
|
|
|
16540828000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2068163642.0000016540828000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16540828000
|
| Size: |
36864
|
|
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.1879225765.00007FFD9B7DC000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B7DC000
|
| Size: |
4096
|
|
|
12E60650000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1781882242.0000012E60650000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E60650000
|
| Size: |
118784
|
|
|
1C0F4B1F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2036401401.000001C0F4B1F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F4B1F000
|
| Size: |
335872
|
|
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1879194555.00007FFD9B7A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B7A0000
|
| Size: |
4096
|
|
|
7FFD9B820000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2310743260.00007FFD9B820000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B820000
|
| Size: |
8192
|
|
|
1C0DA957000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1910325167.000001C0DA957000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0DA957000
|
| Size: |
4096
|
|
|
1276000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2581810309.0000000001276000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1276000
|
| Size: |
139264
|
|
|
16540A65000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2071928779.0000016540A65000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16540A65000
|
| Size: |
40960
|
|
|
E00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2498126585.0000000000E00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E00000
|
| Size: |
65536
|
|
|
122D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2581242749.000000000122D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
122D000
|
| Size: |
16384
|
|
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000010.00000002.2503143720.00007FFD9B79D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B79D000
|
| Size: |
4096
|
|
|
1CEC36A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000D.00000002.2336255099.000001CEC36A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CEC36A0000
|
| Size: |
28672
|
|
|
8C2404E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721599671.0000008C2404E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C2404E000
|
| Size: |
8192
|
|
|
7FFD9BAE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1755894340.00007FFD9BAE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAE0000
|
| Size: |
65536
|
|
|
7FFD9B890000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2311627710.00007FFD9B890000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B890000
|
| Size: |
16384
|
|
|
1C0DD1EE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DD1EE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DD1EE000
|
| Size: |
417792
|
|
|
1241000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2581242749.0000000001241000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1241000
|
| Size: |
4096
|
|
|
7FFD9B968000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1880425858.00007FFD9B968000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B968000
|
| Size: |
4096
|
|
|
47D2CCC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1909492505.00000047D2CCC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47D2CCC000
|
| Size: |
16384
|
|
|
1B2A2743000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A2743000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A2743000
|
| Size: |
4763648
|
|
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1882069222.00007FFD9BA00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA00000
|
| Size: |
65536
|
|
|
1C0F4C90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2038820431.000001C0F4C90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0F4C90000
|
| Size: |
4096
|
|
|
1089000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2376175829.0000000001089000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1089000
|
| Size: |
155648
|
|
|
1B2B10EA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1746315456.000001B2B10EA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2B10EA000
|
| Size: |
8192
|
|
|
8C23ECD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721550862.0000008C23ECD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C23ECD000
|
| Size: |
12288
|
|
|
1B45D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2929290109.000000001B45D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B45D000
|
| Size: |
8192
|
|
|
1655AB6B000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2299331952.000001655AB6B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655AB6B000
|
| Size: |
348160
|
|
|
23A074F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1780558972.00000023A074F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23A074F000
|
| Size: |
4096
|
|
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1881777605.00007FFD9B9E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B9E0000
|
| Size: |
65536
|
|
|
10C9000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2376881988.00000000010C9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10C9000
|
| Size: |
4096
|
|
|
2CB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2501645346.0000000002CB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CB0000
|
| Size: |
4096
|
|
|
1B2A19DB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A19DB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A19DB000
|
| Size: |
53248
|
|
|
1C0F4AF8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2036401401.000001C0F4AF8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F4AF8000
|
| Size: |
16384
|
|
|
1B2A1842000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A1842000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A1842000
|
| Size: |
1671168
|
|
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2315286300.00007FFD9B9E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B9E0000
|
| Size: |
65536
|
|
|
1654324D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.000001654324D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1654324D000
|
| Size: |
2637824
|
|
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1754799203.00007FFD9BA10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA10000
|
| Size: |
65536
|
|
|
1402000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2377706116.0000000001402000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1402000
|
| Size: |
16384
|
|
|
2110000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2587112432.0000000002110000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2110000
|
| Size: |
4096
|
|
|
1B3C3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2929290109.000000001B3C3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B3C3000
|
| Size: |
286720
|
|
|
7FFD9BB7E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2046502764.00007FFD9BB7E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BB7E000
|
| Size: |
8192
|
|
|
1655ADF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2309569385.000001655ADF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655ADF0000
|
| Size: |
4096
|
|
|
924000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2917443037.0000000000924000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
924000
|
| Size: |
307200
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| AV process strings found (often used to terminate AV products) |
Lowering of HIPS / PFW / Operating System Security Settings |
Security Software Discovery
|
|
|
1BE7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2934148275.000000001BE7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BE7E000
|
| Size: |
8192
|
|
|
23A103E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1781208605.00000023A103E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23A103E000
|
| Size: |
8192
|
|
|
12E62D4C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783319483.0000012E62D4C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E62D4C000
|
| Size: |
2650112
|
|
|
12E7A04D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1871447070.0000012E7A04D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A04D000
|
| Size: |
798720
|
|
|
7FFD9BBC6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2320348234.00007FFD9BBC6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BBC6000
|
| Size: |
16384
|
|
|
1B2B10FB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1746315456.000001B2B10FB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2B10FB000
|
| Size: |
1769472
|
|
|
2DEF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2501792611.0000000002DEF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DEF000
|
| Size: |
4096
|
|
|
47D21FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1909323815.00000047D21FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47D21FE000
|
| Size: |
8192
|
|
|
12E7A8BD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1878096206.0000012E7A8BD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A8BD000
|
| Size: |
12288
|
|
|
7FFD9B912000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2040303002.00007FFD9B912000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B912000
|
| Size: |
16384
|
|
|
12E7A770000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.1875620952.0000012E7A770000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
12E7A770000
|
| Size: |
4096
|
|
|
1C0F4909000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2033551704.000001C0F4909000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F4909000
|
| Size: |
90112
|
|
|
7FFD9B890000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2935550153.00007FFD9B890000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B890000
|
| Size: |
53248
|
|
|
12E61FC5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783230408.0000012E61FC5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E61FC5000
|
| Size: |
24576
|
|
|
1C0F4BC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2038245788.000001C0F4BC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F4BC0000
|
| Size: |
32768
|
|
|
1C0F4BCD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2038495669.000001C0F4BCD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F4BCD000
|
| Size: |
12288
|
|
|
23A0FBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1781189211.00000023A0FBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23A0FBF000
|
| Size: |
4096
|
|
|
7FFD9B890000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1753559093.00007FFD9B890000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B890000
|
| Size: |
53248
|
|
|
370000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1645325570.0000000000370000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
370000
|
| Size: |
20480
|
|
|
1B9FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2502658076.000000001B9FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B9FE000
|
| Size: |
8192
|
|
|
7DF4C4440000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.1878770293.00007DF4C4440000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7DF4C4440000
|
| Size: |
4096
|
|
|
1655A904000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2293488165.000001655A904000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655A904000
|
| Size: |
45056
|
|
|
7FFD9B79B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1879062740.00007FFD9B79B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B79B000
|
| Size: |
4096
|
|
|
47D193D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1908542557.00000047D193D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47D193D000
|
| Size: |
12288
|
|
|
2CC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2501682099.0000000002CC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2CC0000
|
| Size: |
4096
|
|
|
1CEC3650000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000D.00000002.2336239877.000001CEC3650000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CEC3650000
|
| Size: |
4096
|
|
|
1C0DA993000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1910325167.000001C0DA993000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0DA993000
|
| Size: |
4096
|
|
|
165527C2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2256933254.00000165527C2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
165527C2000
|
| Size: |
12288
|
|
|
1C0DC200000
|
heap
|
page readonly
|
|
|
|
| Name: |
00000007.00000002.1912789437.000001C0DC200000.00000002.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page readonly
|
| Base address: |
1C0DC200000
|
| Size: |
4096
|
|
|
8C231F9000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721434154.0000008C231F9000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C231F9000
|
| Size: |
28672
|
|
|
7FFD9BAD5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2045285856.00007FFD9BAD5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAD5000
|
| Size: |
4096
|
|
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1883176171.00007FFD9BA60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA60000
|
| Size: |
65536
|
|
|
12E72001000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1854477434.0000012E72001000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E72001000
|
| Size: |
253952
|
|
|
7DF482020000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1753042004.00007DF482020000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7DF482020000
|
| Size: |
4096
|
|
|
1B2A1DF6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A1DF6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A1DF6000
|
| Size: |
172032
|
|
|
1C0DA953000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1910325167.000001C0DA953000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0DA953000
|
| Size: |
4096
|
|
|
47D1C7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1908662076.00000047D1C7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47D1C7E000
|
| Size: |
8192
|
|
|
25EE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2923795440.00000000025EE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
25EE000
|
| Size: |
4096
|
|
|
E2D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2499462881.0000000000E2D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E2D000
|
| Size: |
16384
|
|
|
BE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2498039079.0000000000BE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BE0000
|
| Size: |
4096
|
|
|
12E7A84E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1876687071.0000012E7A84E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A84E000
|
| Size: |
4096
|
|
|
13853000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2590093966.0000000013853000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
13853000
|
| Size: |
12288
|
|
|
1B2A0DC0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1722311743.000001B2A0DC0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1B2A0DC0000
|
| Size: |
4096
|
|
|
1BDA8000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2933887108.000000001BDA8000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BDA8000
|
| Size: |
32768
|
|
|
1C0DD7EB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DD7EB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DD7EB000
|
| Size: |
225280
|
|
|
E77000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2499958843.0000000000E77000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E77000
|
| Size: |
135168
|
|
|
1B2B9574000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1752845095.000001B2B9574000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2B9574000
|
| Size: |
24576
|
|
|
7FFD9B82C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2935451145.00007FFD9B82C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B82C000
|
| Size: |
4096
|
|
|
13858000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2590093966.0000000013858000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
13858000
|
| Size: |
4096
|
|
|
E51000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2499958843.0000000000E51000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E51000
|
| Size: |
8192
|
|
|
1655AC0C000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2308290070.000001655AC0C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655AC0C000
|
| Size: |
20480
|
|
|
1654086D000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2068163642.000001654086D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1654086D000
|
| Size: |
12288
|
|
|
7FFD9BAD8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2318618320.00007FFD9BAD8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAD8000
|
| Size: |
4096
|
|
|
7FFD9B82C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1753375707.00007FFD9B82C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B82C000
|
| Size: |
61440
|
|
|
1C0DC1D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1912716493.000001C0DC1D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DC1D0000
|
| Size: |
16384
|
|
|
12EA3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2378834218.0000000012EA3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12EA3000
|
| Size: |
12288
|
|
|
1B2A1F16000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A1F16000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A1F16000
|
| Size: |
548864
|
|
|
16543E2A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.0000016543E2A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16543E2A000
|
| Size: |
4763648
|
|
|
1C0DA999000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1910325167.000001C0DA999000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0DA999000
|
| Size: |
483328
|
|
|
117263E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2066574270.000000117263E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
117263E000
|
| Size: |
8192
|
|
|
165527BB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2256933254.00000165527BB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
165527BB000
|
| Size: |
16384
|
|
|
7FFD9B820000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2039488406.00007FFD9B820000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B820000
|
| Size: |
8192
|
|
|
117247E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2066035181.000000117247E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
117247E000
|
| Size: |
8192
|
|
|
7DF482000000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1753008696.00007DF482000000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7DF482000000
|
| Size: |
4096
|
|
|
7FFD9BAD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1884013615.00007FFD9BAD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAD0000
|
| Size: |
4096
|
|
|
12E7A812000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1876479990.0000012E7A812000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A812000
|
| Size: |
4096
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
F10000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2374515292.0000000000F10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F10000
|
| Size: |
4096
|
|
|
1654085F000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2068163642.000001654085F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1654085F000
|
| Size: |
4096
|
|
|
7FFD9BADC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2318618320.00007FFD9BADC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BADC000
|
| Size: |
8192
|
|
|
1225000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2580706282.0000000001225000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1225000
|
| Size: |
28672
|
|
|
12E7A508000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1873106188.0000012E7A508000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A508000
|
| Size: |
16384
|
|
|
8C23F49000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721564563.0000008C23F49000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C23F49000
|
| Size: |
28672
|
|
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1882892857.00007FFD9BA50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA50000
|
| Size: |
65536
|
|
|
1B2A0B40000
|
trusted library section
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721984697.000001B2A0B40000.00000004.08000000.00040000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page read and write
|
| Base address: |
1B2A0B40000
|
| Size: |
4096
|
|
|
7FFD9BB70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1756126146.00007FFD9BB70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BB70000
|
| Size: |
65536
|
|
|
11E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2580324566.00000000011E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
11E0000
|
| Size: |
4096
|
|
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1755096927.00007FFD9BA50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA50000
|
| Size: |
65536
|
|
|
EAB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2500612687.0000000000EAB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EAB000
|
| Size: |
8192
|
|
|
12E61FC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783230408.0000012E61FC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E61FC0000
|
| Size: |
12288
|
|
|
7FFD9B931000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1880075516.00007FFD9B931000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B931000
|
| Size: |
32768
|
|
|
1602000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2586014601.0000000001602000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1602000
|
| Size: |
16384
|
|
|
1B2A0E78000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A0E78000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A0E78000
|
| Size: |
1679360
|
|
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1753065467.00007FFD9B770000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B770000
|
| Size: |
4096
|
|
|
8C22DFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721309730.0000008C22DFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C22DFE000
|
| Size: |
8192
|
|
|
12E61F20000
|
heap
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.1783061186.0000012E61F20000.00000002.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page readonly
|
| Base address: |
12E61F20000
|
| Size: |
4096
|
|
|
12E7A8C9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1878237947.0000012E7A8C9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A8C9000
|
| Size: |
28672
|
|
|
1B29F19F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721674052.000001B29F19F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B29F19F000
|
| Size: |
20480
|
|
|
7FFD9B912000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2935773823.00007FFD9B912000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B912000
|
| Size: |
40960
|
|
|
16543103000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.0000016543103000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16543103000
|
| Size: |
12288
|
|
|
1CEC3620000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000D.00000002.2336206138.000001CEC3620000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CEC3620000
|
| Size: |
4096
|
|
|
1B2A19F1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A19F1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A19F1000
|
| Size: |
28672
|
|
|
1702000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2586923831.0000000001702000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1702000
|
| Size: |
4096
|
|
|
12E60690000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1782050477.0000012E60690000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E60690000
|
| Size: |
12288
|
|
|
2560000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2923709899.0000000002560000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
2560000
|
| Size: |
4096
|
|
|
2EAC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2377929426.0000000002EAC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EAC000
|
| Size: |
36864
|
|
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2310324845.00007FFD9B780000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B780000
|
| Size: |
40960
|
|
|
7FFD9BB96000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2319832801.00007FFD9BB96000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BB96000
|
| Size: |
40960
|
|
|
1134000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2579746452.0000000001134000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1134000
|
| Size: |
49152
|
|
|
1C0DC2C0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1913096346.000001C0DC2C0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1C0DC2C0000
|
| Size: |
20480
|
|
|
12E7A5DD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1874886508.0000012E7A5DD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A5DD000
|
| Size: |
8192
|
|
|
2639000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2923795440.0000000002639000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2639000
|
| Size: |
57344
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
16542230000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2072272621.0000016542230000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16542230000
|
| Size: |
4096
|
|
|
23A1D0C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1781606193.00000023A1D0C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23A1D0C000
|
| Size: |
16384
|
|
|
7FFD9B840000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000010.00000002.2503361918.00007FFD9B840000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B840000
|
| Size: |
4096
|
|
|
7FFD9B958000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1753843652.00007FFD9B958000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B958000
|
| Size: |
4096
|
|
|
7FFD9BAC9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2318369256.00007FFD9BAC9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAC9000
|
| Size: |
28672
|
|
|
7FFD9B950000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.1880311401.00007FFD9B950000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B950000
|
| Size: |
24576
|
|
|
2DDF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2501761929.0000000002DDF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2DDF000
|
| Size: |
4096
|
|
|
7DF482010000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1753024752.00007DF482010000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7DF482010000
|
| Size: |
4096
|
|
|
1655AA80000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2296251427.000001655AA80000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1655AA80000
|
| Size: |
4096
|
|
|
12E7A6A5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1875354317.0000012E7A6A5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A6A5000
|
| Size: |
12288
|
|
|
7FFD9BAC4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2045113531.00007FFD9BAC4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAC4000
|
| Size: |
4096
|
|
|
165524F1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2256933254.00000165524F1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
165524F1000
|
| Size: |
8192
|
|
|
1B2A0C10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722124464.000001B2A0C10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A0C10000
|
| Size: |
65536
|
|
|
165442B7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.00000165442B7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
165442B7000
|
| Size: |
139264
|
|
|
104B000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2375448232.000000000104B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
104B000
|
| Size: |
4096
|
|
|
1B29F130000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721647470.000001B29F130000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B29F130000
|
| Size: |
16384
|
|
|
1B9AD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2933609565.000000001B9AD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B9AD000
|
| Size: |
12288
|
|
|
1B29F1C8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721674052.000001B29F1C8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B29F1C8000
|
| Size: |
8192
|
|
|
1302000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2501571141.0000000001302000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1302000
|
| Size: |
4096
|
|
|
1C0F4A90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2034822313.000001C0F4A90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F4A90000
|
| Size: |
135168
|
|
|
1C0DD6BA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DD6BA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DD6BA000
|
| Size: |
831488
|
|
|
12E7A91E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1878438294.0000012E7A91E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A91E000
|
| Size: |
8192
|
|
|
1C0DDD6D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DDD6D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DDD6D000
|
| Size: |
401408
|
|
|
7FFD9B856000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1753448812.00007FFD9B856000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B856000
|
| Size: |
86016
|
|
|
7FFD9BBB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2320165408.00007FFD9BBB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BBB0000
|
| Size: |
36864
|
|
|
1C0DC210000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1912812726.000001C0DC210000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DC210000
|
| Size: |
4096
|
|
|
165442DC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.00000165442DC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
165442DC000
|
| Size: |
118784
|
|
|
12E722C4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1854477434.0000012E722C4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E722C4000
|
| Size: |
12288
|
|
|
12E62A22000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783319483.0000012E62A22000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E62A22000
|
| Size: |
3276800
|
|
|
1C0EC7CD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2014105281.000001C0EC7CD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0EC7CD000
|
| Size: |
12288
|
|
|
117358C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2067904853.000000117358C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
117358C000
|
| Size: |
16384
|
|
|
1654086B000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2068163642.000001654086B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1654086B000
|
| Size: |
4096
|
|
|
1B2A1B70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A1B70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A1B70000
|
| Size: |
2236416
|
|
|
12E6204F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783319483.0000012E6204F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E6204F000
|
| Size: |
1712128
|
|
|
7FFD9B830000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2380207823.00007FFD9B830000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B830000
|
| Size: |
4096
|
|
|
1655A82C000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2291158887.000001655A82C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655A82C000
|
| Size: |
135168
|
|
|
47D1F78000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1909027772.00000047D1F78000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47D1F78000
|
| Size: |
32768
|
|
|
1B2B0E11000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1746315456.000001B2B0E11000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2B0E11000
|
| Size: |
8192
|
|
|
165442FC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.00000165442FC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
165442FC000
|
| Size: |
12288
|
|
|
23A0CF8000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1780822748.00000023A0CF8000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23A0CF8000
|
| Size: |
32768
|
|
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2309818004.00007FFD9B774000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B774000
|
| Size: |
36864
|
|
|
1C0F49B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2034660381.000001C0F49B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F49B0000
|
| Size: |
20480
|
|
|
7FFD9B970000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.1880652182.00007FFD9B970000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B970000
|
| Size: |
45056
|
|
|
23A0F3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1781166320.00000023A0F3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23A0F3E000
|
| Size: |
8192
|
|
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2041012589.00007FFD9B970000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B970000
|
| Size: |
65536
|
|
|
47D217E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1909294239.00000047D217E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47D217E000
|
| Size: |
8192
|
|
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2039042723.00007FFD9B774000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B774000
|
| Size: |
36864
|
|
|
1BBFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2379489467.000000001BBFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BBFE000
|
| Size: |
8192
|
|
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2043533616.00007FFD9BA40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA40000
|
| Size: |
65536
|
|
|
1299000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2582536331.0000000001299000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1299000
|
| Size: |
98304
|
|
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2379839160.00007FFD9B780000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B780000
|
| Size: |
8192
|
|
|
1C0DD0E6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DD0E6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DD0E6000
|
| Size: |
1077248
|
|
|
1B2A12BD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A12BD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A12BD000
|
| Size: |
5783552
|
|
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2312920586.00007FFD9B970000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B970000
|
| Size: |
65536
|
|
|
47D19BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1908587105.00000047D19BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47D19BE000
|
| Size: |
8192
|
|
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2309719724.00007FFD9B770000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B770000
|
| Size: |
4096
|
|
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2041473869.00007FFD9B9B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B9B0000
|
| Size: |
65536
|
|
|
165426F8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.00000165426F8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
165426F8000
|
| Size: |
2768896
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
165524D1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2256933254.00000165524D1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
165524D1000
|
| Size: |
77824
|
|
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1755169005.00007FFD9BA60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA60000
|
| Size: |
65536
|
|
|
1B2A2C15000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A2C15000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A2C15000
|
| Size: |
12288
|
|
|
1654358F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.000001654358F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1654358F000
|
| Size: |
393216
|
|
|
1B602000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2502479526.000000001B602000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B602000
|
| Size: |
4096
|
|
|
8C230F7000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721393794.0000008C230F7000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C230F7000
|
| Size: |
24576
|
|
|
7FFD9B890000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000012.00000002.2592493908.00007FFD9B890000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B890000
|
| Size: |
12288
|
|
|
7FFD9B83C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.1879435568.00007FFD9B83C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B83C000
|
| Size: |
61440
|
|
|
1C0DE019000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DE019000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DE019000
|
| Size: |
2756608
|
|
|
1C0DD823000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DD823000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DD823000
|
| Size: |
524288
|
|
|
1B2B951C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1752667022.000001B2B951C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2B951C000
|
| Size: |
90112
|
|
|
1C0DD25E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DD25E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DD25E000
|
| Size: |
2043904
|
|
|
7FFD9BAE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2318896014.00007FFD9BAE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAE0000
|
| Size: |
65536
|
|
|
1B2B9400000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1751591986.000001B2B9400000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2B9400000
|
| Size: |
102400
|
|
|
1B2B94AC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1752157654.000001B2B94AC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2B94AC000
|
| Size: |
8192
|
|
|
1C0F4BD1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2038495669.000001C0F4BD1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F4BD1000
|
| Size: |
20480
|
|
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1880994748.00007FFD9B990000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B990000
|
| Size: |
65536
|
|
|
7FFD9B952000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2040679376.00007FFD9B952000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B952000
|
| Size: |
4096
|
|
|
104D000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2375448232.000000000104D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
104D000
|
| Size: |
16384
|
|
|
16540832000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2068163642.0000016540832000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16540832000
|
| Size: |
167936
|
|
|
1B2B9498000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1752157654.000001B2B9498000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2B9498000
|
| Size: |
77824
|
|
|
1655A810000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2291158887.000001655A810000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655A810000
|
| Size: |
106496
|
|
|
6FC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000013.00000002.2916490715.00000000006FC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
19
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6FC000
|
| Size: |
16384
|
|
|
123C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2581242749.000000000123C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
123C000
|
| Size: |
16384
|
|
|
1655ABC5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2299331952.000001655ABC5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655ABC5000
|
| Size: |
81920
|
|
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2380008283.00007FFD9B78D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B78D000
|
| Size: |
4096
|
|
|
16543774000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.0000016543774000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16543774000
|
| Size: |
389120
|
|
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1881484936.00007FFD9B9C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B9C0000
|
| Size: |
65536
|
|
|
8BC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2917443037.00000000008BC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8BC000
|
| Size: |
126976
|
|
|
1655A8A2000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2293488165.000001655A8A2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655A8A2000
|
| Size: |
65536
|
|
|
1C0F4B95000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2037973133.000001C0F4B95000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F4B95000
|
| Size: |
28672
|
|
|
E13000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2498607412.0000000000E13000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E13000
|
| Size: |
57344
|
|
|
1C0F4B07000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2036401401.000001C0F4B07000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F4B07000
|
| Size: |
36864
|
|
|
7FFD9BB8C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1888362932.00007FFD9BB8C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BB8C000
|
| Size: |
16384
|
|
|
8E4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2917443037.00000000008E4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8E4000
|
| Size: |
45056
|
|
|
1C0DDE2F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DDE2F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DDE2F000
|
| Size: |
1994752
|
|
|
23A0B7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1780667394.00000023A0B7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23A0B7F000
|
| Size: |
4096
|
|
|
11729BB000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2067482932.00000011729BB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
11729BB000
|
| Size: |
20480
|
|
|
7FFD9B820000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1753311685.00007FFD9B820000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B820000
|
| Size: |
8192
|
|
|
23A0DB7000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1780950706.00000023A0DB7000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23A0DB7000
|
| Size: |
36864
|
|
|
1655AAF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2297252623.000001655AAF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655AAF0000
|
| Size: |
16384
|
|
|
8C23FCD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721579589.0000008C23FCD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C23FCD000
|
| Size: |
12288
|
|
|
7FFD9BBB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2046833831.00007FFD9BBB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BBB0000
|
| Size: |
65536
|
|
|
E3C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2499462881.0000000000E3C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E3C000
|
| Size: |
4096
|
|
|
165434D4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.00000165434D4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
165434D4000
|
| Size: |
176128
|
|
|
7FFD9BBA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1890752737.00007FFD9BBA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BBA0000
|
| Size: |
65536
|
|
|
8A5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2917198730.00000000008A5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8A5000
|
| Size: |
40960
|
|
|
7FFD9BAD8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2045285856.00007FFD9BAD8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAD8000
|
| Size: |
4096
|
|
|
11724F7000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2066083699.00000011724F7000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
11724F7000
|
| Size: |
36864
|
|
|
12598000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2928491884.0000000012598000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12598000
|
| Size: |
16384
|
|
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2380065234.00007FFD9B790000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B790000
|
| Size: |
4096
|
|
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1883348026.00007FFD9BA70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA70000
|
| Size: |
65536
|
|
|
1C0F4AB2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2034822313.000001C0F4AB2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F4AB2000
|
| Size: |
110592
|
|
|
1655A84E000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2292511667.000001655A84E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655A84E000
|
| Size: |
40960
|
|
|
7FFD9BBE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2320946064.00007FFD9BBE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BBE0000
|
| Size: |
8192
|
|
|
1C0DA94C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1910325167.000001C0DA94C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0DA94C000
|
| Size: |
16384
|
|
|
12B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2583043540.00000000012B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12B4000
|
| Size: |
53248
|
|
|
1C0DD8A5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DD8A5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DD8A5000
|
| Size: |
3911680
|
|
|
1B29F187000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721674052.000001B29F187000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B29F187000
|
| Size: |
4096
|
|
|
1B460000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2929290109.000000001B460000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B460000
|
| Size: |
8192
|
|
|
12E606D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1782050477.0000012E606D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E606D5000
|
| Size: |
8192
|
|
|
1B2A2682000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A2682000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A2682000
|
| Size: |
401408
|
|
|
7FFD9BAE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2045516144.00007FFD9BAE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAE0000
|
| Size: |
40960
|
|
|
16540867000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2068163642.0000016540867000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16540867000
|
| Size: |
4096
|
|
|
1B2A20FD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A20FD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A20FD000
|
| Size: |
204800
|
|
|
7FFD9B952000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2312531148.00007FFD9B952000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B952000
|
| Size: |
4096
|
|
|
1C0EC511000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2014105281.000001C0EC511000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0EC511000
|
| Size: |
253952
|
|
|
1C0DC4E1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DC4E1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DC4E1000
|
| Size: |
458752
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1102000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2377510398.0000000001102000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1102000
|
| Size: |
16384
|
|
|
165423A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2073311166.00000165423A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
165423A0000
|
| Size: |
4096
|
|
|
2E9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2377849271.0000000002E9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E9E000
|
| Size: |
8192
|
|
|
7FFD9B940000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.1880278693.00007FFD9B940000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B940000
|
| Size: |
4096
|
|
|
1B2B9180000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1750617006.000001B2B9180000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2B9180000
|
| Size: |
319488
|
|
|
1BE3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2934097346.000000001BE3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BE3E000
|
| Size: |
8192
|
|
|
12E722CC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1854477434.0000012E722CC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E722CC000
|
| Size: |
4096
|
|
|
23A0E39000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1781004559.00000023A0E39000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23A0E39000
|
| Size: |
28672
|
|
|
1BAFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2502721595.000000001BAFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BAFE000
|
| Size: |
8192
|
|
|
12E61F30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783082946.0000012E61F30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E61F30000
|
| Size: |
65536
|
|
|
E20000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2374439166.0000000000E20000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E20000
|
| Size: |
4096
|
|
|
1B2A0DF1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A0DF1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A0DF1000
|
| Size: |
540672
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
165424C0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2076373239.00000165424C0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
165424C0000
|
| Size: |
4096
|
|
|
1654090E000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2068163642.000001654090E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1654090E000
|
| Size: |
69632
|
|
|
12E71FF1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1854477434.0000012E71FF1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E71FF1000
|
| Size: |
8192
|
|
|
F02000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2501318873.0000000000F02000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F02000
|
| Size: |
16384
|
|
|
7FFD9BA80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1755567784.00007FFD9BA80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA80000
|
| Size: |
57344
|
|
|
1B2A1AFF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A1AFF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A1AFF000
|
| Size: |
421888
|
|
|
12DE3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2502160881.0000000012DE3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12DE3000
|
| Size: |
12288
|
|
|
16542280000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2072329174.0000016542280000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16542280000
|
| Size: |
12288
|
|
|
7FFD9BAA3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1755689492.00007FFD9BAA3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAA3000
|
| Size: |
28672
|
|
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2041693508.00007FFD9B9C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B9C0000
|
| Size: |
65536
|
|
|
7FFD9B930000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1753786477.00007FFD9B930000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B930000
|
| Size: |
24576
|
|
|
1BEFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2590984103.000000001BEFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BEFF000
|
| Size: |
4096
|
|
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1754498872.00007FFD9B9D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B9D0000
|
| Size: |
65536
|
|
|
E3E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2499462881.0000000000E3E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E3E000
|
| Size: |
4096
|
|
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1754354022.00007FFD9B9B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B9B0000
|
| Size: |
65536
|
|
|
7FFD9BB00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2046011262.00007FFD9BB00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BB00000
|
| Size: |
45056
|
|
|
165437D6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.00000165437D6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
165437D6000
|
| Size: |
749568
|
|
|
12E7A919000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1878438294.0000012E7A919000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A919000
|
| Size: |
8192
|
|
|
1C0DD511000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DD511000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DD511000
|
| Size: |
397312
|
|
|
7FFD9BA31000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2316303400.00007FFD9BA31000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA31000
|
| Size: |
12288
|
|
|
7FFD9B7DC000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000010.00000002.2503260748.00007FFD9B7DC000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B7DC000
|
| Size: |
4096
|
|
|
7FFD9BAD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2045285856.00007FFD9BAD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAD0000
|
| Size: |
4096
|
|
|
12E60640000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1781849225.0000012E60640000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E60640000
|
| Size: |
16384
|
|
|
1C0DDDD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DDDD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DDDD0000
|
| Size: |
376832
|
|
|
1C0DA910000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1910325167.000001C0DA910000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0DA910000
|
| Size: |
28672
|
|
|
12E60694000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1782050477.0000012E60694000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E60694000
|
| Size: |
4096
|
|
|
47D1DF7000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1908807146.00000047D1DF7000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47D1DF7000
|
| Size: |
36864
|
|
|
AB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2923066316.0000000000AB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
AB0000
|
| Size: |
8192
|
|
|
8C22C73000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721264184.0000008C22C73000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C22C73000
|
| Size: |
53248
|
|
|
260A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2923795440.000000000260A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
260A000
|
| Size: |
73728
|
|
|
12E63838000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783319483.0000012E63838000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E63838000
|
| Size: |
147456
|
|
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2313528654.00007FFD9B990000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B990000
|
| Size: |
65536
|
|
|
7FFD9BB10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1887777810.00007FFD9BB10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BB10000
|
| Size: |
36864
|
|
|
1655A9B3000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2295864647.000001655A9B3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655A9B3000
|
| Size: |
32768
|
|
|
2603000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2923795440.0000000002603000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2603000
|
| Size: |
16384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
|
|
1C0EC4E1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2014105281.000001C0EC4E1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0EC4E1000
|
| Size: |
57344
|
|
|
7FFD9BB80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1888362932.00007FFD9BB80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BB80000
|
| Size: |
4096
|
|
|
1BAFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2379384926.000000001BAFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BAFE000
|
| Size: |
8192
|
|
|
12E608F5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1782928523.0000012E608F5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E608F5000
|
| Size: |
40960
|
|
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1754039564.00007FFD9B970000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B970000
|
| Size: |
65536
|
|
|
1C0DD7B8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DD7B8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DD7B8000
|
| Size: |
196608
|
|
|
7FFD9B783000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2934936496.00007FFD9B783000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B783000
|
| Size: |
40960
|
|
|
12E63DAC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783319483.0000012E63DAC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E63DAC000
|
| Size: |
143360
|
|
|
1B29F181000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721674052.000001B29F181000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B29F181000
|
| Size: |
12288
|
|
|
1B2A0BC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722043765.000001B2A0BC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A0BC0000
|
| Size: |
16384
|
|
|
1655A9A5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2295864647.000001655A9A5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655A9A5000
|
| Size: |
24576
|
|
|
1C0F4832000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2031373620.000001C0F4832000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F4832000
|
| Size: |
192512
|
|
|
1C0DA790000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1909790949.000001C0DA790000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0DA790000
|
| Size: |
4096
|
|
|
117237E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2065838410.000000117237E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
117237E000
|
| Size: |
8192
|
|
|
16542210000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2072191356.0000016542210000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16542210000
|
| Size: |
16384
|
|
|
7FFD9BB6C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2319570747.00007FFD9BB6C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BB6C000
|
| Size: |
8192
|
|
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1881635409.00007FFD9B9D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B9D0000
|
| Size: |
65536
|
|
|
12E722BD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1854477434.0000012E722BD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E722BD000
|
| Size: |
16384
|
|
|
1B26E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2929240861.000000001B26E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B26E000
|
| Size: |
8192
|
|
|
12E6068C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1782050477.0000012E6068C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E6068C000
|
| Size: |
4096
|
|
|
7FFD9B856000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2311234420.00007FFD9B856000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B856000
|
| Size: |
86016
|
|
|
23A0D3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1780925857.00000023A0D3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23A0D3E000
|
| Size: |
8192
|
|
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2316495629.00007FFD9BA40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA40000
|
| Size: |
65536
|
|
|
1C1EA000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2934345953.000000001C1EA000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1C1EA000
|
| Size: |
24576
|
|
|
16543D43000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.0000016543D43000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16543D43000
|
| Size: |
143360
|
|
|
1B2A209C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A209C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A209C000
|
| Size: |
385024
|
|
|
7FFD9BBC6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2047205403.00007FFD9BBC6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BBC6000
|
| Size: |
40960
|
|
|
7FFD9BA72000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2317617947.00007FFD9BA72000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA72000
|
| Size: |
16384
|
|
|
7FFD9B964000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1880425858.00007FFD9B964000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B964000
|
| Size: |
12288
|
|
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2315090524.00007FFD9B9D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B9D0000
|
| Size: |
36864
|
|
|
1190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2580247243.0000000001190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1190000
|
| Size: |
4096
|
|
|
7FFD9B922000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2503531678.00007FFD9B922000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B922000
|
| Size: |
12288
|
|
|
BD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2497955179.0000000000BD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BD0000
|
| Size: |
4096
|
|
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2315614321.00007FFD9BA00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA00000
|
| Size: |
65536
|
|
|
7FFD9BBB0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.1891532288.00007FFD9BBB0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9BBB0000
|
| Size: |
4096
|
|
|
1BDB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2934059515.000000001BDB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BDB0000
|
| Size: |
4096
|
|
|
16544301000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.0000016544301000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16544301000
|
| Size: |
49152
|
|
|
12E63753000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783319483.0000012E63753000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E63753000
|
| Size: |
929792
|
|
|
7FFD9B9F6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2042319270.00007FFD9B9F6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B9F6000
|
| Size: |
40960
|
|
|
1B2B9310000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1751532684.000001B2B9310000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2B9310000
|
| Size: |
32768
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
11725F9000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2066385496.00000011725F9000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
11725F9000
|
| Size: |
28672
|
|
|
1B2B91FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1750617006.000001B2B91FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2B91FE000
|
| Size: |
143360
|
|
|
1C0DA8E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1910146015.000001C0DA8E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0DA8E5000
|
| Size: |
24576
|
|
|
12E605A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1781737759.0000012E605A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E605A0000
|
| Size: |
20480
|
|
|
7FFD9BAC4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1755732586.00007FFD9BAC4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAC4000
|
| Size: |
4096
|
|
|
1029000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2375036366.0000000001029000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1029000
|
| Size: |
16384
|
|
|
1C0DA995000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1910325167.000001C0DA995000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0DA995000
|
| Size: |
12288
|
|
|
1655AAC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2296285434.000001655AAC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655AAC0000
|
| Size: |
151552
|
|
|
7FFD9BAE8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1884202067.00007FFD9BAE8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAE8000
|
| Size: |
12288
|
|
|
97D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2917443037.000000000097D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
97D000
|
| Size: |
200704
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| AV process strings found (often used to terminate AV products) |
Lowering of HIPS / PFW / Operating System Security Settings |
Security Software Discovery
|
|
|
23A1B8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1781332374.00000023A1B8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23A1B8E000
|
| Size: |
8192
|
|
|
7FFD9BADA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2318618320.00007FFD9BADA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BADA000
|
| Size: |
4096
|
|
|
1655A8B3000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2293488165.000001655A8B3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655A8B3000
|
| Size: |
4096
|
|
|
7FFD9B958000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2040679376.00007FFD9B958000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B958000
|
| Size: |
4096
|
|
|
1B29F310000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721919041.000001B29F310000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B29F310000
|
| Size: |
16384
|
|
|
12E61F40000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.1783188277.0000012E61F40000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
12E61F40000
|
| Size: |
4096
|
|
|
1B802000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2379318473.000000001B802000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B802000
|
| Size: |
4096
|
|
|
7FFD9BB60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2046221070.00007FFD9BB60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BB60000
|
| Size: |
65536
|
|
|
7FFD9B773000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1753099293.00007FFD9B773000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B773000
|
| Size: |
4096
|
|
|
1B437000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2929290109.000000001B437000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B437000
|
| Size: |
131072
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| AV process strings found (often used to terminate AV products) |
Lowering of HIPS / PFW / Operating System Security Settings |
Security Software Discovery
|
|
|
1B29F330000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721934672.000001B29F330000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B29F330000
|
| Size: |
8192
|
|
|
12E63093000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783319483.0000012E63093000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E63093000
|
| Size: |
397312
|
|
|
7FFD9B920000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1879917442.00007FFD9B920000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B920000
|
| Size: |
4096
|
|
|
E44000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2499462881.0000000000E44000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E44000
|
| Size: |
49152
|
|
|
7FFD9BAC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1755732586.00007FFD9BAC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAC0000
|
| Size: |
4096
|
|
|
16543107000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.0000016543107000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16543107000
|
| Size: |
1327104
|
|
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1753190985.00007FFD9B780000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B780000
|
| Size: |
40960
|
|
|
7FFD9BB63000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1756040401.00007FFD9BB63000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BB63000
|
| Size: |
53248
|
|
|
7FFD9B7CC000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2039457530.00007FFD9B7CC000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B7CC000
|
| Size: |
4096
|
|
|
23A1D8C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1781641209.00000023A1D8C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23A1D8C000
|
| Size: |
4096
|
|
|
23A1B0D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1781304369.00000023A1B0D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23A1B0D000
|
| Size: |
12288
|
|
|
6F4000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2916460704.00000000006F4000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6F4000
|
| Size: |
49152
|
|
|
7FFD9BAE2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1884202067.00007FFD9BAE2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAE2000
|
| Size: |
20480
|
|
|
1C0EC7D2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2014105281.000001C0EC7D2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0EC7D2000
|
| Size: |
16384
|
|
|
7FFD9B960000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2040839241.00007FFD9B960000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B960000
|
| Size: |
45056
|
|
|
7FFD9B954000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1753843652.00007FFD9B954000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B954000
|
| Size: |
12288
|
|
|
1B29F152000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721674052.000001B29F152000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B29F152000
|
| Size: |
176128
|
|
|
1B2A0B10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721949057.000001B2A0B10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2A0B10000
|
| Size: |
4096
|
|
|
1655A865000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2292511667.000001655A865000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655A865000
|
| Size: |
139264
|
|
|
1B2A1FD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A1FD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A1FD0000
|
| Size: |
831488
|
|
|
117283E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2067229311.000000117283E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
117283E000
|
| Size: |
8192
|
|
|
12E63DD1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783319483.0000012E63DD1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E63DD1000
|
| Size: |
118784
|
|
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000010.00000002.2503398797.00007FFD9B866000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B866000
|
| Size: |
4096
|
|
|
16543C5D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.0000016543C5D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16543C5D000
|
| Size: |
929792
|
|
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1882204147.00007FFD9BA10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA10000
|
| Size: |
65536
|
|
|
12E7A55A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1874257049.0000012E7A55A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A55A000
|
| Size: |
167936
|
|
|
1C2EA000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2934460082.000000001C2EA000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1C2EA000
|
| Size: |
24576
|
|
|
1C0DC709000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DC709000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DC709000
|
| Size: |
2764800
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
91E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2917443037.000000000091E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
91E000
|
| Size: |
20480
|
|
|
7FFD9BAD2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2318618320.00007FFD9BAD2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAD2000
|
| Size: |
4096
|
|
|
165436E1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.00000165436E1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
165436E1000
|
| Size: |
598016
|
|
|
1655AAE6000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2296285434.000001655AAE6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655AAE6000
|
| Size: |
36864
|
|
|
1C0F487D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2031373620.000001C0F487D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F487D000
|
| Size: |
4096
|
|
|
7FFD9BAD4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1884013615.00007FFD9BAD4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAD4000
|
| Size: |
4096
|
|
|
1B2B957C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1752845095.000001B2B957C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2B957C000
|
| Size: |
40960
|
|
|
10CC000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2377456452.00000000010CC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10CC000
|
| Size: |
8192
|
|
|
47D1FF9000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1909103302.00000047D1FF9000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47D1FF9000
|
| Size: |
28672
|
|
|
12E62D43000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783319483.0000012E62D43000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E62D43000
|
| Size: |
32768
|
|
|
7FFD9B930000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2040593125.00007FFD9B930000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B930000
|
| Size: |
24576
|
|
|
11723F9000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2065892336.00000011723F9000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
11723F9000
|
| Size: |
28672
|
|
|
8C22FFD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721365344.0000008C22FFD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C22FFD000
|
| Size: |
12288
|
|
|
1C0DD63E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DD63E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DD63E000
|
| Size: |
495616
|
|
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1753164706.00007FFD9B77D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B77D000
|
| Size: |
12288
|
|
|
1B2B9620000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1752969072.000001B2B9620000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2B9620000
|
| Size: |
4096
|
|
|
12E6327B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783319483.0000012E6327B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E6327B000
|
| Size: |
385024
|
|
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1878830924.00007FFD9B780000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B780000
|
| Size: |
4096
|
|
|
12E722DC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1854477434.0000012E722DC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E722DC000
|
| Size: |
1765376
|
|
|
7FFD9B920000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2935959738.00007FFD9B920000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B920000
|
| Size: |
16384
|
|
|
7FFD9BAF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1885382725.00007FFD9BAF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAF0000
|
| Size: |
65536
|
|
|
12E7A81D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1876687071.0000012E7A81D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A81D000
|
| Size: |
184320
|
|
|
1C0EC554000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2014105281.000001C0EC554000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0EC554000
|
| Size: |
2576384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
972000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2917443037.0000000000972000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
972000
|
| Size: |
40960
|
|
|
1B6AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2933447643.000000001B6AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B6AE000
|
| Size: |
8192
|
|
|
3851000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2587398021.0000000003851000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3851000
|
| Size: |
40960
|
|
|
16542556000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.0000016542556000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16542556000
|
| Size: |
1683456
|
|
|
970000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2917443037.0000000000970000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
970000
|
| Size: |
4096
|
|
|
1B2A265C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A265C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A265C000
|
| Size: |
143360
|
|
|
7FFD9B8A0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.1879765691.00007FFD9B8A0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B8A0000
|
| Size: |
53248
|
|
|
2EA1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2377929426.0000000002EA1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EA1000
|
| Size: |
40960
|
|
|
7FFD9BB00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1755993540.00007FFD9BB00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BB00000
|
| Size: |
36864
|
|
|
1C0DA95B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1910325167.000001C0DA95B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0DA95B000
|
| Size: |
4096
|
|
|
1B2A0C90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722190837.000001B2A0C90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2A0C90000
|
| Size: |
4096
|
|
|
23A07CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1780579464.00000023A07CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23A07CF000
|
| Size: |
4096
|
|
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2379896983.00007FFD9B784000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B784000
|
| Size: |
24576
|
|
|
1046000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2375448232.0000000001046000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1046000
|
| Size: |
4096
|
|
|
1C0DD481000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DD481000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DD481000
|
| Size: |
4096
|
|
|
7FFD9BB80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2319667706.00007FFD9BB80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BB80000
|
| Size: |
32768
|
|
|
1CEC39E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000D.00000002.2336318651.000001CEC39E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CEC39E5000
|
| Size: |
12288
|
|
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2502940157.00007FFD9B790000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B790000
|
| Size: |
8192
|
|
|
12E7A84B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1876687071.0000012E7A84B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A84B000
|
| Size: |
8192
|
|
|
1B2B9540000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1752667022.000001B2B9540000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2B9540000
|
| Size: |
4096
|
|
|
8C2327E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721448510.0000008C2327E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C2327E000
|
| Size: |
8192
|
|
|
12E7A518000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1873496187.0000012E7A518000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A518000
|
| Size: |
233472
|
|
|
1B2B0E21000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1746315456.000001B2B0E21000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2B0E21000
|
| Size: |
253952
|
|
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2934668693.00007FFD9B770000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B770000
|
| Size: |
4096
|
|
|
1B2A26E5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A26E5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A26E5000
|
| Size: |
376832
|
|
|
7FFD9B773000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2379724739.00007FFD9B773000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B773000
|
| Size: |
4096
|
|
|
1171FF3000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2065490719.0000001171FF3000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1171FF3000
|
| Size: |
53248
|
|
|
1B2B94B5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1752157654.000001B2B94B5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2B94B5000
|
| Size: |
307200
|
|
|
1B2B9257000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1751261280.000001B2B9257000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2B9257000
|
| Size: |
163840
|
|
|
12E63920000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783319483.0000012E63920000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E63920000
|
| Size: |
4763648
|
|
|
1000000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2374734974.0000000001000000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1000000
|
| Size: |
73728
|
|
|
165527DA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2256933254.00000165527DA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
165527DA000
|
| Size: |
1306624
|
|
|
1B2A2130000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A2130000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A2130000
|
| Size: |
540672
|
|
|
360000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1645294878.0000000000360000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
360000
|
| Size: |
4096
|
|
|
1048000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2375448232.0000000001048000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1048000
|
| Size: |
8192
|
|
|
7FFD9BBD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2047397651.00007FFD9BBD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BBD0000
|
| Size: |
8192
|
|
|
7FFD9BAB3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1883936646.00007FFD9BAB3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAB3000
|
| Size: |
28672
|
|
|
12E61F70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783209783.0000012E61F70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E61F70000
|
| Size: |
4096
|
|
|
12E631AE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783319483.0000012E631AE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E631AE000
|
| Size: |
835584
|
|
|
7FFD9B794000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2935228735.00007FFD9B794000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B794000
|
| Size: |
4096
|
|
|
F80000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2374600725.0000000000F80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F80000
|
| Size: |
4096
|
|
|
7FFD9B954000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2312531148.00007FFD9B954000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B954000
|
| Size: |
12288
|
|
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2318158321.00007FFD9BAA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAA0000
|
| Size: |
4096
|
|
|
7FFD9B895000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2311627710.00007FFD9B895000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B895000
|
| Size: |
32768
|
|
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2314576346.00007FFD9B9C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B9C0000
|
| Size: |
65536
|
|
|
12E7A807000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1876479990.0000012E7A807000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A807000
|
| Size: |
40960
|
|
|
1B29F1CB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721674052.000001B29F1CB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B29F1CB000
|
| Size: |
475136
|
|
|
1655AB00000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2297252623.000001655AB00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655AB00000
|
| Size: |
114688
|
|
|
8C23E4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721536321.0000008C23E4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C23E4E000
|
| Size: |
8192
|
|
|
7FFD9B921000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1753703588.00007FFD9B921000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B921000
|
| Size: |
32768
|
|
|
B25000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2923489282.0000000000B25000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B25000
|
| Size: |
20480
|
|
|
7FFD9BB00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2319382260.00007FFD9BB00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BB00000
|
| Size: |
36864
|
|
|
1C0F4BE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2038495669.000001C0F4BE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F4BE0000
|
| Size: |
8192
|
|
|
1B2B9567000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1752845095.000001B2B9567000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2B9567000
|
| Size: |
20480
|
|
|
165408A6000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2068163642.00000165408A6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
165408A6000
|
| Size: |
8192
|
|
|
16540A20000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2071894765.0000016540A20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16540A20000
|
| Size: |
4096
|
|
|
1041000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2375448232.0000000001041000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1041000
|
| Size: |
16384
|
|
|
2648000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2923795440.0000000002648000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2648000
|
| Size: |
32768
|
|
|
165430C7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.00000165430C7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
165430C7000
|
| Size: |
28672
|
|
|
7FFD9BB7A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1887921448.00007FFD9BB7A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BB7A000
|
| Size: |
24576
|
|
|
7FFD9BA37000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2316303400.00007FFD9BA37000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA37000
|
| Size: |
16384
|
|
|
1027000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2375036366.0000000001027000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1027000
|
| Size: |
4096
|
|
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2039254736.00007FFD9B780000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B780000
|
| Size: |
40960
|
|
|
16552542000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2256933254.0000016552542000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16552542000
|
| Size: |
2576384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1B2B941A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1751591986.000001B2B941A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2B941A000
|
| Size: |
512000
|
|
|
8A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2917198730.00000000008A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8A0000
|
| Size: |
12288
|
|
|
1C8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2586967719.0000000001C8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1C8E000
|
| Size: |
8192
|
|
|
16540869000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2068163642.0000016540869000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16540869000
|
| Size: |
4096
|
|
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2039195523.00007FFD9B77D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B77D000
|
| Size: |
12288
|
|
|
1BC02000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2590813716.000000001BC02000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BC02000
|
| Size: |
4096
|
|
|
7FFD9BBD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1891716178.00007FFD9BBD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BBD0000
|
| Size: |
4096
|
|
|
12E61F10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783038036.0000012E61F10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E61F10000
|
| Size: |
4096
|
|
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2313193487.00007FFD9B980000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B980000
|
| Size: |
65536
|
|
|
1063000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2376175829.0000000001063000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1063000
|
| Size: |
8192
|
|
|
1B29F120000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721633010.000001B29F120000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B29F120000
|
| Size: |
4096
|
|
|
1B2B10DD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1746315456.000001B2B10DD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2B10DD000
|
| Size: |
12288
|
|
|
12E72044000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1854477434.0000012E72044000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E72044000
|
| Size: |
2580480
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
12E632DC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783319483.0000012E632DC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E632DC000
|
| Size: |
753664
|
|
|
23A0AF9000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1780622473.00000023A0AF9000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23A0AF9000
|
| Size: |
28672
|
|
|
12E630F6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783319483.0000012E630F6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E630F6000
|
| Size: |
540672
|
|
|
7FFD9B82C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2039657331.00007FFD9B82C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B82C000
|
| Size: |
61440
|
|
|
1B2A0C47000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1722144831.000001B2A0C47000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1B2A0C47000
|
| Size: |
12288
|
|
|
7FFD9BAC9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1755732586.00007FFD9BAC9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAC9000
|
| Size: |
28672
|
|
|
7FFD9B772000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1753065467.00007FFD9B772000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B772000
|
| Size: |
4096
|
|
|
16543563000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.0000016543563000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16543563000
|
| Size: |
176128
|
|
|
47D2C4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1909409288.00000047D2C4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47D2C4E000
|
| Size: |
8192
|
|
|
8B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2917443037.00000000008B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8B0000
|
| Size: |
20480
|
|
|
8C2347B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721521497.0000008C2347B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C2347B000
|
| Size: |
20480
|
|
|
11728BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2067376329.00000011728BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
11728BE000
|
| Size: |
8192
|
|
|
B20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2923489282.0000000000B20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B20000
|
| Size: |
12288
|
|
|
1B2B10E2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1746315456.000001B2B10E2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2B10E2000
|
| Size: |
16384
|
|
|
EB1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2500991151.0000000000EB1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EB1000
|
| Size: |
73728
|
|
|
700000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2916881026.0000000000700000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
700000
|
| Size: |
4096
|
|
|
1C0DC280000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1912906746.000001C0DC280000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DC280000
|
| Size: |
65536
|
|
|
23A0C7D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1780759894.00000023A0C7D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23A0C7D000
|
| Size: |
12288
|
|
|
1BEE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2934197813.000000001BEE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1BEE0000
|
| Size: |
12288
|
|
|
1C0DD786000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DD786000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DD786000
|
| Size: |
200704
|
|
|
7FFD9BB00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1887707993.00007FFD9BB00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BB00000
|
| Size: |
16384
|
|
|
BC4000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2374033093.0000000000BC4000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BC4000
|
| Size: |
49152
|
|
|
1160000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2580057389.0000000001160000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1160000
|
| Size: |
8192
|
|
|
7FFD9BAD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1755807365.00007FFD9BAD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAD0000
|
| Size: |
28672
|
|
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2038947507.00007FFD9B770000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B770000
|
| Size: |
4096
|
|
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1881171253.00007FFD9B9A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B9A0000
|
| Size: |
65536
|
|
|
7FFD9B958000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2312531148.00007FFD9B958000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B958000
|
| Size: |
4096
|
|
|
7FFD9B7CC000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2935330963.00007FFD9B7CC000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B7CC000
|
| Size: |
8192
|
|
|
12E7A6B6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1875354317.0000012E7A6B6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A6B6000
|
| Size: |
4096
|
|
|
1C0EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2934291239.000000001C0EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1C0EE000
|
| Size: |
8192
|
|
|
12E7A657000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.1875207405.0000012E7A657000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
12E7A657000
|
| Size: |
12288
|
|
|
23A0BFB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1780726167.00000023A0BFB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23A0BFB000
|
| Size: |
20480
|
|
|
1C0DDC61000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DDC61000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DDC61000
|
| Size: |
929792
|
|
|
23A06C3000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1780496392.00000023A06C3000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23A06C3000
|
| Size: |
53248
|
|
|
1243000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2581242749.0000000001243000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1243000
|
| Size: |
12288
|
|
|
12E7A8A4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1876687071.0000012E7A8A4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A8A4000
|
| Size: |
16384
|
|
|
1251000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2581810309.0000000001251000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1251000
|
| Size: |
4096
|
|
|
1C0F4B72000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2036401401.000001C0F4B72000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F4B72000
|
| Size: |
8192
|
|
|
B00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2923362378.0000000000B00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B00000
|
| Size: |
8192
|
|
|
1B40A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2929290109.000000001B40A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B40A000
|
| Size: |
167936
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| AV process strings found (often used to terminate AV products) |
Lowering of HIPS / PFW / Operating System Security Settings |
Security Software Discovery
|
|
|
1B2A2BF5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A2BF5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A2BF5000
|
| Size: |
118784
|
|
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1754275424.00007FFD9B9A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B9A0000
|
| Size: |
65536
|
|
|
117360E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2067996632.000000117360E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
117360E000
|
| Size: |
8192
|
|
|
2624000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2923795440.0000000002624000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2624000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
|
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1753117961.00007FFD9B774000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B774000
|
| Size: |
36864
|
|
|
10B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2376881988.00000000010B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10B0000
|
| Size: |
98304
|
|
|
7FFD9BB60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1756040401.00007FFD9BB60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BB60000
|
| Size: |
8192
|
|
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1882499466.00007FFD9BA30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA30000
|
| Size: |
65536
|
|
|
165424D1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.00000165424D1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
165424D1000
|
| Size: |
528384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
1B2A1019000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A1019000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A1019000
|
| Size: |
2764800
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
7FFD9B952000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1753843652.00007FFD9B952000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B952000
|
| Size: |
4096
|
|
|
8DC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2917443037.00000000008DC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8DC000
|
| Size: |
28672
|
|
|
EAE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2500612687.0000000000EAE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EAE000
|
| Size: |
4096
|
|
|
1013000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2375036366.0000000001013000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1013000
|
| Size: |
77824
|
|
|
1655AC35000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2309478297.000001655AC35000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655AC35000
|
| Size: |
4096
|
|
|
8F3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2917443037.00000000008F3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8F3000
|
| Size: |
24576
|
|
|
1B2B9501000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1752157654.000001B2B9501000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2B9501000
|
| Size: |
106496
|
|
|
165407F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2068080112.00000165407F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
165407F0000
|
| Size: |
16384
|
|
|
2DF1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2501792611.0000000002DF1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DF1000
|
| Size: |
16384
|
|
|
2DEC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2501792611.0000000002DEC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DEC000
|
| Size: |
8192
|
|
|
15CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2584485811.00000000015CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
15CE000
|
| Size: |
8192
|
|
|
7FFD9BAF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1755966773.00007FFD9BAF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAF0000
|
| Size: |
16384
|
|
|
1654085D000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2068163642.000001654085D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1654085D000
|
| Size: |
4096
|
|
|
12E7A50F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1873496187.0000012E7A50F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A50F000
|
| Size: |
32768
|
|
|
1C3EC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2934583733.000000001C3EC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1C3EC000
|
| Size: |
16384
|
|
|
1B2A0B80000
|
heap
|
page readonly
|
|
|
|
| Name: |
00000001.00000002.1722031071.000001B2A0B80000.00000002.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page readonly
|
| Base address: |
1B2A0B80000
|
| Size: |
4096
|
|
|
25F2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2923795440.00000000025F2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
25F2000
|
| Size: |
8192
|
|
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1753269312.00007FFD9B790000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B790000
|
| Size: |
4096
|
|
|
7FFD9B866000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.1879580020.00007FFD9B866000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B866000
|
| Size: |
86016
|
|
|
12E7A000000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1871355784.0000012E7A000000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E7A000000
|
| Size: |
12288
|
|
|
1BB9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2933677932.000000001BB9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BB9E000
|
| Size: |
8192
|
|
|
385C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2587398021.000000000385C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
385C000
|
| Size: |
8192
|
|
|
7FFD9B7A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2503209459.00007FFD9B7A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B7A0000
|
| Size: |
4096
|
|
|
16542F22000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.0000016542F22000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16542F22000
|
| Size: |
1720320
|
|
|
12591000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2928491884.0000000012591000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12591000
|
| Size: |
24576
|
|
|
12EA1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2378834218.0000000012EA1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12EA1000
|
| Size: |
4096
|
|
|
165422D0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2072633577.00000165422D0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
165422D0000
|
| Size: |
20480
|
|
|
117348E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2067724155.000000117348E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
117348E000
|
| Size: |
8192
|
|
|
12E6249D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783319483.0000012E6249D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E6249D000
|
| Size: |
5783552
|
|
|
1C0F4888000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2031373620.000001C0F4888000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F4888000
|
| Size: |
163840
|
|
|
7FFD9BB90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1889492174.00007FFD9BB90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BB90000
|
| Size: |
32768
|
|
|
1B2A19E9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A19E9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A19E9000
|
| Size: |
28672
|
|
|
47D1E7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1908901892.00000047D1E7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47D1E7E000
|
| Size: |
8192
|
|
|
24CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2923667894.00000000024CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
24CE000
|
| Size: |
8192
|
|
|
870000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2917099366.0000000000870000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
870000
|
| Size: |
8192
|
|
|
1C0F48CB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2033551704.000001C0F48CB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F48CB000
|
| Size: |
249856
|
|
|
1B25C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2502313189.000000001B25C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B25C000
|
| Size: |
16384
|
|
|
16542250000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2072329174.0000016542250000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16542250000
|
| Size: |
4096
|
|
|
23A1C07000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1781354584.00000023A1C07000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23A1C07000
|
| Size: |
36864
|
|
|
7FFD9B790000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1879062740.00007FFD9B790000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B790000
|
| Size: |
40960
|
|
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1754870029.00007FFD9BA20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA20000
|
| Size: |
65536
|
|
|
47D19FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1908624386.00000047D19FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47D19FE000
|
| Size: |
8192
|
|
|
1C0DDD47000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DDD47000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DDD47000
|
| Size: |
143360
|
|
|
1C0DD5A1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DD5A1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DD5A1000
|
| Size: |
393216
|
|
|
1CEC36A8000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000D.00000002.2336255099.000001CEC36A8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1CEC36A8000
|
| Size: |
159744
|
|
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1754570070.00007FFD9B9E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B9E0000
|
| Size: |
65536
|
|
|
1C0F4AD3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2034822313.000001C0F4AD3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F4AD3000
|
| Size: |
139264
|
|
|
E00000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2374385758.0000000000E00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E00000
|
| Size: |
8192
|
|
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2935122213.00007FFD9B78D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B78D000
|
| Size: |
12288
|
|
|
1C0DA8D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1909964392.000001C0DA8D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0DA8D0000
|
| Size: |
16384
|
|
|
7FFD9BBE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2047447523.00007FFD9BBE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BBE0000
|
| Size: |
65536
|
|
|
7FFD9BA80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1883537958.00007FFD9BA80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA80000
|
| Size: |
24576
|
|
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2044966966.00007FFD9BAA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAA0000
|
| Size: |
4096
|
|
|
1B2B96A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1752991264.000001B2B96A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2B96A0000
|
| Size: |
4096
|
|
|
ADB6B9000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000D.00000002.2336150030.0000000ADB6B9000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
13
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
ADB6B9000
|
| Size: |
28672
|
|
|
1B29F185000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721674052.000001B29F185000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B29F185000
|
| Size: |
4096
|
|
|
7FFD9BBD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2320541433.00007FFD9BBD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BBD0000
|
| Size: |
65536
|
|
|
7FFD9B960000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1753899888.00007FFD9B960000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B960000
|
| Size: |
45056
|
|
|
7FFD9BBD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1756492712.00007FFD9BBD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BBD0000
|
| Size: |
65536
|
|
|
1C0DA890000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1909939421.000001C0DA890000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0DA890000
|
| Size: |
4096
|
|
|
7FFD9B856000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2380240457.00007FFD9B856000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B856000
|
| Size: |
4096
|
|
|
7FFD9BAD5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2318618320.00007FFD9BAD5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAD5000
|
| Size: |
4096
|
|
|
8C22F77000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721351120.0000008C22F77000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C22F77000
|
| Size: |
36864
|
|
|
7FFD9B78D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.1879012671.00007FFD9B78D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B78D000
|
| Size: |
12288
|
|
|
7FFD9BB80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1756204426.00007FFD9BB80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BB80000
|
| Size: |
65536
|
|
|
2608000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2923795440.0000000002608000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2608000
|
| Size: |
4096
|
|
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2934801147.00007FFD9B77D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B77D000
|
| Size: |
12288
|
|
|
1C0DA918000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1910325167.000001C0DA918000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0DA918000
|
| Size: |
40960
|
|
|
7FFD9B912000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2380369234.00007FFD9B912000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B912000
|
| Size: |
12288
|
|
|
F70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2374572692.0000000000F70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
F70000
|
| Size: |
4096
|
|
|
1B7AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2933501978.000000001B7AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B7AE000
|
| Size: |
8192
|
|
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2042761547.00007FFD9BA10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA10000
|
| Size: |
65536
|
|
|
7FFD9BBF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1892436330.00007FFD9BBF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BBF0000
|
| Size: |
8192
|
|
|
12E60698000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1782050477.0000012E60698000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E60698000
|
| Size: |
4096
|
|
|
1C0DC2C6000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1913096346.000001C0DC2C6000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1C0DC2C6000
|
| Size: |
16384
|
|
|
BA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2497786216.0000000000BA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BA0000
|
| Size: |
8192
|
|
|
2676000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2923795440.0000000002676000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2676000
|
| Size: |
4096
|
|
|
7FFD9BB90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1756280485.00007FFD9BB90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BB90000
|
| Size: |
65536
|
|
|
1039000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2375448232.0000000001039000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1039000
|
| Size: |
12288
|
|
|
1655AB31000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2297964278.000001655AB31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655AB31000
|
| Size: |
36864
|
|
|
12E7A959000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1878628806.0000012E7A959000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A959000
|
| Size: |
40960
|
|
|
1B2B0DF1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1746315456.000001B2B0DF1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2B0DF1000
|
| Size: |
77824
|
|
|
7FFD9B784000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2502856423.00007FFD9B784000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B784000
|
| Size: |
4096
|
|
|
8C22D7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721295483.0000008C22D7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C22D7E000
|
| Size: |
8192
|
|
|
1C0F4BC9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2038495669.000001C0F4BC9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F4BC9000
|
| Size: |
12288
|
|
|
1C0DA955000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1910325167.000001C0DA955000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0DA955000
|
| Size: |
4096
|
|
|
1C0DC4D0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1917563051.000001C0DC4D0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1C0DC4D0000
|
| Size: |
4096
|
|
|
1B2B955F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1752812888.000001B2B955F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2B955F000
|
| Size: |
16384
|
|
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1755639337.00007FFD9BA90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA90000
|
| Size: |
16384
|
|
|
1B370000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2929290109.000000001B370000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B370000
|
| Size: |
327680
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| AV process strings found (often used to terminate AV products) |
Lowering of HIPS / PFW / Operating System Security Settings |
Security Software Discovery
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
7FFD9B960000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2312722137.00007FFD9B960000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B960000
|
| Size: |
45056
|
|
|
1C0DE2E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DE2E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DE2E0000
|
| Size: |
118784
|
|
|
12E6385F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783319483.0000012E6385F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E6385F000
|
| Size: |
778240
|
|
|
7FFD9B856000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000012.00000002.2592446244.00007FFD9B856000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B856000
|
| Size: |
4096
|
|
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2044136470.00007FFD9BA60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA60000
|
| Size: |
65536
|
|
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2310158711.00007FFD9B77D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B77D000
|
| Size: |
12288
|
|
|
12E606AC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1782050477.0000012E606AC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E606AC000
|
| Size: |
16384
|
|
|
7FFD9B773000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000012.00000002.2591424616.00007FFD9B773000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B773000
|
| Size: |
4096
|
|
|
1238000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2581242749.0000000001238000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1238000
|
| Size: |
4096
|
|
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2042513385.00007FFD9BA00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA00000
|
| Size: |
65536
|
|
|
7FFD9B940000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2312422323.00007FFD9B940000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B940000
|
| Size: |
24576
|
|
|
1C0F4BD7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2038495669.000001C0F4BD7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F4BD7000
|
| Size: |
8192
|
|
|
1BCAA000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2933754692.000000001BCAA000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BCAA000
|
| Size: |
24576
|
|
|
1AF5A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2928905389.000000001AF5A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1AF5A000
|
| Size: |
24576
|
|
|
7FFD9B783000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000010.00000002.2502819478.00007FFD9B783000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B783000
|
| Size: |
4096
|
|
|
1C0DA923000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1910325167.000001C0DA923000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0DA923000
|
| Size: |
163840
|
|
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1754428417.00007FFD9B9C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B9C0000
|
| Size: |
65536
|
|
|
12E7A8A9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1876687071.0000012E7A8A9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A8A9000
|
| Size: |
8192
|
|
|
2580000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2923762741.0000000002580000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2580000
|
| Size: |
4096
|
|
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1754951083.00007FFD9BA30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA30000
|
| Size: |
65536
|
|
|
12E7A552000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1873496187.0000012E7A552000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A552000
|
| Size: |
28672
|
|
|
BC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2497885612.0000000000BC0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BC0000
|
| Size: |
4096
|
|
|
7FFD9B890000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.2040135171.00007FFD9B890000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B890000
|
| Size: |
53248
|
|
|
7FFD9BAB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1883890867.00007FFD9BAB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAB0000
|
| Size: |
4096
|
|
|
47D207A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1909184375.00000047D207A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47D207A000
|
| Size: |
24576
|
|
|
16540A60000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2071928779.0000016540A60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16540A60000
|
| Size: |
16384
|
|
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2934747242.00007FFD9B774000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B774000
|
| Size: |
8192
|
|
|
1B2B953C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1752667022.000001B2B953C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2B953C000
|
| Size: |
4096
|
|
|
7FFD9BAD2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2045285856.00007FFD9BAD2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAD2000
|
| Size: |
4096
|
|
|
1C0F487F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2031373620.000001C0F487F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F487F000
|
| Size: |
8192
|
|
|
7FFD9B826000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1753336955.00007FFD9B826000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B826000
|
| Size: |
24576
|
|
|
1B8AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2933554269.000000001B8AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B8AE000
|
| Size: |
8192
|
|
|
E99000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2500612687.0000000000E99000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E99000
|
| Size: |
69632
|
|
|
1AB1D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2928842161.000000001AB1D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1AB1D000
|
| Size: |
12288
|
|
|
7FFD9B912000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2592580782.00007FFD9B912000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B912000
|
| Size: |
8192
|
|
|
165527C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2256933254.00000165527C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
165527C0000
|
| Size: |
4096
|
|
|
1655ACE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2309520643.000001655ACE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1655ACE0000
|
| Size: |
4096
|
|
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2043048155.00007FFD9BA20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA20000
|
| Size: |
65536
|
|
|
47D2DC9000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1909604134.00000047D2DC9000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47D2DC9000
|
| Size: |
28672
|
|
|
2CD0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000010.00000002.2501718463.0000000002CD0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
2CD0000
|
| Size: |
4096
|
|
|
12E61FD1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783319483.0000012E61FD1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E61FD1000
|
| Size: |
503808
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
16543500000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.0000016543500000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16543500000
|
| Size: |
393216
|
|
|
16540865000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2068163642.0000016540865000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16540865000
|
| Size: |
4096
|
|
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2379762424.00007FFD9B774000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B774000
|
| Size: |
4096
|
|
|
E38000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2499462881.0000000000E38000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E38000
|
| Size: |
4096
|
|
|
2DE1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2501792611.0000000002DE1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DE1000
|
| Size: |
40960
|
|
|
12E6066E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1782015904.0000012E6066E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E6066E000
|
| Size: |
20480
|
|
|
14FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2501612087.00000000014FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
14FF000
|
| Size: |
4096
|
|
|
7FFD9BAD9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1884013615.00007FFD9BAD9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAD9000
|
| Size: |
28672
|
|
|
1B2B91DB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1750617006.000001B2B91DB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2B91DB000
|
| Size: |
8192
|
|
|
25F5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2923795440.00000000025F5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
25F5000
|
| Size: |
53248
|
|
|
165408A4000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2068163642.00000165408A4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
165408A4000
|
| Size: |
4096
|
|
|
FA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2374667469.0000000000FA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FA0000
|
| Size: |
4096
|
|
|
12E604C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1781717263.0000012E604C0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E604C0000
|
| Size: |
4096
|
|
|
117340C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2067643176.000000117340C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
117340C000
|
| Size: |
16384
|
|
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1754643757.00007FFD9B9F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B9F0000
|
| Size: |
65536
|
|
|
1C0DA8F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1910298715.000001C0DA8F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0DA8F0000
|
| Size: |
4096
|
|
|
12E7A7E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1875962895.0000012E7A7E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A7E0000
|
| Size: |
147456
|
|
|
12E7A815000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1876602766.0000012E7A815000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A815000
|
| Size: |
8192
|
|
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2934882122.00007FFD9B780000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B780000
|
| Size: |
8192
|
|
|
12E6069A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1782050477.0000012E6069A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E6069A000
|
| Size: |
12288
|
|
|
7FFD9B954000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2040679376.00007FFD9B954000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B954000
|
| Size: |
12288
|
|
|
7FFD9B830000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2503313986.00007FFD9B830000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B830000
|
| Size: |
4096
|
|
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1880790900.00007FFD9B980000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B980000
|
| Size: |
65536
|
|
|
A70000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000F.00000002.2373992307.0000000000A70000.00000002.00000001.01000000.00000008.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
A70000
|
| Size: |
4096
|
|
|
7FFD9BAD8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1755807365.00007FFD9BAD8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAD8000
|
| Size: |
12288
|
|
|
7FFD9B79D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.2935298135.00007FFD9B79D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B79D000
|
| Size: |
4096
|
|
|
23A10BC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1781232019.00000023A10BC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23A10BC000
|
| Size: |
16384
|
|
|
1213000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2580706282.0000000001213000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1213000
|
| Size: |
57344
|
|
|
1B2B923C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1751261280.000001B2B923C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2B923C000
|
| Size: |
106496
|
|
|
1B16E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2929189491.000000001B16E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B16E000
|
| Size: |
8192
|
|
|
165435F2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2076420987.00000165435F2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
165435F2000
|
| Size: |
737280
|
|
|
12E608F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1782928523.0000012E608F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E608F0000
|
| Size: |
16384
|
|
|
243F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2587350207.000000000243F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
243F000
|
| Size: |
4096
|
|
|
7FFD9B78B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2310324845.00007FFD9B78B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B78B000
|
| Size: |
4096
|
|
|
1302000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000012.00000002.2583274027.0000000001302000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1302000
|
| Size: |
16384
|
|
|
1654087D000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2068163642.000001654087D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1654087D000
|
| Size: |
16384
|
|
|
8F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2917443037.00000000008F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8F1000
|
| Size: |
4096
|
|
|
1B2A0B50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722001346.000001B2A0B50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A0B50000
|
| Size: |
16384
|
|
|
1B31D000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2379108421.000000001B31D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B31D000
|
| Size: |
12288
|
|
|
16540820000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2068163642.0000016540820000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16540820000
|
| Size: |
28672
|
|
|
1202000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2501486271.0000000001202000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1202000
|
| Size: |
16384
|
|
|
7FFD9BAA3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2044997788.00007FFD9BAA3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAA3000
|
| Size: |
28672
|
|
|
7FFD9B92A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2040379870.00007FFD9B92A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B92A000
|
| Size: |
24576
|
|
|
1B29F148000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1721674052.000001B29F148000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B29F148000
|
| Size: |
36864
|
|
|
1B2B91E4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1750617006.000001B2B91E4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B2B91E4000
|
| Size: |
102400
|
|
|
13FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2377662710.00000000013FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
13FF000
|
| Size: |
4096
|
|
|
12E63397000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1783319483.0000012E63397000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E63397000
|
| Size: |
3911680
|
|
|
7FFD9BBD6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1891716178.00007FFD9BBD6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BBD6000
|
| Size: |
16384
|
|
|
E22000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2498607412.0000000000E22000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E22000
|
| Size: |
32768
|
|
|
12E7A7C3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1875962895.0000012E7A7C3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E7A7C3000
|
| Size: |
114688
|
|
|
1C0DD575000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DD575000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DD575000
|
| Size: |
172032
|
|
|
7FFD9B930000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2312384728.00007FFD9B930000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B930000
|
| Size: |
4096
|
|
|
12E722C2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1854477434.0000012E722C2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12E722C2000
|
| Size: |
4096
|
|
|
165409F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2071834248.00000165409F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
165409F0000
|
| Size: |
8192
|
|
|
15F0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000012.00000002.2585303301.00000000015F0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
18
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
15F0000
|
| Size: |
4096
|
|
|
1B5D0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000010.00000002.2502438904.000000001B5D0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1B5D0000
|
| Size: |
4096
|
|
|
E2B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000010.00000002.2498607412.0000000000E2B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
16
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E2B000
|
| Size: |
4096
|
|
|
1C0EC8E6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2014105281.000001C0EC8E6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0EC8E6000
|
| Size: |
647168
|
|
|
7FFD9BB80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2046547247.00007FFD9BB80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BB80000
|
| Size: |
32768
|
|
|
1C0DA8D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1909964392.000001C0DA8D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0DA8D5000
|
| Size: |
40960
|
|
|
165422C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2072435032.00000165422C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
165422C0000
|
| Size: |
12288
|
|
|
117338E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2067577011.000000117338E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
117338E000
|
| Size: |
8192
|
|
|
103E000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2375448232.000000000103E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
103E000
|
| Size: |
4096
|
|
|
7FFD9BBC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1891563504.00007FFD9BBC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BBC0000
|
| Size: |
36864
|
|
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1883648644.00007FFD9BA90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA90000
|
| Size: |
61440
|
|
|
1C0DCF31000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DCF31000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DCF31000
|
| Size: |
1744896
|
|
|
7FFD9BAC4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2318369256.00007FFD9BAC4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BAC4000
|
| Size: |
4096
|
|
|
165422E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2072805550.00000165422E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
165422E0000
|
| Size: |
65536
|
|
|
1B2A1A31000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1722348335.000001B2A1A31000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B2A1A31000
|
| Size: |
839680
|
|
|
1C0F4B83000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.2037973133.000001C0F4B83000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C0F4B83000
|
| Size: |
4096
|
|
|
1C0DD4E5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1917701450.000001C0DD4E5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1C0DD4E5000
|
| Size: |
176128
|
|
|
7FFD9B7CC000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000B.00000002.2310703695.00007FFD9B7CC000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFD9B7CC000
|
| Size: |
4096
|
|
|
117227E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2065730684.000000117227E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
117227E000
|
| Size: |
8192
|
|
|
23A1A8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1781266123.00000023A1A8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23A1A8E000
|
| Size: |
8192
|
|
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1754716514.00007FFD9BA00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9BA00000
|
| Size: |
65536
|
|
|
2678000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.2923795440.0000000002678000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2678000
|
| Size: |
4096
|
|
|
7FFD9B921000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000B.00000002.2312113430.00007FFD9B921000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFD9B921000
|
| Size: |
32768
|
|
