4F0000
|
direct allocation
|
page execute and read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000000.00000002.2462698435.00000000004F0000.00000040.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page execute and read and write
|
Base address: |
4F0000
|
Size: |
126976
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found malware configuration |
AV Detection |
|
Malicious sample detected (through community Yara rule) |
System Summary |
|
Yara detected Vidar stealer |
Stealing of Sensitive Information, Remote Access Functionality |
|
Yara signature match |
System Summary |
|
URLs found in memory or binary data |
Networking |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
2130000
|
direct allocation
|
page read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000000.00000003.1717459897.0000000002130000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
2130000
|
Size: |
122880
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Malicious sample detected (through community Yara rule) |
System Summary |
|
Yara detected Vidar stealer |
Stealing of Sensitive Information, Remote Access Functionality |
|
Yara signature match |
System Summary |
|
URLs found in memory or binary data |
Networking |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
5A0000
|
heap
|
page read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000000.00000003.1779713244.00000000005A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5A0000
|
Size: |
266240
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected Vidar stealer |
Stealing of Sensitive Information, Remote Access Functionality |
|
URLs found in memory or binary data |
Networking |
|
|
400000
|
unkown
|
page execute and read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000000.00000002.2462388658.0000000000400000.00000040.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page execute and read and write
|
Base address: |
400000
|
Size: |
126976
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Malicious sample detected (through community Yara rule) |
System Summary |
|
Yara detected Vidar stealer |
Stealing of Sensitive Information, Remote Access Functionality |
|
Yara signature match |
System Summary |
|
URLs found in memory or binary data |
Networking |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
3432000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003432000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3432000
|
Size: |
8192
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863509129.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1874099994.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
4F08006F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1854354601.00004F08006F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F08006F0000
|
Size: |
49152
|
|
4F0800754000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1855003894.00004F0800754000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800754000
|
Size: |
110592
|
|
1D254D3C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1861082172.000001D254D3C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3C000
|
Size: |
8192
|
|
610000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463020570.0000000000610000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
610000
|
Size: |
16384
|
|
62C800FC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1882138980.000062C800FC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800FC0000
|
Size: |
4096
|
|
358D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.000000000358D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
358D000
|
Size: |
4096
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1871285845.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
8192
|
|
62C800CEC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1874973955.000062C800CEC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800CEC000
|
Size: |
12288
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1870179229.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
8192
|
|
7D74002BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1834434169.00007D74002BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D74002BC000
|
Size: |
4096
|
|
5EC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1749755775.00000000005EC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5EC000
|
Size: |
4096
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1871285845.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
62C80034C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1880377567.000062C80034C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80034C000
|
Size: |
16384
|
|
62C80039C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1874798201.000062C80039C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80039C000
|
Size: |
69632
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
62C801A94000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901428832.000062C801A94000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801A94000
|
Size: |
16384
|
|
62C800360000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1882210783.000062C800360000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800360000
|
Size: |
12288
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863932674.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
1D254D53000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1877511182.000001D254D53000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D53000
|
Size: |
8192
|
|
30E4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.00000000030E4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
30E4000
|
Size: |
12288
|
|
62C801B84000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1903565535.000062C801B84000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801B84000
|
Size: |
20480
|
|
62C800A9C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1900550710.000062C800A9C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800A9C000
|
Size: |
65536
|
|
30D1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1833973736.00000000030D1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
30D1000
|
Size: |
4096
|
|
62C8018D4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1899914376.000062C8018D4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8018D4000
|
Size: |
106496
|
|
4F0800714000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1854316170.00004F0800714000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800714000
|
Size: |
53248
|
|
47B7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467536704.00000000047B7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
47B7000
|
Size: |
4096
|
|
1D254D47000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1874054702.000001D254D47000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D47000
|
Size: |
16384
|
|
428000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000000.1712200028.0000000000428000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
428000
|
Size: |
12288
|
|
62C8002A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1875212310.000062C8002A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8002A4000
|
Size: |
16384
|
|
345B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.000000000345B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
345B000
|
Size: |
4096
|
|
3195000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.0000000003195000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3195000
|
Size: |
98304
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
62C800354000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1883830013.000062C800354000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800354000
|
Size: |
36864
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1867618819.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
190000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2462168471.0000000000190000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
190000
|
Size: |
57344
|
|
7D74002BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1834498047.00007D74002BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D74002BC000
|
Size: |
4096
|
|
1D254D2F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1860846257.000001D254D2F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D2F000
|
Size: |
12288
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863386537.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
62C801838000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906594627.000062C801838000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801838000
|
Size: |
167936
|
|
523000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2462845428.0000000000523000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
523000
|
Size: |
73728
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Malicious sample detected (through community Yara rule) |
System Summary |
|
Yara signature match |
System Summary |
|
|
62C801B54000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1902823142.000062C801B54000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801B54000
|
Size: |
24576
|
|
36F7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466221108.00000000036F7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
36F7000
|
Size: |
4096
|
|
37A2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466221108.00000000037A2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
37A2000
|
Size: |
4096
|
|
47CC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467536704.00000000047CC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
47CC000
|
Size: |
4096
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1864077004.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
62C801734000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906078377.000062C801734000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801734000
|
Size: |
61440
|
|
428000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000002.2462521091.0000000000428000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
428000
|
Size: |
12288
|
|
1D255292000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1896810466.000001D255292000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D255292000
|
Size: |
4096
|
|
7D74002C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1834509457.00007D74002C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D74002C0000
|
Size: |
4096
|
|
62C80174C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905881914.000062C80174C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80174C000
|
Size: |
16384
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1867788430.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
62C800FA4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1879681058.000062C800FA4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800FA4000
|
Size: |
53248
|
|
62C8017C4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1907515196.000062C8017C4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8017C4000
|
Size: |
49152
|
|
7D74002B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1836899773.00007D74002B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D74002B0000
|
Size: |
4096
|
|
62C8001AC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1859121510.000062C8001AC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8001AC000
|
Size: |
4096
|
|
1D254D63000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1879947238.000001D254D63000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D63000
|
Size: |
16384
|
|
62C801048000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1880799236.000062C801048000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801048000
|
Size: |
53248
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1864312665.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
62C800220000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1857285349.000062C800220000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800220000
|
Size: |
16384
|
|
3B9D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466697440.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3B9D000
|
Size: |
4096
|
|
1D254D5F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1875438297.000001D254D5F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D5F000
|
Size: |
12288
|
|
358A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.000000000358A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
358A000
|
Size: |
8192
|
|
38B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466221108.00000000038B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
38B0000
|
Size: |
24576
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1861082172.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863728665.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1873407630.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
33F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464688299.00000000033F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
33F0000
|
Size: |
151552
|
|
62C801790000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906297286.000062C801790000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801790000
|
Size: |
61440
|
|
62C801B14000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1902472469.000062C801B14000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801B14000
|
Size: |
16384
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1866254169.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
62C8001B4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1858160165.000062C8001B4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8001B4000
|
Size: |
16384
|
|
62C801700000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905318967.000062C801700000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801700000
|
Size: |
274432
|
|
4F08006CC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1854016973.00004F08006CC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F08006CC000
|
Size: |
94208
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865503083.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
62C80164C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904754434.000062C80164C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80164C000
|
Size: |
126976
|
|
4F0800758000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1855053157.00004F0800758000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800758000
|
Size: |
94208
|
|
62C800C5C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1899803578.000062C800C5C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800C5C000
|
Size: |
32768
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
34FE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.00000000034FE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
34FE000
|
Size: |
12288
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1873863767.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
8192
|
|
1D254D2D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1867762460.000001D254D2D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D2D000
|
Size: |
16384
|
|
1D254D46000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868493691.000001D254D46000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D46000
|
Size: |
12288
|
|
62C80034C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1860602116.000062C80034C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80034C000
|
Size: |
8192
|
|
419F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467049850.000000000419F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
419F000
|
Size: |
4096
|
|
7D74002A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1834401995.00007D74002A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D74002A0000
|
Size: |
4096
|
|
22C0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463344392.00000000022C0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22C0000
|
Size: |
45056
|
|
42B000
|
unkown
|
page write copy
|
|
|
|
Name: |
00000000.00000000.1712226346.000000000042B000.00000008.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page write copy
|
Base address: |
42B000
|
Size: |
8192
|
|
348F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.000000000348F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
348F000
|
Size: |
20480
|
|
7D7400248000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1834075824.00007D7400248000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D7400248000
|
Size: |
4096
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865400542.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1866329360.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
62C801350000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1894981703.000062C801350000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801350000
|
Size: |
380928
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
5F2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1833915282.00000000005F2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5F2000
|
Size: |
4096
|
|
47C1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467536704.00000000047C1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
47C1000
|
Size: |
4096
|
|
62C800C5C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1882702453.000062C800C5C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800C5C000
|
Size: |
32768
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863386537.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1870179229.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
2E1F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463727942.0000000002E1F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E1F000
|
Size: |
4096
|
|
62C8016AC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905157836.000062C8016AC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8016AC000
|
Size: |
61440
|
|
41EA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467049850.00000000041EA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
41EA000
|
Size: |
4096
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1866134956.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
62C800C5C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1877384563.000062C800C5C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800C5C000
|
Size: |
12288
|
|
62C8013BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1897162196.000062C8013BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8013BC000
|
Size: |
32768
|
|
62C801888000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1907552447.000062C801888000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801888000
|
Size: |
16384
|
|
62C801894000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1907578706.000062C801894000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801894000
|
Size: |
61440
|
|
62C800F98000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1878686669.000062C800F98000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800F98000
|
Size: |
4096
|
|
62C801058000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1894585320.000062C801058000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801058000
|
Size: |
102400
|
|
1D254D4F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1877511182.000001D254D4F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D4F000
|
Size: |
12288
|
|
2E71000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1808704327.0000000002E71000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E71000
|
Size: |
65536
|
|
5A2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1749811268.00000000005A2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5A2000
|
Size: |
258048
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1D254D47000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1861561412.000001D254D47000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D47000
|
Size: |
4096
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863590044.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
62C801744000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905745197.000062C801744000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801744000
|
Size: |
208896
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1873863767.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
401000
|
unkown
|
page execute read
|
|
|
|
Name: |
00000000.00000000.1712124765.0000000000401000.00000020.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page execute read
|
Base address: |
401000
|
Size: |
40960
|
|
62C801A98000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901396060.000062C801A98000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801A98000
|
Size: |
73728
|
|
62C800F98000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1882366934.000062C800F98000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800F98000
|
Size: |
36864
|
|
62C8002AC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1899861313.000062C8002AC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8002AC000
|
Size: |
20480
|
|
5F4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1833915282.00000000005F4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5F4000
|
Size: |
4096
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868493691.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
62C8010A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1880918811.000062C8010A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8010A8000
|
Size: |
28672
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865779241.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868742434.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1873643490.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
62C8017A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906204458.000062C8017A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8017A8000
|
Size: |
69632
|
|
62C801058000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1899986800.000062C801058000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801058000
|
Size: |
106496
|
|
62C801C44000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1910101203.000062C801C44000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801C44000
|
Size: |
12288
|
|
3438000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003438000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3438000
|
Size: |
4096
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1864993295.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868279018.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
62C80175C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906232142.000062C80175C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80175C000
|
Size: |
110592
|
|
3540000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003540000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3540000
|
Size: |
4096
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1866711739.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
62C8001AC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1857099747.000062C8001AC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8001AC000
|
Size: |
4096
|
|
62C800FA4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1899296890.000062C800FA4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800FA4000
|
Size: |
53248
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
62C8017A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906143973.000062C8017A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8017A0000
|
Size: |
102400
|
|
2E71000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1829654617.0000000002E71000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E71000
|
Size: |
229376
|
|
62C801698000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905133389.000062C801698000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801698000
|
Size: |
49152
|
|
62C80100C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1880668967.000062C80100C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80100C000
|
Size: |
94208
|
|
3525000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003525000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3525000
|
Size: |
12288
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863964715.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
3C65000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466697440.0000000003C65000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3C65000
|
Size: |
4096
|
|
9B000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2462136231.000000000009B000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
9B000
|
Size: |
20480
|
|
62C801350000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1894838034.000062C801350000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801350000
|
Size: |
380928
|
|
4F0800624000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1853673785.00004F0800624000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800624000
|
Size: |
49152
|
|
4F080035C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1852975518.00004F080035C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F080035C000
|
Size: |
24576
|
|
62C8011C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1893924939.000062C8011C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8011C8000
|
Size: |
16384
|
|
62C800314000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1860360862.000062C800314000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800314000
|
Size: |
12288
|
|
30E2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.00000000030E2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
30E2000
|
Size: |
4096
|
|
62C800C65000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1899803578.000062C800C65000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800C65000
|
Size: |
16384
|
|
617000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1917272473.0000000000617000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
617000
|
Size: |
4096
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865779241.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
62C8002AA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1875212310.000062C8002AA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8002AA000
|
Size: |
12288
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1861958371.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
1D254D46000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1873407630.000001D254D46000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D46000
|
Size: |
20480
|
|
62C8016E8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905820380.000062C8016E8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8016E8000
|
Size: |
61440
|
|
62C800320000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1859021987.000062C800320000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800320000
|
Size: |
4096
|
|
62C800F74000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1882366934.000062C800F74000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800F74000
|
Size: |
139264
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2B7E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463644175.0000000002B7E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2B7E000
|
Size: |
8192
|
|
46CC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467536704.00000000046CC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
46CC000
|
Size: |
4096
|
|
3454000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003454000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3454000
|
Size: |
8192
|
|
62C801AEC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901910988.000062C801AEC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801AEC000
|
Size: |
110592
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1870179229.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
8192
|
|
4701000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467536704.0000000004701000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4701000
|
Size: |
4096
|
|
62C8017C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906325634.000062C8017C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8017C0000
|
Size: |
143360
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1864212768.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
1D254D47000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1874254962.000001D254D47000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D47000
|
Size: |
16384
|
|
62C8003B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1879217771.000062C8003B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8003B0000
|
Size: |
151552
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found strings which match to known social media urls |
Networking |
|
|
4F0800620000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1853382372.00004F0800620000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800620000
|
Size: |
126976
|
|
3544000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003544000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3544000
|
Size: |
4096
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865756871.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
4F0800320000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1853008940.00004F0800320000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800320000
|
Size: |
4096
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1862036934.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
62C800A30000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1879596275.000062C800A30000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800A30000
|
Size: |
36864
|
|
42B000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2462551498.000000000042B000.00000004.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
42B000
|
Size: |
8192
|
|
62C801718000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905624228.000062C801718000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801718000
|
Size: |
176128
|
|
62C800360000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1883767097.000062C800360000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800360000
|
Size: |
32768
|
|
62C8019D8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901714730.000062C8019D8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8019D8000
|
Size: |
49152
|
|
62C801984000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1899572403.000062C801984000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801984000
|
Size: |
65536
|
|
62C801C0C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1900682716.000062C801C0C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801C0C000
|
Size: |
114688
|
|
62C800218000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1857316533.000062C800218000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800218000
|
Size: |
16384
|
|
4EAC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2468128937.0000000004EAC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4EAC000
|
Size: |
16384
|
|
62C8001E8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1857443328.000062C8001E8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8001E8000
|
Size: |
16384
|
|
1D254D62000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1875367900.000001D254D62000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D62000
|
Size: |
16384
|
|
62C801308000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1900326820.000062C801308000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801308000
|
Size: |
143360
|
|
1D254D30000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1860682028.000001D254D30000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D30000
|
Size: |
8192
|
|
1D254D49000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1880102434.000001D254D49000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D49000
|
Size: |
8192
|
|
3923000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466221108.0000000003923000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3923000
|
Size: |
229376
|
|
62C801554000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1903662110.000062C801554000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801554000
|
Size: |
77824
|
|
4F0800390000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1853078962.00004F0800390000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800390000
|
Size: |
372736
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
62C8015EC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904209523.000062C8015EC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8015EC000
|
Size: |
49152
|
|
62C801B0C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1902052401.000062C801B0C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801B0C000
|
Size: |
98304
|
|
1D255294000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1896810466.000001D255294000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D255294000
|
Size: |
118784
|
|
1D254D35000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1861006500.000001D254D35000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D35000
|
Size: |
16384
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863386537.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868279018.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
7D74002C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1838327169.00007D74002C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D74002C8000
|
Size: |
4096
|
|
62C80020C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1857368735.000062C80020C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80020C000
|
Size: |
16384
|
|
46E1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467536704.00000000046E1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
46E1000
|
Size: |
4096
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865591314.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
62C800D24000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1883085265.000062C800D24000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800D24000
|
Size: |
16384
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
402A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467049850.000000000402A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
402A000
|
Size: |
4096
|
|
62C801984000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1899914376.000062C801984000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801984000
|
Size: |
65536
|
|
1D254D6E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1879981894.000001D254D6E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D6E000
|
Size: |
4096
|
|
62C801A5C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901126848.000062C801A5C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801A5C000
|
Size: |
110592
|
|
34DB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.00000000034DB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
34DB000
|
Size: |
4096
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1862532088.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1862155738.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865856077.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
1D254D65000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1877511182.000001D254D65000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D65000
|
Size: |
8192
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1864993295.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
62C800D34000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1877540090.000062C800D34000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800D34000
|
Size: |
16384
|
|
62C80034C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1885622245.000062C80034C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80034C000
|
Size: |
8192
|
|
3579000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003579000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3579000
|
Size: |
8192
|
|
1D254D39000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1880172188.000001D254D39000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D39000
|
Size: |
20480
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865616009.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
51E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2462743257.000000000051E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
51E000
|
Size: |
20480
|
|
62C801AA4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905420926.000062C801AA4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801AA4000
|
Size: |
24576
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863709959.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
62C801884000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1907045814.000062C801884000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801884000
|
Size: |
126976
|
|
62C801A24000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901054332.000062C801A24000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801A24000
|
Size: |
61440
|
|
62C8015D4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904167219.000062C8015D4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8015D4000
|
Size: |
77824
|
|
1D254D4C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1880102434.000001D254D4C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D4C000
|
Size: |
40960
|
|
62C800228000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1857138765.000062C800228000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800228000
|
Size: |
274432
|
|
62C8001D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1857534713.000062C8001D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8001D0000
|
Size: |
16384
|
|
62C801784000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1907240168.000062C801784000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801784000
|
Size: |
49152
|
|
62C801778000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905993331.000062C801778000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801778000
|
Size: |
159744
|
|
1D254D2D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1866158020.000001D254D2D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D2D000
|
Size: |
16384
|
|
62C8015F4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904396926.000062C8015F4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8015F4000
|
Size: |
16384
|
|
62C801618000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904847811.000062C801618000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801618000
|
Size: |
49152
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863614740.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
343D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.000000000343D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
343D000
|
Size: |
4096
|
|
1D254D6E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1879189595.000001D254D6E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D6E000
|
Size: |
4096
|
|
62C801AD4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901741963.000062C801AD4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801AD4000
|
Size: |
208896
|
|
4000000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467049850.0000000004000000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4000000
|
Size: |
4096
|
|
62C80141C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1895207480.000062C80141C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80141C000
|
Size: |
24576
|
|
4F08006E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1855199102.00004F08006E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F08006E0000
|
Size: |
12288
|
|
1D254D7F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1879612994.000001D254D7F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D7F000
|
Size: |
8192
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1873407630.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
1D254D46000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1879877760.000001D254D46000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D46000
|
Size: |
8192
|
|
3330000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.2201247249.0000000003330000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3330000
|
Size: |
159744
|
|
1D254D2D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1867104224.000001D254D2D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D2D000
|
Size: |
16384
|
|
2E70000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463774700.0000000002E70000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E70000
|
Size: |
221184
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863386537.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
62C800C65000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1877384563.000062C800C65000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800C65000
|
Size: |
16384
|
|
4F080060C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1853694851.00004F080060C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F080060C000
|
Size: |
16384
|
|
4F08006B8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1854036061.00004F08006B8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F08006B8000
|
Size: |
65536
|
|
62C800A9C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1874868227.000062C800A9C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800A9C000
|
Size: |
69632
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1F0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2374300284.00000000001F0000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1F0000
|
Size: |
4096
|
|
1D254D5F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1875295225.000001D254D5F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D5F000
|
Size: |
28672
|
|
5E2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1735823873.00000000005E2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5E2000
|
Size: |
28672
|
|
4DAC000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2468096924.0000000004DAC000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
4DAC000
|
Size: |
16384
|
|
518000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2462743257.0000000000518000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
518000
|
Size: |
16384
|
|
4F0800788000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1853310475.00004F0800788000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800788000
|
Size: |
4096
|
|
62C801A78000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901359693.000062C801A78000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801A78000
|
Size: |
65536
|
|
1D254D47000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1873350526.000001D254D47000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D47000
|
Size: |
16384
|
|
62C801308000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1894838034.000062C801308000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801308000
|
Size: |
135168
|
|
318F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.000000000318F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
318F000
|
Size: |
8192
|
|
1D254D3A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1861006500.000001D254D3A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3A000
|
Size: |
16384
|
|
62C80186C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906928373.000062C80186C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80186C000
|
Size: |
225280
|
|
62C80171C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906436368.000062C80171C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80171C000
|
Size: |
49152
|
|
62C800C60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1875524789.000062C800C60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800C60000
|
Size: |
16384
|
|
30B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.00000000030B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
30B0000
|
Size: |
135168
|
|
62C80039C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1900505812.000062C80039C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80039C000
|
Size: |
65536
|
|
5E8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1779674557.00000000005E8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5E8000
|
Size: |
20480
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863839799.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
1D254D60000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1877511182.000001D254D60000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D60000
|
Size: |
16384
|
|
62C8016A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904953127.000062C8016A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8016A4000
|
Size: |
94208
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863262243.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1867618819.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
62C800A30000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1882296278.000062C800A30000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800A30000
|
Size: |
36864
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
3464000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003464000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3464000
|
Size: |
8192
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1867788430.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
350C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.000000000350C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
350C000
|
Size: |
16384
|
|
1D254D53000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1877284995.000001D254D53000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D53000
|
Size: |
8192
|
|
62C801ACC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901613731.000062C801ACC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801ACC000
|
Size: |
241664
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1866329360.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
62C800FC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1882493011.000062C800FC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800FC0000
|
Size: |
4096
|
|
62C801A20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1900937489.000062C801A20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801A20000
|
Size: |
77824
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863728665.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
46B7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467536704.00000000046B7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
46B7000
|
Size: |
4096
|
|
4F080040C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1854856679.00004F080040C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F080040C000
|
Size: |
4096
|
|
62C801B4C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1902612282.000062C801B4C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801B4C000
|
Size: |
57344
|
|
62C801A4C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901173786.000062C801A4C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801A4C000
|
Size: |
61440
|
|
62C8012A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1883211731.000062C8012A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8012A8000
|
Size: |
53248
|
|
4F080033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1855240546.00004F080033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F080033C000
|
Size: |
8192
|
|
2CE0000
|
remote allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1720561827.0000000002CE0000.00000004.00000400.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
remote allocation
|
Protect: |
page read and write
|
Base address: |
2CE0000
|
Size: |
4096
|
|
62C801AC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901541071.000062C801AC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801AC0000
|
Size: |
16384
|
|
7D74002E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1838358343.00007D74002E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D74002E4000
|
Size: |
4096
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
62C8002F4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1858937426.000062C8002F4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8002F4000
|
Size: |
4096
|
|
62C801058000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1880846473.000062C801058000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801058000
|
Size: |
98304
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
352C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.000000000352C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
352C000
|
Size: |
20480
|
|
62C800D3C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1884226241.000062C800D3C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800D3C000
|
Size: |
61440
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
62C801A0C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1900806402.000062C801A0C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801A0C000
|
Size: |
159744
|
|
62C801CAD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1909238507.000062C801CAD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801CAD000
|
Size: |
24576
|
|
62C80039C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1878563352.000062C80039C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80039C000
|
Size: |
61440
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found strings which match to known social media urls |
Networking |
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1861455534.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
24576
|
|
62C8018B8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1907608205.000062C8018B8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8018B8000
|
Size: |
77824
|
|
1D254D28000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1860954004.000001D254D28000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D28000
|
Size: |
8192
|
|
14C000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2374249153.000000000014C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
14C000
|
Size: |
16384
|
|
4F0800704000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1854334877.00004F0800704000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800704000
|
Size: |
61440
|
|
313A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.000000000313A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
313A000
|
Size: |
16384
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1861455534.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
8192
|
|
3516000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003516000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3516000
|
Size: |
4096
|
|
62C8014A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1900119264.000062C8014A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8014A4000
|
Size: |
651264
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865779241.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
5E1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1779674557.00000000005E1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5E1000
|
Size: |
4096
|
|
62C801B9C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1900596447.000062C801B9C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801B9C000
|
Size: |
49152
|
|
62C801630000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904700620.000062C801630000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801630000
|
Size: |
61440
|
|
1D254D65000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1878278224.000001D254D65000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D65000
|
Size: |
8192
|
|
62C800D70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1878034911.000062C800D70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800D70000
|
Size: |
32768
|
|
62C800210000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1857348758.000062C800210000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800210000
|
Size: |
16384
|
|
4F0800424000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1858262726.00004F0800424000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800424000
|
Size: |
4096
|
|
62C8001D4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1857520105.000062C8001D4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8001D4000
|
Size: |
16384
|
|
3568000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003568000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3568000
|
Size: |
12288
|
|
62C801574000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1903957777.000062C801574000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801574000
|
Size: |
81920
|
|
62C801074000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1881136020.000062C801074000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801074000
|
Size: |
159744
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
5373000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.2252033087.0000000005373000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5373000
|
Size: |
5242880
|
|
4F08006D4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1854129068.00004F08006D4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F08006D4000
|
Size: |
61440
|
|
62C800F98000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1907694397.000062C800F98000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800F98000
|
Size: |
36864
|
|
62C8017E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906635556.000062C8017E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8017E4000
|
Size: |
49152
|
|
62C800C98000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1874759835.000062C800C98000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800C98000
|
Size: |
28672
|
|
62C8019E8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1900872721.000062C8019E8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8019E8000
|
Size: |
61440
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1862532088.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
62C80204F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1910153054.000062C80204F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80204F000
|
Size: |
335872
|
|
62C800D3C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1881777069.000062C800D3C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800D3C000
|
Size: |
20480
|
|
62C80160C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904820863.000062C80160C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80160C000
|
Size: |
98304
|
|
62C8019A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1900302660.000062C8019A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8019A4000
|
Size: |
4096
|
|
62C8013B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1897203339.000062C8013B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8013B0000
|
Size: |
45056
|
|
62C800B84000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1874593789.000062C800B84000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800B84000
|
Size: |
36864
|
|
2CE0000
|
remote allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1720598356.0000000002CE0000.00000004.00000400.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
remote allocation
|
Protect: |
page read and write
|
Base address: |
2CE0000
|
Size: |
4096
|
|
1D254D2D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1860762955.000001D254D2D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D2D000
|
Size: |
4096
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1867618819.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
62C801568000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1903717307.000062C801568000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801568000
|
Size: |
208896
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863839799.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
2B3C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463617594.0000000002B3C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2B3C000
|
Size: |
16384
|
|
62C800A30000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1876407239.000062C800A30000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800A30000
|
Size: |
4096
|
|
62C801544000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1903623264.000062C801544000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801544000
|
Size: |
143360
|
|
62C8003B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1882875500.000062C8003B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8003B0000
|
Size: |
290816
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
4F08006FC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1854207996.00004F08006FC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F08006FC000
|
Size: |
94208
|
|
1D254D47000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1873799853.000001D254D47000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D47000
|
Size: |
16384
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1866711739.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
40DF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467049850.00000000040DF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
40DF000
|
Size: |
4096
|
|
4F0800688000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1853867837.00004F0800688000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800688000
|
Size: |
65536
|
|
21BE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463281123.00000000021BE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
21BE000
|
Size: |
8192
|
|
62C80172C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905684359.000062C80172C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80172C000
|
Size: |
94208
|
|
1D254D46000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1872672859.000001D254D46000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D46000
|
Size: |
20480
|
|
7D74002BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1834522613.00007D74002BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D74002BC000
|
Size: |
4096
|
|
62C801844000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906905121.000062C801844000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801844000
|
Size: |
49152
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863614740.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
570000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2374438860.0000000000570000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
570000
|
Size: |
20480
|
|
62C801108000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1882995937.000062C801108000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801108000
|
Size: |
356352
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
615000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463020570.0000000000615000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
615000
|
Size: |
16384
|
|
4721000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467536704.0000000004721000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4721000
|
Size: |
4096
|
|
62C800D24000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1878113246.000062C800D24000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800D24000
|
Size: |
16384
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
62C800338000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1859050211.000062C800338000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800338000
|
Size: |
4096
|
|
62C801984000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1900426389.000062C801984000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801984000
|
Size: |
65536
|
|
4F08006E8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1854183193.00004F08006E8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F08006E8000
|
Size: |
176128
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863839799.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
62C801048000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1897266592.000062C801048000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801048000
|
Size: |
53248
|
|
1D254D3C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1860732196.000001D254D3C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3C000
|
Size: |
8192
|
|
62C80158C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904108867.000062C80158C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80158C000
|
Size: |
61440
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1864212768.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1862036934.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
62C800D3C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1878160320.000062C800D3C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800D3C000
|
Size: |
61440
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868047767.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
62C801704000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905379861.000062C801704000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801704000
|
Size: |
258048
|
|
510000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2462743257.0000000000510000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
510000
|
Size: |
28672
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1874099994.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
62C801820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1907361530.000062C801820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801820000
|
Size: |
61440
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1880172188.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
32768
|
|
420000
|
unkown
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2462388658.0000000000420000.00000040.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page execute and read and write
|
Base address: |
420000
|
Size: |
8192
|
|
62C80129C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1883126212.000062C80129C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80129C000
|
Size: |
16384
|
|
62C800FA4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1880767004.000062C800FA4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800FA4000
|
Size: |
53248
|
|
1D254D61000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1875215448.000001D254D61000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D61000
|
Size: |
4096
|
|
28EE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463536788.00000000028EE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
28EE000
|
Size: |
8192
|
|
1D254D4A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868493691.000001D254D4A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D4A000
|
Size: |
8192
|
|
617000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1808722471.0000000000617000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
617000
|
Size: |
8192
|
|
62C800214000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1857333677.000062C800214000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800214000
|
Size: |
16384
|
|
62C80170C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905483781.000062C80170C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80170C000
|
Size: |
225280
|
|
3878000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466221108.0000000003878000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3878000
|
Size: |
225280
|
|
62C801058000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1917306190.000062C801058000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801058000
|
Size: |
102400
|
|
1D254D2D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868247322.000001D254D2D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D2D000
|
Size: |
16384
|
|
62C8015A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904433273.000062C8015A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8015A8000
|
Size: |
49152
|
|
62C801868000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906867685.000062C801868000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801868000
|
Size: |
241664
|
|
62C801B38000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1902544819.000062C801B38000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801B38000
|
Size: |
61440
|
|
62C801B3C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1902579356.000062C801B3C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801B3C000
|
Size: |
45056
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863262243.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
7D74002D8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1838345733.00007D74002D8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D74002D8000
|
Size: |
4096
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
4F0800330000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1852597575.00004F0800330000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800330000
|
Size: |
4096
|
|
592000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2462880776.0000000000592000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
592000
|
Size: |
479232
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found many strings related to Crypto-Wallets (likely being stolen) |
Stealing of Sensitive Information |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
URLs found in memory or binary data |
Networking |
|
|
366B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466083369.000000000366B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
366B000
|
Size: |
12288
|
|
1D254D62000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1878278224.000001D254D62000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D62000
|
Size: |
8192
|
|
62C800314000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1907854828.000062C800314000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800314000
|
Size: |
8192
|
|
5E8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1763490089.00000000005E8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5E8000
|
Size: |
12288
|
|
30FB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.00000000030FB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
30FB000
|
Size: |
4096
|
|
62C801428000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1917251737.000062C801428000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801428000
|
Size: |
53248
|
|
62C801780000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906048722.000062C801780000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801780000
|
Size: |
126976
|
|
4F0800380000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1853230168.00004F0800380000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800380000
|
Size: |
65536
|
|
19F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2462168471.000000000019F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
19F000
|
Size: |
4096
|
|
575000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2462880776.0000000000575000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
575000
|
Size: |
114688
|
|
62C8001F8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1857382552.000062C8001F8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8001F8000
|
Size: |
16384
|
|
62C801BEC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1900596447.000062C801BEC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801BEC000
|
Size: |
49152
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1867342555.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
3230000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.2252374414.0000000003230000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3230000
|
Size: |
20480
|
|
34DE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.00000000034DE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
34DE000
|
Size: |
8192
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1862532088.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
8192
|
|
2C7D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463672850.0000000002C7D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2C7D000
|
Size: |
12288
|
|
62C8017D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906355142.000062C8017D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8017D0000
|
Size: |
77824
|
|
62C80000C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1855054436.000062C80000C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80000C000
|
Size: |
4096
|
|
62C8017F8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906462277.000062C8017F8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8017F8000
|
Size: |
16384
|
|
62C801650000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905597947.000062C801650000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801650000
|
Size: |
49152
|
|
4796000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467536704.0000000004796000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4796000
|
Size: |
8192
|
|
62C800EF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1878005316.000062C800EF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800EF0000
|
Size: |
4096
|
|
62C800D34000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1875465491.000062C800D34000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800D34000
|
Size: |
16384
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1873407630.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
8192
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1864077004.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
1D2552D3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1897006832.000001D2552D3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D2552D3000
|
Size: |
61440
|
|
550000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2374417045.0000000000550000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
550000
|
Size: |
4096
|
|
62C8019E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1900771287.000062C8019E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8019E4000
|
Size: |
77824
|
|
7D74002BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1834473763.00007D74002BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D74002BC000
|
Size: |
4096
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868279018.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
1D254D47000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1872251790.000001D254D47000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D47000
|
Size: |
16384
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868742434.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
1D254D60000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1876559255.000001D254D60000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D60000
|
Size: |
28672
|
|
62C800E6C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1878213597.000062C800E6C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800E6C000
|
Size: |
36864
|
|
4F0800684000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1853710622.00004F0800684000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800684000
|
Size: |
159744
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
62C801AE8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901833395.000062C801AE8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801AE8000
|
Size: |
126976
|
|
4F0800654000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1853489494.00004F0800654000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800654000
|
Size: |
143360
|
|
62C801570000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1903805792.000062C801570000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801570000
|
Size: |
176128
|
|
62C800D3C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1908182408.000062C800D3C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800D3C000
|
Size: |
20480
|
|
62C801558000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1903846303.000062C801558000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801558000
|
Size: |
61440
|
|
35FF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466083369.00000000035FF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
35FF000
|
Size: |
4096
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1861006500.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
8192
|
|
30D9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.00000000030D9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
30D9000
|
Size: |
16384
|
|
62C801A3C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901076650.000062C801A3C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801A3C000
|
Size: |
126976
|
|
62C8010B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1894471182.000062C8010B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8010B0000
|
Size: |
45056
|
|
1D254D4E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1877284995.000001D254D4E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D4E000
|
Size: |
16384
|
|
4F0800320000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1852250856.00004F0800320000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800320000
|
Size: |
4096
|
|
62C8002A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1876547535.000062C8002A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8002A4000
|
Size: |
16384
|
|
62C80120C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1883126212.000062C80120C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80120C000
|
Size: |
356352
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
18C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2462168471.000000000018C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
18C000
|
Size: |
12288
|
|
4F08003EC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1853065045.00004F08003EC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F08003EC000
|
Size: |
8192
|
|
62C801758000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905935184.000062C801758000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801758000
|
Size: |
126976
|
|
62C801428000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1895280679.000062C801428000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801428000
|
Size: |
53248
|
|
4F0800354000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1852610085.00004F0800354000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800354000
|
Size: |
16384
|
|
62C800224000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1857260838.000062C800224000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800224000
|
Size: |
16384
|
|
62C801640000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904585342.000062C801640000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801640000
|
Size: |
176128
|
|
62C80183C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906725976.000062C80183C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80183C000
|
Size: |
151552
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1862012864.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
62C800360000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1893970060.000062C800360000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800360000
|
Size: |
12288
|
|
410A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467049850.000000000410A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
410A000
|
Size: |
4096
|
|
1D254D4E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1875438297.000001D254D4E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D4E000
|
Size: |
4096
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863509129.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
1D254D47000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1861455534.000001D254D47000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D47000
|
Size: |
4096
|
|
22CC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463344392.00000000022CC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22CC000
|
Size: |
4096
|
|
1D254D30000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1861006500.000001D254D30000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D30000
|
Size: |
8192
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865231692.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
62C801858000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1907438907.000062C801858000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801858000
|
Size: |
36864
|
|
4F0800330000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1852534683.00004F0800330000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800330000
|
Size: |
4096
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1866184232.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
62C801670000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904928953.000062C801670000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801670000
|
Size: |
61440
|
|
37ED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466221108.00000000037ED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
37ED000
|
Size: |
4096
|
|
62C800D3C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1875401879.000062C800D3C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800D3C000
|
Size: |
61440
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863509129.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868742434.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
8192
|
|
3AF6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466697440.0000000003AF6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3AF6000
|
Size: |
4096
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1861082172.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
16384
|
|
22BF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463314235.00000000022BF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
22BF000
|
Size: |
4096
|
|
62C801AD8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1903540409.000062C801AD8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801AD8000
|
Size: |
49152
|
|
62C801890000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1907396855.000062C801890000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801890000
|
Size: |
77824
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865400542.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
5FF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1833915282.00000000005FF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5FF000
|
Size: |
4096
|
|
35F7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466083369.00000000035F7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
35F7000
|
Size: |
20480
|
|
62C801830000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906558962.000062C801830000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801830000
|
Size: |
200704
|
|
62C8017D4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1907129973.000062C8017D4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8017D4000
|
Size: |
61440
|
|
62C8002A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1882028481.000062C8002A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8002A4000
|
Size: |
8192
|
|
5E6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1808646703.00000000005E6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5E6000
|
Size: |
20480
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1867788430.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
5E3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1808646703.00000000005E3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5E3000
|
Size: |
4096
|
|
62C800230000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1857228712.000062C800230000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800230000
|
Size: |
241664
|
|
62C80140C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1895243377.000062C80140C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80140C000
|
Size: |
61440
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
4115000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467049850.0000000004115000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4115000
|
Size: |
4096
|
|
62C801628000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904549803.000062C801628000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801628000
|
Size: |
16384
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863262243.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
62C801680000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905218202.000062C801680000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801680000
|
Size: |
49152
|
|
62C8019C4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1900736712.000062C8019C4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8019C4000
|
Size: |
208896
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1866184232.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
62C8001D8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1857506385.000062C8001D8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8001D8000
|
Size: |
16384
|
|
62C800360000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1880398580.000062C800360000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800360000
|
Size: |
45056
|
|
4F0800630000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1853402574.00004F0800630000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800630000
|
Size: |
61440
|
|
35F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466083369.00000000035F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
35F0000
|
Size: |
16384
|
|
288F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463511840.000000000288F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
288F000
|
Size: |
4096
|
|
62C801708000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905444551.000062C801708000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801708000
|
Size: |
241664
|
|
1D254D60000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1880102434.000001D254D60000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D60000
|
Size: |
28672
|
|
3B2D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466697440.0000000003B2D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3B2D000
|
Size: |
4096
|
|
62C80132C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1894838034.000062C80132C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80132C000
|
Size: |
135168
|
|
62C8002B4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1858921604.000062C8002B4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8002B4000
|
Size: |
4096
|
|
610000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2374550826.0000000000610000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
610000
|
Size: |
24576
|
|
62C80049C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1860126050.000062C80049C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80049C000
|
Size: |
20480
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
62C800354000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1882969235.000062C800354000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800354000
|
Size: |
12288
|
|
4F0800368000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1852584147.00004F0800368000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800368000
|
Size: |
4096
|
|
4F0800668000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1853795863.00004F0800668000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800668000
|
Size: |
61440
|
|
2E71000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1917209583.0000000002E71000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E71000
|
Size: |
229376
|
|
34D4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.00000000034D4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
34D4000
|
Size: |
16384
|
|
62C8016C4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905076359.000062C8016C4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8016C4000
|
Size: |
208896
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863964715.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
62C801A68000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901986525.000062C801A68000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801A68000
|
Size: |
61440
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868047767.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
1D254D7F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1879189595.000001D254D7F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D7F000
|
Size: |
8192
|
|
3495000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003495000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3495000
|
Size: |
8192
|
|
62C801548000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1903923194.000062C801548000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801548000
|
Size: |
49152
|
|
62C801880000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906990938.000062C801880000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801880000
|
Size: |
143360
|
|
62C80039C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1880616628.000062C80039C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80039C000
|
Size: |
69632
|
|
1D254D60000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1877246239.000001D254D60000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D60000
|
Size: |
16384
|
|
62C80034C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1899443500.000062C80034C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80034C000
|
Size: |
8192
|
|
188000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2462168471.0000000000188000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
188000
|
Size: |
4096
|
|
3145000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.0000000003145000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3145000
|
Size: |
8192
|
|
62C80034C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1875804292.000062C80034C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80034C000
|
Size: |
8192
|
|
62C8015D8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904469411.000062C8015D8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8015D8000
|
Size: |
61440
|
|
62C8013EC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1895124028.000062C8013EC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8013EC000
|
Size: |
65536
|
|
1D254D46000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1874099994.000001D254D46000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D46000
|
Size: |
20480
|
|
535000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2462880776.0000000000535000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
535000
|
Size: |
249856
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
URLs found in memory or binary data |
Networking |
|
|
62C800A9C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1880537064.000062C800A9C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800A9C000
|
Size: |
69632
|
|
62C8013C4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1897127628.000062C8013C4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8013C4000
|
Size: |
53248
|
|
62C801E04000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1910153054.000062C801E04000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801E04000
|
Size: |
2342912
|
|
62C800EF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1879769347.000062C800EF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800EF0000
|
Size: |
4096
|
|
62C800D24000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1883610039.000062C800D24000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800D24000
|
Size: |
40960
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1862155738.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1861233598.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
1D254D2D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868433868.000001D254D2D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D2D000
|
Size: |
16384
|
|
1D254D39000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1860846257.000001D254D39000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D39000
|
Size: |
8192
|
|
1D254D47000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868685250.000001D254D47000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D47000
|
Size: |
8192
|
|
366E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.2232897496.000000000366E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
366E000
|
Size: |
81920
|
|
62C80034C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1878357984.000062C80034C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80034C000
|
Size: |
8192
|
|
62C801754000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905969528.000062C801754000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801754000
|
Size: |
16384
|
|
62C801854000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906810052.000062C801854000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801854000
|
Size: |
53248
|
|
62C8019C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901014934.000062C8019C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8019C8000
|
Size: |
114688
|
|
1D254D47000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1876559255.000001D254D47000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D47000
|
Size: |
20480
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865231692.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
62C801644000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904669630.000062C801644000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801644000
|
Size: |
16384
|
|
62C8016C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905111171.000062C8016C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8016C0000
|
Size: |
16384
|
|
62C801B98000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1903460344.000062C801B98000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801B98000
|
Size: |
4096
|
|
62C801840000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906840079.000062C801840000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801840000
|
Size: |
65536
|
|
344A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.000000000344A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
344A000
|
Size: |
16384
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
351F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.000000000351F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
351F000
|
Size: |
4096
|
|
62C8002A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1858501875.000062C8002A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8002A4000
|
Size: |
8192
|
|
62C801388000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1899273150.000062C801388000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801388000
|
Size: |
32768
|
|
62C801AC4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901500256.000062C801AC4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801AC4000
|
Size: |
274432
|
|
4F0800320000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1852570844.00004F0800320000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800320000
|
Size: |
4096
|
|
4F08006B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1853839695.00004F08006B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F08006B0000
|
Size: |
208896
|
|
1D254D3C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1861233598.000001D254D3C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3C000
|
Size: |
8192
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1872672859.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
1D254D3C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1860846257.000001D254D3C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3C000
|
Size: |
8192
|
|
4F080033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1852516557.00004F080033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F080033C000
|
Size: |
8192
|
|
62C80162C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904502469.000062C80162C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80162C000
|
Size: |
77824
|
|
62C801850000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906778450.000062C801850000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801850000
|
Size: |
69632
|
|
62C8019A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1900063162.000062C8019A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8019A8000
|
Size: |
106496
|
|
62C801A7C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1902444627.000062C801A7C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801A7C000
|
Size: |
49152
|
|
62C800F4C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1881081902.000062C800F4C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800F4C000
|
Size: |
159744
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865503083.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1871285845.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
62C801AE4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1910124423.000062C801AE4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801AE4000
|
Size: |
4096
|
|
62C800A30000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1880352171.000062C800A30000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800A30000
|
Size: |
4096
|
|
62C8001B4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1857121020.000062C8001B4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8001B4000
|
Size: |
8192
|
|
62C801024000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1900467961.000062C801024000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801024000
|
Size: |
65536
|
|
422000
|
unkown
|
page execute read
|
|
|
|
Name: |
00000000.00000002.2462487558.0000000000422000.00000020.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page execute read
|
Base address: |
422000
|
Size: |
24576
|
|
3738000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466221108.0000000003738000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3738000
|
Size: |
4096
|
|
62C8002AA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1876547535.000062C8002AA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8002AA000
|
Size: |
12288
|
|
30F4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.00000000030F4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
30F4000
|
Size: |
12288
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1873863767.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
46F7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467536704.00000000046F7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
46F7000
|
Size: |
4096
|
|
62C801A8C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901299527.000062C801A8C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801A8C000
|
Size: |
4096
|
|
62C8013D4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1895382758.000062C8013D4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8013D4000
|
Size: |
32768
|
|
62C801A1C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1900902944.000062C801A1C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801A1C000
|
Size: |
94208
|
|
62C8013DC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1895329938.000062C8013DC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8013DC000
|
Size: |
53248
|
|
62C800C60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1877384563.000062C800C60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800C60000
|
Size: |
16384
|
|
62C801A88000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901330834.000062C801A88000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801A88000
|
Size: |
16384
|
|
62C801A60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901198253.000062C801A60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801A60000
|
Size: |
94208
|
|
1D254D4A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1879732842.000001D254D4A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D4A000
|
Size: |
118784
|
|
62C801714000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905564876.000062C801714000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801714000
|
Size: |
192512
|
|
62C801B40000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1903591443.000062C801B40000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801B40000
|
Size: |
28672
|
|
1D254D2D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1866681262.000001D254D2D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D2D000
|
Size: |
16384
|
|
35B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.00000000035B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
35B0000
|
Size: |
4096
|
|
354B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.000000000354B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
354B000
|
Size: |
4096
|
|
1D254D48000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1877284995.000001D254D48000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D48000
|
Size: |
8192
|
|
840000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463130842.0000000000840000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
840000
|
Size: |
12288
|
|
7D74002C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1838369849.00007D74002C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D74002C0000
|
Size: |
4096
|
|
4F0800320000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1855254782.00004F0800320000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800320000
|
Size: |
4096
|
|
312D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.000000000312D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
312D000
|
Size: |
4096
|
|
62C800FCC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1880461619.000062C800FCC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800FCC000
|
Size: |
32768
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1866184232.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1870179229.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
62C800F74000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1894710124.000062C800F74000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800F74000
|
Size: |
135168
|
|
62C8001EC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1857426343.000062C8001EC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8001EC000
|
Size: |
16384
|
|
1D254D31000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1861455534.000001D254D31000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D31000
|
Size: |
16384
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863344763.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1867342555.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
1D254D5F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1875104709.000001D254D5F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D5F000
|
Size: |
12288
|
|
62C8002A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1878493524.000062C8002A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8002A4000
|
Size: |
8192
|
|
62C801648000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904627579.000062C801648000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801648000
|
Size: |
143360
|
|
498000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000002.2462594602.0000000000498000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
498000
|
Size: |
114688
|
|
62C800F98000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1894710124.000062C800F98000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800F98000
|
Size: |
36864
|
|
62C801AD0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901681729.000062C801AD0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801AD0000
|
Size: |
225280
|
|
62C8019F8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1900842903.000062C8019F8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8019F8000
|
Size: |
16384
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1866329360.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
62C8001F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1857413514.000062C8001F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8001F0000
|
Size: |
16384
|
|
62C801B28000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1902792993.000062C801B28000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801B28000
|
Size: |
61440
|
|
3187000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.0000000003187000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3187000
|
Size: |
4096
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1866069193.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
4F0800658000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1854298353.00004F0800658000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800658000
|
Size: |
49152
|
|
54E000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2374394760.000000000054E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
54E000
|
Size: |
8192
|
|
62C8002C4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1858336068.000062C8002C4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8002C4000
|
Size: |
4096
|
|
2F70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1808756200.0000000002F70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F70000
|
Size: |
167936
|
|
2FAE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463821130.0000000002FAE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2FAE000
|
Size: |
8192
|
|
7D74002C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1834533527.00007D74002C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D74002C0000
|
Size: |
4096
|
|
3161000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.0000000003161000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3161000
|
Size: |
4096
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863614740.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
3514000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003514000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3514000
|
Size: |
4096
|
|
4F08002FC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1852304903.00004F08002FC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F08002FC000
|
Size: |
69632
|
|
4F08006D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1854054409.00004F08006D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F08006D0000
|
Size: |
77824
|
|
62C80039C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1874361473.000062C80039C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80039C000
|
Size: |
69632
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1D2591CB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1896747442.000001D2591CB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D2591CB000
|
Size: |
4096
|
|
7D74002A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1836712787.00007D74002A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D74002A0000
|
Size: |
4096
|
|
1D254D39000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1878457887.000001D254D39000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D39000
|
Size: |
20480
|
|
62C8001F4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1857397339.000062C8001F4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8001F4000
|
Size: |
16384
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865616009.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1873643490.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
62C800354000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1878647423.000062C800354000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800354000
|
Size: |
12288
|
|
3157000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.0000000003157000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3157000
|
Size: |
16384
|
|
62C801024000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1880724659.000062C801024000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801024000
|
Size: |
69632
|
|
59D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1734812033.000000000059D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
59D000
|
Size: |
12288
|
|
62C8001E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1857471381.000062C8001E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8001E0000
|
Size: |
16384
|
|
62C801870000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1907101274.000062C801870000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801870000
|
Size: |
65536
|
|
62C801694000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904981291.000062C801694000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801694000
|
Size: |
65536
|
|
62C80180C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906531321.000062C80180C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80180C000
|
Size: |
16384
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1861233598.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
62C801AA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901453547.000062C801AA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801AA0000
|
Size: |
40960
|
|
36F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466221108.00000000036F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
36F0000
|
Size: |
4096
|
|
62C801728000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905657538.000062C801728000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801728000
|
Size: |
110592
|
|
62C800DE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1878444466.000062C800DE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800DE0000
|
Size: |
24576
|
|
62C8010B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1881015690.000062C8010B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8010B0000
|
Size: |
45056
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865503083.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1862155738.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
34B4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.00000000034B4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
34B4000
|
Size: |
4096
|
|
1D254D46000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1873863767.000001D254D46000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D46000
|
Size: |
20480
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863728665.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
2D1E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463699042.0000000002D1E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2D1E000
|
Size: |
8192
|
|
62C80156C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1903761606.000062C80156C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80156C000
|
Size: |
192512
|
|
62C801438000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1899390283.000062C801438000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801438000
|
Size: |
110592
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1866711739.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
354D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.000000000354D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
354D000
|
Size: |
4096
|
|
30AE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463851232.00000000030AE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
30AE000
|
Size: |
8192
|
|
4F0800698000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1853816441.00004F0800698000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800698000
|
Size: |
77824
|
|
3564000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003564000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3564000
|
Size: |
8192
|
|
351D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.000000000351D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
351D000
|
Size: |
4096
|
|
3595000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003595000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3595000
|
Size: |
4096
|
|
4F0800664000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1853648418.00004F0800664000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800664000
|
Size: |
77824
|
|
62C8017F4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906411861.000062C8017F4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8017F4000
|
Size: |
32768
|
|
32F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464662306.00000000032F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
32F0000
|
Size: |
4096
|
|
62C8001DC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1857488485.000062C8001DC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8001DC000
|
Size: |
16384
|
|
4F0800644000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1853551281.00004F0800644000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800644000
|
Size: |
61440
|
|
62C801864000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906965302.000062C801864000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801864000
|
Size: |
16384
|
|
3570000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003570000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3570000
|
Size: |
24576
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865377382.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
4C0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2462634010.00000000004C0000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4C0000
|
Size: |
4096
|
|
62C800D34000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1878610385.000062C800D34000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800D34000
|
Size: |
16384
|
|
62C800B44000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1874593789.000062C800B44000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800B44000
|
Size: |
245760
|
|
1D254D2D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1866300617.000001D254D2D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D2D000
|
Size: |
16384
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1872672859.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
8192
|
|
617000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1829692707.0000000000617000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
617000
|
Size: |
4096
|
|
62C80132C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1894981703.000062C80132C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80132C000
|
Size: |
135168
|
|
278E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463486515.000000000278E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
278E000
|
Size: |
8192
|
|
50E000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2374324448.000000000050E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
50E000
|
Size: |
8192
|
|
5F4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1825450745.00000000005F4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5F4000
|
Size: |
4096
|
|
62C80132C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1900326820.000062C80132C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80132C000
|
Size: |
143360
|
|
7D74002C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1834485776.00007D74002C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D74002C0000
|
Size: |
4096
|
|
3542000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003542000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3542000
|
Size: |
4096
|
|
3470000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003470000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3470000
|
Size: |
4096
|
|
31AE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.00000000031AE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
31AE000
|
Size: |
4096
|
|
30D3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.00000000030D3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
30D3000
|
Size: |
8192
|
|
5E1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1749778764.00000000005E1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5E1000
|
Size: |
12288
|
|
62C801A40000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1902899718.000062C801A40000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801A40000
|
Size: |
49152
|
|
62C8002A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1882464571.000062C8002A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8002A4000
|
Size: |
8192
|
|
1D254D46000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1861082172.000001D254D46000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D46000
|
Size: |
8192
|
|
5E9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1734142847.00000000005E9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5E9000
|
Size: |
4096
|
|
62C8016FC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905357332.000062C8016FC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8016FC000
|
Size: |
16384
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1864212768.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
62C800314000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1899751686.000062C800314000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800314000
|
Size: |
24576
|
|
4F0800700000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1854245144.00004F0800700000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800700000
|
Size: |
77824
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863509129.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
1D254D46000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1871285845.000001D254D46000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D46000
|
Size: |
20480
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863614740.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
4F0800408000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1854828016.00004F0800408000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800408000
|
Size: |
4096
|
|
62C801B74000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1909057594.000062C801B74000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801B74000
|
Size: |
8192
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
62C8017BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906263092.000062C8017BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8017BC000
|
Size: |
159744
|
|
1D254D2D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1867585537.000001D254D2D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D2D000
|
Size: |
16384
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865779241.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
8192
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1873407630.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
8192
|
|
4F0800614000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1853568330.00004F0800614000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800614000
|
Size: |
49152
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1862155738.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
1D254D2E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1860732196.000001D254D2E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D2E000
|
Size: |
4096
|
|
617000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.2201198143.0000000000617000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
617000
|
Size: |
4096
|
|
7D74002B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1834420544.00007D74002B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D74002B0000
|
Size: |
4096
|
|
1D255242000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1896810466.000001D255242000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D255242000
|
Size: |
114688
|
|
1D254D39000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1879877760.000001D254D39000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D39000
|
Size: |
20480
|
|
1D2552B8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1896810466.000001D2552B8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D2552B8000
|
Size: |
172032
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1864077004.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
316B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.000000000316B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
316B000
|
Size: |
45056
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
|
323A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.2252374414.000000000323A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
323A000
|
Size: |
8192
|
|
62C801C68000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1909238507.000062C801C68000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801C68000
|
Size: |
196608
|
|
367D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466083369.000000000367D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
367D000
|
Size: |
24576
|
|
62C8002F7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1858937426.000062C8002F7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8002F7000
|
Size: |
8192
|
|
62C801AC8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901568719.000062C801AC8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801AC8000
|
Size: |
258048
|
|
62C801AF4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1902013378.000062C801AF4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801AF4000
|
Size: |
77824
|
|
98F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463183566.000000000098F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
98F000
|
Size: |
4096
|
|
5EB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1808623725.00000000005EB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5EB000
|
Size: |
16384
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1867077057.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
1D254D35000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1860846257.000001D254D35000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D35000
|
Size: |
12288
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863964715.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1867618819.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
34B6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.00000000034B6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
34B6000
|
Size: |
4096
|
|
62C8001C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1858028123.000062C8001C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8001C8000
|
Size: |
32768
|
|
1D254D60000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1876137861.000001D254D60000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D60000
|
Size: |
8192
|
|
264E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463433449.000000000264E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
264E000
|
Size: |
8192
|
|
406A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467049850.000000000406A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
406A000
|
Size: |
4096
|
|
404A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467049850.000000000404A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
404A000
|
Size: |
4096
|
|
62C8015BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904078175.000062C8015BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8015BC000
|
Size: |
94208
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1D254D5B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1879850319.000001D254D5B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D5B000
|
Size: |
49152
|
|
82F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463107797.000000000082F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
82F000
|
Size: |
4096
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863814723.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
62C801B74000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1902862061.000062C801B74000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801B74000
|
Size: |
4096
|
|
62C8002A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1858132180.000062C8002A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8002A8000
|
Size: |
8192
|
|
1D255286000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1896810466.000001D255286000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D255286000
|
Size: |
45056
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1862532088.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
62C801A64000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901235520.000062C801A64000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801A64000
|
Size: |
77824
|
|
62C801C50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1909095695.000062C801C50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801C50000
|
Size: |
77824
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1873643490.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
8192
|
|
1D255261000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1896810466.000001D255261000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D255261000
|
Size: |
24576
|
|
1D2591B8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1897033464.000001D2591B8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D2591B8000
|
Size: |
16384
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865231692.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
8192
|
|
62C800C7C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1874708268.000062C800C7C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800C7C000
|
Size: |
4096
|
|
4F080039C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1853326363.00004F080039C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F080039C000
|
Size: |
323584
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863964715.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
7D74002A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1834446942.00007D74002A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D74002A0000
|
Size: |
4096
|
|
62C800340000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1859064908.000062C800340000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800340000
|
Size: |
8192
|
|
62C801624000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904352853.000062C801624000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801624000
|
Size: |
110592
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863485841.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
62C801B18000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1902421210.000062C801B18000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801B18000
|
Size: |
49152
|
|
2170000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463252903.0000000002170000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2170000
|
Size: |
16384
|
|
412A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467049850.000000000412A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
412A000
|
Size: |
4096
|
|
1D254D46000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868742434.000001D254D46000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D46000
|
Size: |
20480
|
|
29EF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463560706.00000000029EF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
29EF000
|
Size: |
4096
|
|
62C800C65000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1882702453.000062C800C65000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800C65000
|
Size: |
16384
|
|
62C8016A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905043828.000062C8016A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8016A8000
|
Size: |
77824
|
|
1D254D2D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1861581113.000001D254D2D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D2D000
|
Size: |
16384
|
|
2CE0000
|
remote allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1720582163.0000000002CE0000.00000004.00000400.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
remote allocation
|
Protect: |
page read and write
|
Base address: |
2CE0000
|
Size: |
4096
|
|
4008000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467049850.0000000004008000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4008000
|
Size: |
12288
|
|
3181000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.0000000003181000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3181000
|
Size: |
8192
|
|
3742000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466221108.0000000003742000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3742000
|
Size: |
4096
|
|
5DF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1735846995.00000000005DF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5DF000
|
Size: |
8192
|
|
400000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000000.1712101471.0000000000400000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
400000
|
Size: |
4096
|
|
62C800FC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1899777325.000062C800FC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800FC0000
|
Size: |
4096
|
|
62C80188C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1907273155.000062C80188C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80188C000
|
Size: |
94208
|
|
618000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2374550826.0000000000618000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
618000
|
Size: |
45056
|
|
4015000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467049850.0000000004015000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4015000
|
Size: |
4096
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1867342555.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
7D74002BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1836740002.00007D74002BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D74002BC000
|
Size: |
4096
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1862124785.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
4F0800734000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1855114875.00004F0800734000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800734000
|
Size: |
61440
|
|
35C5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.00000000035C5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
35C5000
|
Size: |
135168
|
|
62C801CAD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1909095695.000062C801CAD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801CAD000
|
Size: |
24576
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1862257966.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1872672859.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
62C800A30000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1877718189.000062C800A30000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800A30000
|
Size: |
32768
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
4075000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467049850.0000000004075000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4075000
|
Size: |
4096
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1867732638.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
62C801810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906489499.000062C801810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801810000
|
Size: |
126976
|
|
5FF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1825450745.00000000005FF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5FF000
|
Size: |
4096
|
|
3BC5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466697440.0000000003BC5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3BC5000
|
Size: |
4096
|
|
3123000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.0000000003123000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3123000
|
Size: |
16384
|
|
62C801834000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906758649.000062C801834000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801834000
|
Size: |
16384
|
|
62C801998000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1899550325.000062C801998000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801998000
|
Size: |
4096
|
|
4F0800760000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1855218752.00004F0800760000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800760000
|
Size: |
61440
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1873863767.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
1D254D7F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1879981894.000001D254D7F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D7F000
|
Size: |
8192
|
|
62C800A9C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1882330391.000062C800A9C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800A9C000
|
Size: |
73728
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
62C800D24000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1880008581.000062C800D24000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800D24000
|
Size: |
12288
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868047767.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1866600103.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
62C8016F8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905280761.000062C8016F8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8016F8000
|
Size: |
307200
|
|
2F70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1829736604.0000000002F70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F70000
|
Size: |
167936
|
|
62C8017F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906387860.000062C8017F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8017F0000
|
Size: |
49152
|
|
7D74002BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1834459088.00007D74002BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D74002BC000
|
Size: |
4096
|
|
3506000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003506000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3506000
|
Size: |
4096
|
|
1D254D46000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1878457887.000001D254D46000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D46000
|
Size: |
8192
|
|
1D254D60000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1880036761.000001D254D60000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D60000
|
Size: |
28672
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1874099994.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
8192
|
|
62C8012DC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1907768523.000062C8012DC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8012DC000
|
Size: |
110592
|
|
62C801748000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905779906.000062C801748000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801748000
|
Size: |
192512
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1866711739.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
4F0800418000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1857798423.00004F0800418000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800418000
|
Size: |
4096
|
|
4857000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467536704.0000000004857000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4857000
|
Size: |
4096
|
|
3802000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466221108.0000000003802000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3802000
|
Size: |
4096
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1861082172.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
47E1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467536704.00000000047E1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
47E1000
|
Size: |
4096
|
|
46BF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467536704.00000000046BF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
46BF000
|
Size: |
12288
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863728665.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
62C80034C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1859089351.000062C80034C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80034C000
|
Size: |
8192
|
|
310B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.000000000310B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
310B000
|
Size: |
4096
|
|
62C8016E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905242913.000062C8016E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8016E4000
|
Size: |
77824
|
|
62C801350000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1899319757.000062C801350000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801350000
|
Size: |
229376
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868493691.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
62C80165C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904871985.000062C80165C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80165C000
|
Size: |
61440
|
|
1D254D2D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868008786.000001D254D2D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D2D000
|
Size: |
16384
|
|
62C800B84000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1909422471.000062C800B84000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800B84000
|
Size: |
36864
|
|
62C801B80000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1903353997.000062C801B80000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801B80000
|
Size: |
36864
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865400542.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
4F080069C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1854226654.00004F080069C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F080069C000
|
Size: |
61440
|
|
62C801AF8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1902354179.000062C801AF8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801AF8000
|
Size: |
61440
|
|
3142000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.0000000003142000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3142000
|
Size: |
8192
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1860682028.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
62C800C5C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1875524789.000062C800C5C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800C5C000
|
Size: |
12288
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865503083.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
62C8016BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905009089.000062C8016BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8016BC000
|
Size: |
241664
|
|
62C800D3C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1876828804.000062C800D3C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800D3C000
|
Size: |
61440
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
3111000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.0000000003111000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3111000
|
Size: |
8192
|
|
5E5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1749778764.00000000005E5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5E5000
|
Size: |
28672
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863262243.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
62C8002A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1899861313.000062C8002A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8002A4000
|
Size: |
28672
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
5BE000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2374460953.00000000005BE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5BE000
|
Size: |
8192
|
|
1D254D6E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1877413059.000001D254D6E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D6E000
|
Size: |
4096
|
|
3818000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466221108.0000000003818000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3818000
|
Size: |
389120
|
|
3137000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.0000000003137000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3137000
|
Size: |
4096
|
|
62C8015B8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904028587.000062C8015B8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8015B8000
|
Size: |
110592
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
62C8002A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1894004366.000062C8002A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8002A4000
|
Size: |
8192
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
62C801730000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905713753.000062C801730000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801730000
|
Size: |
77824
|
|
3476000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003476000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3476000
|
Size: |
12288
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868397459.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
37F8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466221108.00000000037F8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
37F8000
|
Size: |
4096
|
|
62C80177C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906109839.000062C80177C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80177C000
|
Size: |
16384
|
|
3581000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003581000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3581000
|
Size: |
4096
|
|
62C801578000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1907328903.000062C801578000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801578000
|
Size: |
65536
|
|
274F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463460810.000000000274F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
274F000
|
Size: |
4096
|
|
62C80032C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1859035555.000062C80032C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80032C000
|
Size: |
4096
|
|
1D254D7F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1877413059.000001D254D7F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D7F000
|
Size: |
8192
|
|
62C801750000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905845890.000062C801750000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801750000
|
Size: |
159744
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868047767.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
4D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2462668277.00000000004D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4D0000
|
Size: |
8192
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865231692.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
5A4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1734812033.00000000005A4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5A4000
|
Size: |
249856
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
62C801024000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1880668967.000062C801024000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801024000
|
Size: |
69632
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1871285845.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
3798000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466221108.0000000003798000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3798000
|
Size: |
4096
|
|
7D74002C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1836870856.00007D74002C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D74002C0000
|
Size: |
4096
|
|
18A000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2462168471.000000000018A000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
18A000
|
Size: |
4096
|
|
3BD5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466697440.0000000003BD5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3BD5000
|
Size: |
4096
|
|
62C8015B4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1903990393.000062C8015B4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8015B4000
|
Size: |
126976
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
3B4D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466697440.0000000003B4D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3B4D000
|
Size: |
4096
|
|
1D254D46000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1870179229.000001D254D46000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D46000
|
Size: |
20480
|
|
62C800D24000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1876660700.000062C800D24000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800D24000
|
Size: |
16384
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1864993295.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
62C801690000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904897519.000062C801690000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801690000
|
Size: |
176128
|
|
62C8002A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1879795364.000062C8002A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8002A4000
|
Size: |
8192
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1864993295.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
62C801390000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1899239186.000062C801390000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801390000
|
Size: |
118784
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1D254D47000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1873600885.000001D254D47000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D47000
|
Size: |
16384
|
|
3487000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003487000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3487000
|
Size: |
8192
|
|
1D254D64000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1876973795.000001D254D64000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D64000
|
Size: |
12288
|
|
4F0800730000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1854372191.00004F0800730000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800730000
|
Size: |
77824
|
|
62C80021C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1857300497.000062C80021C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80021C000
|
Size: |
16384
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863839799.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
62C801BEC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1900660639.000062C801BEC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801BEC000
|
Size: |
49152
|
|
4F08006B4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1853927119.00004F08006B4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F08006B4000
|
Size: |
192512
|
|
62C801B94000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1903516168.000062C801B94000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801B94000
|
Size: |
16384
|
|
62C8016D8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906025252.000062C8016D8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8016D8000
|
Size: |
49152
|
|
62C800FC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1880425462.000062C800FC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800FC0000
|
Size: |
4096
|
|
62C800E68000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1878213597.000062C800E68000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800E68000
|
Size: |
12288
|
|
62C800D24000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1882248637.000062C800D24000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800D24000
|
Size: |
16384
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
62C801AE4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901803993.000062C801AE4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801AE4000
|
Size: |
143360
|
|
1D254D28000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1860762955.000001D254D28000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D28000
|
Size: |
8192
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868279018.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
72E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463078219.000000000072E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
72E000
|
Size: |
8192
|
|
62C801458000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1907817032.000062C801458000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801458000
|
Size: |
4096
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868493691.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
8192
|
|
62C8013F4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1895175396.000062C8013F4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8013F4000
|
Size: |
32768
|
|
498000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000000.1712265037.0000000000498000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
498000
|
Size: |
114688
|
|
3B15000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466697440.0000000003B15000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3B15000
|
Size: |
4096
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
3103000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.0000000003103000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3103000
|
Size: |
4096
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
5FF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1825414249.00000000005FF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5FF000
|
Size: |
4096
|
|
1D254D31000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865231692.000001D254D31000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D31000
|
Size: |
4096
|
|
411F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467049850.000000000411F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
411F000
|
Size: |
4096
|
|
4F0800750000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1855027088.00004F0800750000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800750000
|
Size: |
16384
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865616009.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1867788430.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
62C801C18000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1900708844.000062C801C18000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801C18000
|
Size: |
65536
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1862036934.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1873643490.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
31B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1917322590.00000000031B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
31B0000
|
Size: |
184320
|
|
1D25526B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1896810466.000001D25526B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D25526B000
|
Size: |
98304
|
|
378D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466221108.000000000378D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
378D000
|
Size: |
4096
|
|
22CE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463344392.00000000022CE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22CE000
|
Size: |
4096
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865204776.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
5E3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1833987237.00000000005E3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5E3000
|
Size: |
32768
|
|
2A3C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463590745.0000000002A3C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2A3C000
|
Size: |
16384
|
|
472C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467536704.000000000472C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
472C000
|
Size: |
4096
|
|
62C80034C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1883061931.000062C80034C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80034C000
|
Size: |
8192
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1861958371.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
5F7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1833915282.00000000005F7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5F7000
|
Size: |
4096
|
|
62C800F4C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1878781138.000062C800F4C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800F4C000
|
Size: |
151552
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found strings which match to known social media urls |
Networking |
|
|
62C801B50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1903486669.000062C801B50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801B50000
|
Size: |
16384
|
|
62C801074000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1894660599.000062C801074000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801074000
|
Size: |
135168
|
|
347E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.000000000347E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
347E000
|
Size: |
4096
|
|
3539000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003539000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3539000
|
Size: |
4096
|
|
62C801544000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1900119264.000062C801544000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801544000
|
Size: |
143360
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1872672859.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1864177371.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
4F0800640000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1853467642.00004F0800640000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800640000
|
Size: |
77824
|
|
61B400234000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1836376606.000061B400234000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
61B400234000
|
Size: |
4096
|
|
1D254D2B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1863363977.000001D254D2B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D2B000
|
Size: |
24576
|
|
62C8011C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1882618109.000062C8011C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8011C8000
|
Size: |
8192
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1861176702.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
8192
|
|
4F0800310000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1852304903.00004F0800310000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800310000
|
Size: |
65536
|
|
62C800C65000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1875524789.000062C800C65000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800C65000
|
Size: |
8192
|
|
4F08006E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1854072418.00004F08006E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F08006E4000
|
Size: |
192512
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
62C801B10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1902215595.000062C801B10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801B10000
|
Size: |
81920
|
|
62C80136C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1899360135.000062C80136C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80136C000
|
Size: |
114688
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1D254D47000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1871030047.000001D254D47000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D47000
|
Size: |
16384
|
|
3444000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003444000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3444000
|
Size: |
4096
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1878457887.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
16384
|
|
62C801710000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905524703.000062C801710000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801710000
|
Size: |
208896
|
|
A60000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2374645575.0000000000A60000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A60000
|
Size: |
16384
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865400542.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
3178000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.0000000003178000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3178000
|
Size: |
20480
|
|
62C800D24000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1894554715.000062C800D24000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800D24000
|
Size: |
12288
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1866069193.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
62C801588000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1903876598.000062C801588000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801588000
|
Size: |
77824
|
|
62C80159C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904279659.000062C80159C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80159C000
|
Size: |
98304
|
|
62C8015F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904318958.000062C8015F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8015F0000
|
Size: |
32768
|
|
48A1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467536704.00000000048A1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
48A1000
|
Size: |
4096
|
|
4F0800610000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1853357678.00004F0800610000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800610000
|
Size: |
192512
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868215299.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
62C801B08000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1902251274.000062C801B08000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801B08000
|
Size: |
16384
|
|
5A1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1763617947.00000000005A1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5A1000
|
Size: |
262144
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
62C801B64000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1903254546.000062C801B64000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801B64000
|
Size: |
61440
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1864077004.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1867342555.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
62C8016CC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905907609.000062C8016CC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8016CC000
|
Size: |
98304
|
|
346C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.000000000346C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
346C000
|
Size: |
12288
|
|
62C80140C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1903428152.000062C80140C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80140C000
|
Size: |
65536
|
|
62C801A10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901273893.000062C801A10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801A10000
|
Size: |
49152
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1860846257.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
8192
|
|
62C8016C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1905182497.000062C8016C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8016C8000
|
Size: |
192512
|
|
1D254D47000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1870049745.000001D254D47000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D47000
|
Size: |
16384
|
|
2E60000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463752454.0000000002E60000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E60000
|
Size: |
4096
|
|
18C000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2374277015.000000000018C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
18C000
|
Size: |
16384
|
|
62C800A30000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1874529901.000062C800A30000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800A30000
|
Size: |
32768
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1874099994.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
3106000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.0000000003106000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3106000
|
Size: |
16384
|
|
3189000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.0000000003189000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3189000
|
Size: |
4096
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1867942368.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
62C800354000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1859107119.000062C800354000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800354000
|
Size: |
12288
|
|
62C8002A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1895079786.000062C8002A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8002A8000
|
Size: |
28672
|
|
3AFC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466697440.0000000003AFC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3AFC000
|
Size: |
8192
|
|
62C8017A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1906171196.000062C8017A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8017A4000
|
Size: |
86016
|
|
2E71000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.2201151619.0000000002E71000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E71000
|
Size: |
249856
|
|
4F080075C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1855136891.00004F080075C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F080075C000
|
Size: |
77824
|
|
38B8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466221108.00000000038B8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
38B8000
|
Size: |
311296
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1862036934.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
8192
|
|
1D254D46000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1861176702.000001D254D46000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D46000
|
Size: |
8192
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1861354115.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
4F080080C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1902090385.00004F080080C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F080080C000
|
Size: |
323584
|
|
34AD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.00000000034AD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
34AD000
|
Size: |
12288
|
|
62C80168C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904784933.000062C80168C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80168C000
|
Size: |
192512
|
|
62C800D24000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1880823288.000062C800D24000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800D24000
|
Size: |
12288
|
|
88E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463159739.000000000088E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
88E000
|
Size: |
8192
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1879877760.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
16384
|
|
355B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.000000000355B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
355B000
|
Size: |
8192
|
|
62C801A9C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901475823.000062C801A9C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801A9C000
|
Size: |
16384
|
|
5F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1825414249.00000000005F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5F3000
|
Size: |
8192
|
|
1D254D46000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1873643490.000001D254D46000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D46000
|
Size: |
20480
|
|
62C800FC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1894625305.000062C800FC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800FC0000
|
Size: |
4096
|
|
3554000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003554000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3554000
|
Size: |
4096
|
|
62C801A34000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1900975609.000062C801A34000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801A34000
|
Size: |
159744
|
|
1D254D2D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1860954004.000001D254D2D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D2D000
|
Size: |
4096
|
|
62C8001E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1857456292.000062C8001E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8001E4000
|
Size: |
16384
|
|
30DE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.00000000030DE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
30DE000
|
Size: |
12288
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
62C8015C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904134584.000062C8015C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8015C0000
|
Size: |
77824
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
313F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.000000000313F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
313F000
|
Size: |
4096
|
|
1D254D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1861958371.000001D254D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D38000
|
Size: |
24576
|
|
62C801160000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1882995937.000062C801160000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801160000
|
Size: |
8192
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868742434.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
62C800F74000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1907694397.000062C800F74000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800F74000
|
Size: |
143360
|
|
62C801C64000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1909095695.000062C801C64000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801C64000
|
Size: |
212992
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865481572.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
3BCD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466697440.0000000003BCD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3BCD000
|
Size: |
4096
|
|
47D7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467536704.00000000047D7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
47D7000
|
Size: |
4096
|
|
62C800D3C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1880502884.000062C800D3C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800D3C000
|
Size: |
20480
|
|
62C800D3C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1878750522.000062C800D3C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800D3C000
|
Size: |
20480
|
|
2130000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463214013.0000000002130000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2130000
|
Size: |
4096
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1864052451.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
1D254D4A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868685250.000001D254D4A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D4A000
|
Size: |
8192
|
|
4F0800678000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1854263797.00004F0800678000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800678000
|
Size: |
49152
|
|
372F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2466221108.000000000372F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
372F000
|
Size: |
8192
|
|
62C8012C4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1894510057.000062C8012C4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8012C4000
|
Size: |
86016
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1868493691.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
354F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.000000000354F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
354F000
|
Size: |
4096
|
|
5FF000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2374523973.00000000005FF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5FF000
|
Size: |
4096
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1861233598.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
3504000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003504000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3504000
|
Size: |
4096
|
|
1D254D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1864212768.000001D254D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D41000
|
Size: |
28672
|
|
62C80022C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1857191508.000062C80022C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C80022C000
|
Size: |
258048
|
|
1D254D3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1866069193.000001D254D3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D3B000
|
Size: |
12288
|
|
62C8015E8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1904246526.000062C8015E8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8015E8000
|
Size: |
16384
|
|
3533000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.0000000003533000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3533000
|
Size: |
8192
|
|
46D7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2467536704.00000000046D7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
46D7000
|
Size: |
4096
|
|
1D254D80000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1880060302.000001D254D80000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D80000
|
Size: |
4096
|
|
4F0800694000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1854113757.00004F0800694000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800694000
|
Size: |
16384
|
|
35E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2464725743.00000000035E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
35E7000
|
Size: |
4096
|
|
62C801A38000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901104230.000062C801A38000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801A38000
|
Size: |
16384
|
|
62C801AF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1901947740.000062C801AF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C801AF0000
|
Size: |
94208
|
|
1D254D36000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1860682028.000001D254D36000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D36000
|
Size: |
16384
|
|
62C800D24000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1875347632.000062C800D24000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800D24000
|
Size: |
16384
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
4F0800248000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1852230653.00004F0800248000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800248000
|
Size: |
4096
|
|
5E2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1734812033.00000000005E2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5E2000
|
Size: |
28672
|
|
1D254D43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1867555157.000001D254D43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D43000
|
Size: |
20480
|
|
1D254D7F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1879825356.000001D254D7F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D7F000
|
Size: |
8192
|
|
62C8018A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1907473908.000062C8018A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C8018A4000
|
Size: |
159744
|
|
4F0800354000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1852550287.00004F0800354000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F0800354000
|
Size: |
16384
|
|
412000
|
unkown
|
page execute read
|
|
|
|
Name: |
00000000.00000000.1712124765.0000000000412000.00000020.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page execute read
|
Base address: |
412000
|
Size: |
90112
|
|
310E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2463881539.000000000310E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
310E000
|
Size: |
8192
|
|
4F08006C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1853995209.00004F08006C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F08006C8000
|
Size: |
110592
|
|
1D254D33000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1865616009.000001D254D33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D254D33000
|
Size: |
4096
|
|
62C800F74000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1878686669.000062C800F74000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800F74000
|
Size: |
131072
|
|
62C800CD0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000003.1875089528.000062C800CD0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62C800CD0000
|
Size: |
61440
|
|