2E2F000
|
heap
|
page read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000004.00000003.2166299086.0000000002E2F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E2F000
|
Size: |
262144
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected Vidar stealer |
Stealing of Sensitive Information, Remote Access Functionality |
|
URLs found in memory or binary data |
Networking |
|
|
400000
|
remote allocation
|
page execute and read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000004.00000002.2590366796.0000000000400000.00000040.00000400.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
remote allocation
|
Protect: |
page execute and read and write
|
Base address: |
400000
|
Size: |
348160
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found malware configuration |
AV Detection |
|
Malicious sample detected (through community Yara rule) |
System Summary |
|
Yara detected Vidar stealer |
Stealing of Sensitive Information, Remote Access Functionality |
|
Yara signature match |
System Summary |
|
URLs found in memory or binary data |
Networking |
|
|
B3A000
|
unkown
|
page readonly
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000000.00000002.2046412391.0000000000B3A000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
B3A000
|
Size: |
1470464
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected MicroClip |
Stealing of Sensitive Information, Remote Access Functionality |
|
Installs a raw input device (often for capturing keystrokes) |
Key, Mouse, Clipboard, Microphone and Screen Capturing |
|
|
B3A000
|
unkown
|
page readonly
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000000.00000000.1735787345.0000000000B3A000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
B3A000
|
Size: |
1470464
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected MicroClip |
Stealing of Sensitive Information, Remote Access Functionality |
|
|
2E2F000
|
heap
|
page read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000004.00000003.2179807123.0000000002E2F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E2F000
|
Size: |
278528
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected Vidar stealer |
Stealing of Sensitive Information, Remote Access Functionality |
|
URLs found in memory or binary data |
Networking |
|
|
2E2E000
|
heap
|
page read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000004.00000003.2194378381.0000000002E2E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E2E000
|
Size: |
266240
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected Vidar stealer |
Stealing of Sensitive Information, Remote Access Functionality |
|
URLs found in memory or binary data |
Networking |
|
|
2E31000
|
heap
|
page read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000004.00000003.2166346657.0000000002E31000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E31000
|
Size: |
253952
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected Vidar stealer |
Stealing of Sensitive Information, Remote Access Functionality |
|
URLs found in memory or binary data |
Networking |
|
|
A430000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047676171.000000000A430000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A430000
|
Size: |
16384
|
|
3AF4002C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2215409963.00003AF4002C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3AF4002C0000
|
Size: |
4096
|
|
68A2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596741530.00000000068A2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
68A2000
|
Size: |
4096
|
|
5C8B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2595659880.0000000005C8B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5C8B000
|
Size: |
4096
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235660074.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
2DE6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2166376249.0000000002DE6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2DE6000
|
Size: |
77824
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
URLs found in memory or binary data |
Networking |
|
|
38E401764000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266528568.000038E401764000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401764000
|
Size: |
49152
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2228282880.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238200763.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
20480
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234763253.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E401B50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263305081.000038E401B50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401B50000
|
Size: |
20480
|
|
74E5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2561396590.00000000074E5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
74E5000
|
Size: |
5242880
|
|
2D3E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2590894828.0000000002D3E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2D3E000
|
Size: |
8192
|
|
196E813E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2229755028.00000196E813E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E813E000
|
Size: |
4096
|
|
A8B8000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048868715.000000000A8B8000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A8B8000
|
Size: |
233472
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
A556000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048074692.000000000A556000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A556000
|
Size: |
12288
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2226703315.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
75C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2590576924.000000000075C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
75C000
|
Size: |
16384
|
|
A708000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1838794108.000000000A708000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A708000
|
Size: |
8192
|
|
38E40029C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2260259671.000038E40029C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40029C000
|
Size: |
20480
|
|
38E40185C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267067763.000038E40185C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40185C000
|
Size: |
69632
|
|
38E400294000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2260259671.000038E400294000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400294000
|
Size: |
28672
|
|
196E815A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238107824.00000196E815A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E815A000
|
Size: |
8192
|
|
38E401880000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267346208.000038E401880000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401880000
|
Size: |
192512
|
|
38E4019A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2260647298.000038E4019A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4019A4000
|
Size: |
106496
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235614247.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
A8F2000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1988456082.000000000A8F2000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A8F2000
|
Size: |
8192
|
|
38E4015E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2264536282.000038E4015E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4015E4000
|
Size: |
61440
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235331072.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
38E401A18000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2261446695.000038E401A18000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401A18000
|
Size: |
94208
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230317151.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
128C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047080551.000000000128C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
128C000
|
Size: |
16384
|
|
38E400CBC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2237087360.000038E400CBC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400CBC000
|
Size: |
16384
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2229311783.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
38E400398000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2242240000.000038E400398000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400398000
|
Size: |
12288
|
|
38E400220000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2221434469.000038E400220000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400220000
|
Size: |
16384
|
|
196E815B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238732525.00000196E815B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E815B000
|
Size: |
4096
|
|
A48E000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047818882.000000000A48E000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A48E000
|
Size: |
8192
|
|
A614000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989185499.000000000A614000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A614000
|
Size: |
32768
|
|
51C0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592418831.00000000051C0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
51C0000
|
Size: |
4096
|
|
38E401B24000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263269879.000038E401B24000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401B24000
|
Size: |
61440
|
|
38E4002A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2223183516.000038E4002A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4002A4000
|
Size: |
4096
|
|
4C0000320000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219086273.00004C0000320000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000320000
|
Size: |
4096
|
|
38E401444000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2255648046.000038E401444000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401444000
|
Size: |
24576
|
|
A690000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1838794108.000000000A690000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A690000
|
Size: |
307200
|
|
4C000033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219021738.00004C000033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C000033C000
|
Size: |
8192
|
|
59BA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2595134749.00000000059BA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
59BA000
|
Size: |
172032
|
|
38E401850000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267309857.000038E401850000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401850000
|
Size: |
49152
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230654071.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
4EFC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592258150.0000000004EFC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4EFC000
|
Size: |
16384
|
|
A6FA000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048692933.000000000A6FA000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A6FA000
|
Size: |
4096
|
|
2D7F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2590925672.0000000002D7F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2D7F000
|
Size: |
4096
|
|
2DFC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2590994053.0000000002DFC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2DFC000
|
Size: |
98304
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2E15000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2590994053.0000000002E15000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E15000
|
Size: |
16384
|
|
4C000080C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2262797997.00004C000080C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C000080C000
|
Size: |
323584
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
5310000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.0000000005310000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5310000
|
Size: |
4096
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235745744.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E401384000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2260164936.000038E401384000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401384000
|
Size: |
114688
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
38E4017A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266441148.000038E4017A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4017A8000
|
Size: |
118784
|
|
38E401044000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2254843987.000038E401044000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401044000
|
Size: |
135168
|
|
5351000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2347785583.0000000005351000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5351000
|
Size: |
32768
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233380575.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
F6E000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2046837948.0000000000F6E000.00000004.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
F6E000
|
Size: |
8192
|
|
38E400CAC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2242335362.000038E400CAC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400CAC000
|
Size: |
16384
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
31AE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2591941059.00000000031AE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
31AE000
|
Size: |
4096
|
|
38E400398000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2244390715.000038E400398000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400398000
|
Size: |
12288
|
|
38E400824000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2240702237.000038E400824000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400824000
|
Size: |
69632
|
|
38E401864000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267626033.000038E401864000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401864000
|
Size: |
36864
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234971843.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
38E4015B4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2264399295.000038E4015B4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4015B4000
|
Size: |
49152
|
|
38E400824000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2242052812.000038E400824000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400824000
|
Size: |
73728
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2226703315.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235246892.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
273E000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2688062742.000000000273E000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
273E000
|
Size: |
8192
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234221351.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
38E401AE4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2262549642.000038E401AE4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401AE4000
|
Size: |
126976
|
|
14F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047150825.00000000014F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
14F0000
|
Size: |
16384
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234826621.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
38E40160C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2264337964.000038E40160C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40160C000
|
Size: |
241664
|
|
38E401AF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2262713382.000038E401AF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401AF0000
|
Size: |
77824
|
|
A538000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048074692.000000000A538000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A538000
|
Size: |
4096
|
|
A730000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048853437.000000000A730000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A730000
|
Size: |
53248
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2227349692.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
A710000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1838794108.000000000A710000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A710000
|
Size: |
4096
|
|
38E4015C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2264012329.000038E4015C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4015C0000
|
Size: |
126976
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
A494000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047818882.000000000A494000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A494000
|
Size: |
4096
|
|
196E814E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239362517.00000196E814E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814E000
|
Size: |
20480
|
|
5626000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.0000000005626000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5626000
|
Size: |
8192
|
|
38E401414000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2255823137.000038E401414000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401414000
|
Size: |
53248
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
38E40180C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266983009.000038E40180C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40180C000
|
Size: |
49152
|
|
2EA8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2211366125.0000000002EA8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2EA8000
|
Size: |
4096
|
|
38E401A94000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2262018017.000038E401A94000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401A94000
|
Size: |
102400
|
|
38E40033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2236257564.000038E40033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40033C000
|
Size: |
8192
|
|
38E401AC4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2262224641.000038E401AC4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401AC4000
|
Size: |
258048
|
|
A5E6000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989246252.000000000A5E6000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A5E6000
|
Size: |
73728
|
|
3AF4002BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2215383338.00003AF4002BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3AF4002BC000
|
Size: |
4096
|
|
A452000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989933629.000000000A452000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A452000
|
Size: |
36864
|
|
A672000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048641949.000000000A672000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A672000
|
Size: |
8192
|
|
A66E000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048629976.000000000A66E000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A66E000
|
Size: |
8192
|
|
38E400378000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2224311703.000038E400378000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400378000
|
Size: |
8192
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230815036.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
38E400E6C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238575453.000038E400E6C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400E6C000
|
Size: |
8192
|
|
38E401718000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265802450.000038E401718000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401718000
|
Size: |
192512
|
|
4C0000678000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2220192419.00004C0000678000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000678000
|
Size: |
49152
|
|
750000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2590576924.0000000000750000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
750000
|
Size: |
40960
|
|
A5A0000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989364223.000000000A5A0000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A5A0000
|
Size: |
8192
|
|
38E401798000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266581262.000038E401798000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401798000
|
Size: |
61440
|
|
38E401860000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267154568.000038E401860000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401860000
|
Size: |
53248
|
|
A462000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047818882.000000000A462000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A462000
|
Size: |
4096
|
|
56B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2594942743.00000000056B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
56B0000
|
Size: |
12288
|
|
3AF4002B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2215343187.00003AF4002B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3AF4002B0000
|
Size: |
4096
|
|
38E400EBC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239311923.000038E400EBC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400EBC000
|
Size: |
20480
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
F72000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2046890445.0000000000F72000.00000004.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
F72000
|
Size: |
24576
|
|
4C0000630000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219604897.00004C0000630000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000630000
|
Size: |
61440
|
|
38E4001C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2222764149.000038E4001C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4001C8000
|
Size: |
32768
|
|
A55C000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989534715.000000000A55C000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A55C000
|
Size: |
4096
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2228960400.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230696004.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
38E400384000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2240120999.000038E400384000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400384000
|
Size: |
16384
|
|
38E401CB4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2269290004.000038E401CB4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401CB4000
|
Size: |
24576
|
|
38E4016D4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266363530.000038E4016D4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4016D4000
|
Size: |
49152
|
|
38E400D74000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238191532.000038E400D74000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400D74000
|
Size: |
12288
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232304317.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235378143.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
196E8143000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2236845042.00000196E8143000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8143000
|
Size: |
16384
|
|
A5A2000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989322494.000000000A5A2000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A5A2000
|
Size: |
4096
|
|
196E815B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238406672.00000196E815B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E815B000
|
Size: |
4096
|
|
2A4FF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2049208855.000000002A4FF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2A4FF000
|
Size: |
4096
|
|
38E4019C4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2261567127.000038E4019C4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4019C4000
|
Size: |
49152
|
|
2EA9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2219877555.0000000002EA9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2EA9000
|
Size: |
8192
|
|
A484000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047818882.000000000A484000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A484000
|
Size: |
4096
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235880364.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2228355683.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
A8F4000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1907935229.000000000A8F4000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A8F4000
|
Size: |
65536
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
52C8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.00000000052C8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
52C8000
|
Size: |
12288
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238942318.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
106496
|
|
38E401A58000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2261710487.000038E401A58000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401A58000
|
Size: |
110592
|
|
38E400F58000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2255034082.000038E400F58000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400F58000
|
Size: |
28672
|
|
531F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.000000000531F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
531F000
|
Size: |
8192
|
|
A484000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989933629.000000000A484000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A484000
|
Size: |
4096
|
|
A712000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048828709.000000000A712000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A712000
|
Size: |
4096
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232489575.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
38E4017F4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266773836.000038E4017F4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4017F4000
|
Size: |
16384
|
|
4C000033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2220598903.00004C000033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C000033C000
|
Size: |
8192
|
|
A603000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989185499.000000000A603000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A603000
|
Size: |
32768
|
|
38E4019D4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2261261884.000038E4019D4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4019D4000
|
Size: |
126976
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
5725000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2594942743.0000000005725000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5725000
|
Size: |
8192
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230317151.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
12288
|
|
1AF5000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047395251.0000000001AF5000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
1AF5000
|
Size: |
16384
|
|
A632000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989126373.000000000A632000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A632000
|
Size: |
12288
|
|
38E40142C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2255550921.000038E40142C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40142C000
|
Size: |
94208
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2227349692.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2226856162.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
A55A000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048074692.000000000A55A000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A55A000
|
Size: |
8192
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2227564128.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233089552.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
3AF4002BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2215356511.00003AF4002BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3AF4002BC000
|
Size: |
4096
|
|
2E77000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2301223687.0000000002E77000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E77000
|
Size: |
172032
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233445439.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
38E401424000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2255485251.000038E401424000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401424000
|
Size: |
126976
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233898014.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
5363000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.0000000005363000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5363000
|
Size: |
16384
|
|
38E4018C4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267747299.000038E4018C4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4018C4000
|
Size: |
77824
|
|
1AA0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047367477.0000000001AA0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1AA0000
|
Size: |
4096
|
|
2FAE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2591365945.0000000002FAE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2FAE000
|
Size: |
8192
|
|
A636000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989126373.000000000A636000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A636000
|
Size: |
8192
|
|
196E8142000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2225678659.00000196E8142000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8142000
|
Size: |
4096
|
|
4C0000408000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2220364681.00004C0000408000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000408000
|
Size: |
4096
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2228701814.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
38E4017D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267685467.000038E4017D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4017D0000
|
Size: |
49152
|
|
38E401598000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2264160038.000038E401598000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401598000
|
Size: |
61440
|
|
A914000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048981014.000000000A914000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A914000
|
Size: |
372736
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
38E40033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2242898603.000038E40033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40033C000
|
Size: |
8192
|
|
38E4017F8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266748675.000038E4017F8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4017F8000
|
Size: |
16384
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232031555.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
AB48000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2049095926.000000000AB48000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
AB48000
|
Size: |
372736
|
|
4C000075C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2220541653.00004C000075C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C000075C000
|
Size: |
77824
|
|
A914000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1907885866.000000000A914000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A914000
|
Size: |
372736
|
|
38E4015CC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2264192344.000038E4015CC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4015CC000
|
Size: |
77824
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
38E401A84000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2261940728.000038E401A84000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401A84000
|
Size: |
16384
|
|
2DFC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2166376249.0000000002DFC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2DFC000
|
Size: |
94208
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
4C0000754000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2220460690.00004C0000754000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000754000
|
Size: |
110592
|
|
5722000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2541657231.0000000005722000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5722000
|
Size: |
81920
|
|
51B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2194512056.00000000051B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
51B0000
|
Size: |
172032
|
|
3AF4002C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2215600113.00003AF4002C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3AF4002C0000
|
Size: |
4096
|
|
A55A000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989605713.000000000A55A000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A55A000
|
Size: |
8192
|
|
3AF4002A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2215326787.00003AF4002A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3AF4002A0000
|
Size: |
4096
|
|
A48E000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989933629.000000000A48E000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A48E000
|
Size: |
8192
|
|
A5CA000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048431521.000000000A5CA000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A5CA000
|
Size: |
12288
|
|
A56C000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048285283.000000000A56C000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A56C000
|
Size: |
36864
|
|
38E401444000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2255550921.000038E401444000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401444000
|
Size: |
24576
|
|
50B1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2295800959.00000000050B1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
50B1000
|
Size: |
233472
|
|
38E401D50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2269452621.000038E401D50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401D50000
|
Size: |
12288
|
|
38E4012BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2243763732.000038E4012BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4012BC000
|
Size: |
53248
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232031555.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
A6FC000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048692933.000000000A6FC000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A6FC000
|
Size: |
40960
|
|
A85C000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048868715.000000000A85C000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A85C000
|
Size: |
372736
|
|
38E401990000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2289289266.000038E401990000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401990000
|
Size: |
8192
|
|
910000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2590747601.0000000000910000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
910000
|
Size: |
16384
|
|
1588000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047187029.0000000001588000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
1588000
|
Size: |
28672
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2227007101.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E400F7C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2240389787.000038E400F7C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400F7C000
|
Size: |
20480
|
|
A580000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048342138.000000000A580000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A580000
|
Size: |
32768
|
|
38E401828000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266850354.000038E401828000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401828000
|
Size: |
77824
|
|
196E813E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2226614971.00000196E813E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E813E000
|
Size: |
4096
|
|
A6FC000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1838794108.000000000A6FC000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A6FC000
|
Size: |
40960
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234826621.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
52EB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.00000000052EB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
52EB000
|
Size: |
8192
|
|
4C0000320000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219265801.00004C0000320000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000320000
|
Size: |
4096
|
|
38E400F7C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239502337.000038E400F7C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400F7C000
|
Size: |
20480
|
|
A714000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1988536197.000000000A714000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A714000
|
Size: |
8192
|
|
196E8145000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2224208559.00000196E8145000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8145000
|
Size: |
8192
|
|
A5CE000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048431521.000000000A5CE000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A5CE000
|
Size: |
28672
|
|
5731000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2594942743.0000000005731000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5731000
|
Size: |
24576
|
|
38E401770000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266306106.000038E401770000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401770000
|
Size: |
110592
|
|
A508000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989605713.000000000A508000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A508000
|
Size: |
4096
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2228583035.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
38E40183C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266884353.000038E40183C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40183C000
|
Size: |
200704
|
|
38E400F70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2243178561.000038E400F70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400F70000
|
Size: |
4096
|
|
AA72000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1921970463.000000000AA72000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
AA72000
|
Size: |
65536
|
|
3AF4002BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2215577843.00003AF4002BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3AF4002BC000
|
Size: |
4096
|
|
67B8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596741530.00000000067B8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
67B8000
|
Size: |
4096
|
|
A42E000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047676171.000000000A42E000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A42E000
|
Size: |
4096
|
|
196E816C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238200763.00000196E816C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E816C000
|
Size: |
12288
|
|
38E401614000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265012327.000038E401614000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401614000
|
Size: |
98304
|
|
AA92000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2049095926.000000000AA92000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
AA92000
|
Size: |
741376
|
|
38E401990000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2260551562.000038E401990000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401990000
|
Size: |
65536
|
|
54F2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.00000000054F2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
54F2000
|
Size: |
8192
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238070925.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
12288
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2226441652.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235469532.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
A5A0000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048386577.000000000A5A0000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A5A0000
|
Size: |
8192
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2231029460.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
5393000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.0000000005393000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5393000
|
Size: |
16384
|
|
38E401C6C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2269290004.000038E401C6C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401C6C000
|
Size: |
196608
|
|
2E6E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2125043127.0000000002E6E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E6E000
|
Size: |
16384
|
|
38E401994000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2289289266.000038E401994000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401994000
|
Size: |
16384
|
|
38E400F0C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2241109310.000038E400F0C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400F0C000
|
Size: |
159744
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
A5B6000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989322494.000000000A5B6000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A5B6000
|
Size: |
24576
|
|
50B1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2194457557.00000000050B1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
50B1000
|
Size: |
65536
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230893076.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
A5F8000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989185499.000000000A5F8000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A5F8000
|
Size: |
24576
|
|
4F5E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592286554.0000000004F5E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4F5E000
|
Size: |
8192
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234177807.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E4013E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2256136832.000038E4013E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4013E0000
|
Size: |
32768
|
|
38E400C80000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2236431590.000038E400C80000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400C80000
|
Size: |
12288
|
|
6918000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596741530.0000000006918000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6918000
|
Size: |
4096
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232618352.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
4C00003EC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219284084.00004C00003EC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C00003EC000
|
Size: |
8192
|
|
A552000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048074692.000000000A552000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A552000
|
Size: |
4096
|
|
196E816C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239429468.00000196E816C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E816C000
|
Size: |
28672
|
|
38E400CAC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2241983346.000038E400CAC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400CAC000
|
Size: |
16384
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
A614000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048513577.000000000A614000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A614000
|
Size: |
32768
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233380575.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
196E816C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238406672.00000196E816C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E816C000
|
Size: |
12288
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232182695.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
15F0000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047242712.00000000015F0000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
15F0000
|
Size: |
4096
|
|
38E400384000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2226446242.000038E400384000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400384000
|
Size: |
8192
|
|
38E400CAC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2254701351.000038E400CAC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400CAC000
|
Size: |
12288
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2231285073.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230577122.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
38E400CAC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238660390.000038E400CAC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400CAC000
|
Size: |
16384
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2A6F000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2688273583.0000000002A6F000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
2A6F000
|
Size: |
4096
|
|
555A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.000000000555A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
555A000
|
Size: |
4096
|
|
55AA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.00000000055AA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
55AA000
|
Size: |
16384
|
|
4C0000668000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219775642.00004C0000668000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000668000
|
Size: |
61440
|
|
38E400A28000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2240890834.000038E400A28000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400A28000
|
Size: |
4096
|
|
38E401450000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2278446884.000038E401450000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401450000
|
Size: |
53248
|
|
196E813E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2224559206.00000196E813E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E813E000
|
Size: |
4096
|
|
1AE0000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047395251.0000000001AE0000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
1AE0000
|
Size: |
16384
|
|
2A6BF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2049252283.000000002A6BF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2A6BF000
|
Size: |
4096
|
|
51B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2214708551.00000000051B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
51B0000
|
Size: |
172032
|
|
5BEB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2595659880.0000000005BEB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5BEB000
|
Size: |
4096
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2227349692.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
A46E000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989933629.000000000A46E000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A46E000
|
Size: |
4096
|
|
A712000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1988536197.000000000A712000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A712000
|
Size: |
4096
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230815036.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
52E9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.00000000052E9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
52E9000
|
Size: |
4096
|
|
55C8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.00000000055C8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
55C8000
|
Size: |
4096
|
|
55B6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.00000000055B6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
55B6000
|
Size: |
4096
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2226441652.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
61D9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596093008.00000000061D9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
61D9000
|
Size: |
4096
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232854301.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
5623000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.0000000005623000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5623000
|
Size: |
8192
|
|
5516000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.0000000005516000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5516000
|
Size: |
4096
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232618352.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
55B8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.00000000055B8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
55B8000
|
Size: |
4096
|
|
26FD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2688016372.00000000026FD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
26FD000
|
Size: |
12288
|
|
A6FA000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1988582309.000000000A6FA000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A6FA000
|
Size: |
4096
|
|
5720000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2594942743.0000000005720000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5720000
|
Size: |
8192
|
|
A47E000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047818882.000000000A47E000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A47E000
|
Size: |
12288
|
|
A57E000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989507715.000000000A57E000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A57E000
|
Size: |
4096
|
|
4C000085C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2262797997.00004C000085C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C000085C000
|
Size: |
28672
|
|
38E400BF4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2260468443.000038E400BF4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400BF4000
|
Size: |
32768
|
|
A71A000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1988520778.000000000A71A000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A71A000
|
Size: |
4096
|
|
A720000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1988483358.000000000A720000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A720000
|
Size: |
12288
|
|
196E8142000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2224559206.00000196E8142000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8142000
|
Size: |
4096
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235121567.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
38E4019E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2261407843.000038E4019E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4019E4000
|
Size: |
61440
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
38E401658000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265076680.000038E401658000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401658000
|
Size: |
77824
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233938109.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
A708000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1988582309.000000000A708000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A708000
|
Size: |
12288
|
|
A500000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048052512.000000000A500000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A500000
|
Size: |
32768
|
|
38E401AF4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263005302.000038E401AF4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401AF4000
|
Size: |
61440
|
|
38E401ACC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2262337832.000038E401ACC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401ACC000
|
Size: |
225280
|
|
55CC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.00000000055CC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
55CC000
|
Size: |
4096
|
|
38E4016A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265260011.000038E4016A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4016A0000
|
Size: |
77824
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2225568675.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
12288
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230696004.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
54AC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593362942.00000000054AC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
54AC000
|
Size: |
16384
|
|
2E1F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2166376249.0000000002E1F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E1F000
|
Size: |
36864
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
38E4015E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2264233468.000038E4015E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4015E0000
|
Size: |
77824
|
|
5371000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.0000000005371000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5371000
|
Size: |
12288
|
|
38E40170C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265676271.000038E40170C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40170C000
|
Size: |
241664
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232304317.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
38E401A9C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2262082217.000038E401A9C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401A9C000
|
Size: |
69632
|
|
38E401434000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2255726986.000038E401434000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401434000
|
Size: |
61440
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
57BA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2595134749.00000000057BA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
57BA000
|
Size: |
4096
|
|
38E40120C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2242954240.000038E40120C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40120C000
|
Size: |
356352
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
A47E000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989933629.000000000A47E000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A47E000
|
Size: |
12288
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2228960400.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
38E401A1C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2261482244.000038E401A1C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401A1C000
|
Size: |
77824
|
|
2E1A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2166376249.0000000002E1A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E1A000
|
Size: |
8192
|
|
38E401B0C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2262929584.000038E401B0C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401B0C000
|
Size: |
77824
|
|
A3AA000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047540698.000000000A3AA000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A3AA000
|
Size: |
20480
|
|
38E4019F8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2261375027.000038E4019F8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4019F8000
|
Size: |
16384
|
|
38E400F70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2260523199.000038E400F70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400F70000
|
Size: |
4096
|
|
52EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.00000000052EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
52EE000
|
Size: |
4096
|
|
2E6F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2194338761.0000000002E6F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E6F000
|
Size: |
16384
|
|
38E401A5C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2261790534.000038E401A5C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401A5C000
|
Size: |
94208
|
|
A5A4000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989322494.000000000A5A4000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A5A4000
|
Size: |
69632
|
|
A5BC000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989266919.000000000A5BC000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A5BC000
|
Size: |
49152
|
|
38E40184C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267115278.000038E40184C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40184C000
|
Size: |
65536
|
|
4C0000684000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219753968.00004C0000684000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000684000
|
Size: |
159744
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
5230000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2295970320.0000000005230000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5230000
|
Size: |
184320
|
|
3AF4002C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2215814718.00003AF4002C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3AF4002C8000
|
Size: |
4096
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232489575.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
A56C000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989534715.000000000A56C000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A56C000
|
Size: |
36864
|
|
38E400CAC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2243048149.000038E400CAC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400CAC000
|
Size: |
40960
|
|
38E401AA4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2262155991.000038E401AA4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401AA4000
|
Size: |
36864
|
|
38E400BF4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267986100.000038E400BF4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400BF4000
|
Size: |
8192
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
A6F4000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048692933.000000000A6F4000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A6F4000
|
Size: |
12288
|
|
38E400384000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2237213379.000038E400384000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400384000
|
Size: |
8192
|
|
2C50000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2687632257.0000000002C50000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2C50000
|
Size: |
20480
|
|
A600000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048513577.000000000A600000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A600000
|
Size: |
8192
|
|
546C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593334543.000000000546C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
546C000
|
Size: |
16384
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2231149263.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
38E401A20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2261602591.000038E401A20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401A20000
|
Size: |
61440
|
|
38E40033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2236182541.000038E40033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40033C000
|
Size: |
8192
|
|
195D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047325627.000000000195D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
195D000
|
Size: |
12288
|
|
38E401704000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265650746.000038E401704000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401704000
|
Size: |
16384
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235794129.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
A530000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989605713.000000000A530000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A530000
|
Size: |
28672
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230317151.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
38E401AD4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2271305087.000038E401AD4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401AD4000
|
Size: |
4096
|
|
5325000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.0000000005325000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5325000
|
Size: |
4096
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230317151.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E40033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239234198.000038E40033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40033C000
|
Size: |
8192
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2227937440.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
F2B000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2046736372.0000000000F2B000.00000004.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
F2B000
|
Size: |
40960
|
|
5384000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.0000000005384000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5384000
|
Size: |
4096
|
|
52B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.00000000052B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
52B0000
|
Size: |
61440
|
|
38E4001E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2221813508.000038E4001E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4001E0000
|
Size: |
16384
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230776649.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
4C0000730000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2220276447.00004C0000730000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000730000
|
Size: |
77824
|
|
2E77000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2211318950.0000000002E77000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E77000
|
Size: |
172032
|
|
A444000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1990077054.000000000A444000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A444000
|
Size: |
4096
|
|
678D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596741530.000000000678D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
678D000
|
Size: |
4096
|
|
557A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.000000000557A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
557A000
|
Size: |
16384
|
|
1580000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047187029.0000000001580000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
1580000
|
Size: |
4096
|
|
4C0000714000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2220224929.00004C0000714000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000714000
|
Size: |
53248
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232714979.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
5810000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2595134749.0000000005810000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5810000
|
Size: |
8192
|
|
38E401AA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2262189244.000038E401AA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401AA0000
|
Size: |
16384
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234418113.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235614247.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
1A5F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047340037.0000000001A5F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1A5F000
|
Size: |
4096
|
|
38E4003DC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2224582765.000038E4003DC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4003DC000
|
Size: |
4096
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232618352.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
7C0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2590658962.00000000007C0000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7C0000
|
Size: |
4096
|
|
38E401890000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267436182.000038E401890000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401890000
|
Size: |
126976
|
|
A59A000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989445736.000000000A59A000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A59A000
|
Size: |
4096
|
|
38E400F34000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2242107609.000038E400F34000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400F34000
|
Size: |
139264
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
4D3C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592132284.0000000004D3C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4D3C000
|
Size: |
16384
|
|
A588000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989477388.000000000A588000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A588000
|
Size: |
8192
|
|
A498000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047977753.000000000A498000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A498000
|
Size: |
4096
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234826621.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2231066809.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
A676000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048653856.000000000A676000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A676000
|
Size: |
24576
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232134189.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
3AF4002D8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2215830110.00003AF4002D8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3AF4002D8000
|
Size: |
4096
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
AA42000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1922020829.000000000AA42000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
AA42000
|
Size: |
65536
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230450575.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
138E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047097563.000000000138E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
138E000
|
Size: |
8192
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234072893.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
38E4019C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2261203178.000038E4019C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4019C0000
|
Size: |
208896
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
38E401B14000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263029971.000038E401B14000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401B14000
|
Size: |
45056
|
|
ABA4000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2049095926.000000000ABA4000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
ABA4000
|
Size: |
237568
|
|
2DE1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2166376249.0000000002DE1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2DE1000
|
Size: |
16384
|
|
38E401748000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266013715.000038E401748000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401748000
|
Size: |
274432
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
55FD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.00000000055FD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
55FD000
|
Size: |
4096
|
|
5D23000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2595659880.0000000005D23000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5D23000
|
Size: |
4096
|
|
38E401344000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2260766803.000038E401344000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401344000
|
Size: |
143360
|
|
A49A000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047977753.000000000A49A000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A49A000
|
Size: |
36864
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235378143.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
38E401D2B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2269452621.000038E401D2B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401D2B000
|
Size: |
4096
|
|
4F20000
|
remote allocation
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2047131105.0000000004F20000.00000004.00000400.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
remote allocation
|
Protect: |
page read and write
|
Base address: |
4F20000
|
Size: |
4096
|
|
4C00006E8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2220033940.00004C00006E8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C00006E8000
|
Size: |
176128
|
|
38E401C68000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2269111731.000038E401C68000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401C68000
|
Size: |
212992
|
|
A578000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048285283.000000000A578000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A578000
|
Size: |
4096
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234633978.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E400214000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2221470920.000038E400214000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400214000
|
Size: |
16384
|
|
38E400A28000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2240218299.000038E400A28000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400A28000
|
Size: |
4096
|
|
38E401CB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2269290004.000038E401CB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401CB0000
|
Size: |
12288
|
|
4C0000610000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219543633.00004C0000610000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000610000
|
Size: |
192512
|
|
38E40038C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2243796133.000038E40038C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40038C000
|
Size: |
36864
|
|
38E401368000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2260099041.000038E401368000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401368000
|
Size: |
229376
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
55DC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.00000000055DC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
55DC000
|
Size: |
4096
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2228701814.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234675912.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
196E8171000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239185743.00000196E8171000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8171000
|
Size: |
4096
|
|
38E400294000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2223124392.000038E400294000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400294000
|
Size: |
8192
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2231066809.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
539B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.000000000539B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
539B000
|
Size: |
77824
|
|
1AD0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047381304.0000000001AD0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1AD0000
|
Size: |
12288
|
|
38E4003C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233003898.000038E4003C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4003C8000
|
Size: |
69632
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
A566000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989534715.000000000A566000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A566000
|
Size: |
20480
|
|
4C0000700000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2220170604.00004C0000700000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000700000
|
Size: |
77824
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234500962.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
38E400BF8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238604625.000038E400BF8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400BF8000
|
Size: |
16384
|
|
F7C000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2046890445.0000000000F7C000.00000004.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
F7C000
|
Size: |
20480
|
|
38E401344000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2255324674.000038E401344000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401344000
|
Size: |
135168
|
|
5609000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.0000000005609000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5609000
|
Size: |
24576
|
|
CA7000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000002.2046412391.0000000000CA7000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
CA7000
|
Size: |
2633728
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found many strings related to Crypto-Wallets (likely being stolen) |
Stealing of Sensitive Information |
|
|
38E401A48000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2261758913.000038E401A48000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401A48000
|
Size: |
61440
|
|
196E814D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238643371.00000196E814D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814D000
|
Size: |
8192
|
|
38E40033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2268393733.000038E40033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40033C000
|
Size: |
8192
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234675912.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
38E401D3D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2269452621.000038E401D3D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401D3D000
|
Size: |
12288
|
|
38E40158C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263792533.000038E40158C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40158C000
|
Size: |
110592
|
|
38E400FDC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2240988471.000038E400FDC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400FDC000
|
Size: |
45056
|
|
38E4016CC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265343071.000038E4016CC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4016CC000
|
Size: |
208896
|
|
2DB0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2590994053.0000000002DB0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2DB0000
|
Size: |
28672
|
|
6778000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596741530.0000000006778000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6778000
|
Size: |
4096
|
|
A580000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989507715.000000000A580000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A580000
|
Size: |
32768
|
|
4C0000620000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219582003.00004C0000620000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000620000
|
Size: |
126976
|
|
38E40167C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265951948.000038E40167C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40167C000
|
Size: |
49152
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2231191154.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
38E4015A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2264509437.000038E4015A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4015A8000
|
Size: |
49152
|
|
6857000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596741530.0000000006857000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6857000
|
Size: |
8192
|
|
38E4013A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2259700545.000038E4013A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4013A0000
|
Size: |
77824
|
|
A710000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1988536197.000000000A710000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A710000
|
Size: |
4096
|
|
55E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.00000000055E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
55E7000
|
Size: |
4096
|
|
38E4001AC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2221247166.000038E4001AC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4001AC000
|
Size: |
4096
|
|
5891000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2595134749.0000000005891000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5891000
|
Size: |
4096
|
|
6882000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596741530.0000000006882000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6882000
|
Size: |
4096
|
|
38E400298000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2222916705.000038E400298000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400298000
|
Size: |
8192
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234925273.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E401714000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265764626.000038E401714000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401714000
|
Size: |
208896
|
|
50B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592373960.00000000050B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
50B0000
|
Size: |
225280
|
|
3AF4002B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2215613142.00003AF4002B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3AF4002B0000
|
Size: |
4096
|
|
38E4003C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238833587.000038E4003C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4003C8000
|
Size: |
61440
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found strings which match to known social media urls |
Networking |
|
|
A67E000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1988749327.000000000A67E000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A67E000
|
Size: |
8192
|
|
55E5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.00000000055E5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
55E5000
|
Size: |
4096
|
|
3AF4002A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2215564113.00003AF4002A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3AF4002A0000
|
Size: |
4096
|
|
552D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.000000000552D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
552D000
|
Size: |
8192
|
|
38E400BF4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238604625.000038E400BF4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400BF4000
|
Size: |
12288
|
|
A636000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048581669.000000000A636000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A636000
|
Size: |
8192
|
|
55E3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.00000000055E3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
55E3000
|
Size: |
4096
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233559096.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232489575.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
8BE000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2687520279.00000000008BE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
8BE000
|
Size: |
8192
|
|
38E4002F4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239234198.000038E4002F4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4002F4000
|
Size: |
151552
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found strings which match to known social media urls |
Networking |
|
|
38E400398000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2243150613.000038E400398000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400398000
|
Size: |
32768
|
|
A6F4000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1838794108.000000000A6F4000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A6F4000
|
Size: |
12288
|
|
5805000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2595134749.0000000005805000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5805000
|
Size: |
4096
|
|
38E400F58000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239129728.000038E400F58000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400F58000
|
Size: |
28672
|
|
38E400224000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2221394362.000038E400224000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400224000
|
Size: |
16384
|
|
196E8143000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232182695.00000196E8143000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8143000
|
Size: |
16384
|
|
38E4017E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267467879.000038E4017E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4017E0000
|
Size: |
61440
|
|
38E40021C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2221414471.000038E40021C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40021C000
|
Size: |
32768
|
|
A53A000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989605713.000000000A53A000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A53A000
|
Size: |
90112
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2227937440.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
60D9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596093008.00000000060D9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
60D9000
|
Size: |
4096
|
|
38E4001F4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2221637127.000038E4001F4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4001F4000
|
Size: |
16384
|
|
38E401B48000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263231369.000038E401B48000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401B48000
|
Size: |
53248
|
|
38E4001AC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2224443137.000038E4001AC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4001AC000
|
Size: |
4096
|
|
38E401A30000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2261518538.000038E401A30000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401A30000
|
Size: |
159744
|
|
38E4002F4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2242630344.000038E4002F4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4002F4000
|
Size: |
290816
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
196E8142000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2229102135.00000196E8142000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8142000
|
Size: |
4096
|
|
2E1E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2590994053.0000000002E1E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E1E000
|
Size: |
593920
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found many strings related to Crypto-Wallets (likely being stolen) |
Stealing of Sensitive Information |
|
Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
URLs found in memory or binary data |
Networking |
|
|
553B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.000000000553B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
553B000
|
Size: |
8192
|
|
38E401630000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2264781635.000038E401630000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401630000
|
Size: |
16384
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235378143.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232182695.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E401758000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266150096.000038E401758000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401758000
|
Size: |
208896
|
|
38E401044000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2283449100.000038E401044000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401044000
|
Size: |
204800
|
|
38E401638000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2264863535.000038E401638000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401638000
|
Size: |
61440
|
|
5BD3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2595659880.0000000005BD3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5BD3000
|
Size: |
4096
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
A426000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047676171.000000000A426000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A426000
|
Size: |
12288
|
|
4C000069C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2220150272.00004C000069C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C000069C000
|
Size: |
61440
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234675912.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E401C48000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2269777039.000038E401C48000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401C48000
|
Size: |
12288
|
|
38E40178C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267510320.000038E40178C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40178C000
|
Size: |
49152
|
|
38E4019F4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2261344449.000038E4019F4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4019F4000
|
Size: |
32768
|
|
3AF4002C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2215859118.00003AF4002C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3AF4002C0000
|
Size: |
4096
|
|
196E8171000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238942318.00000196E8171000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8171000
|
Size: |
4096
|
|
38E400C10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2236285357.000038E400C10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400C10000
|
Size: |
28672
|
|
38E400BF4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2242492187.000038E400BF4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400BF4000
|
Size: |
32768
|
|
38E401848000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267010785.000038E401848000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401848000
|
Size: |
151552
|
|
38E401A64000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2262676971.000038E401A64000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401A64000
|
Size: |
61440
|
|
A638000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989098868.000000000A638000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A638000
|
Size: |
184320
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234633978.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
38E400A28000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239346620.000038E400A28000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400A28000
|
Size: |
36864
|
|
1600000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047257849.0000000001600000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
1600000
|
Size: |
8192
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234763253.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234543823.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234027744.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
196E814E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239727833.00000196E814E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814E000
|
Size: |
20480
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2231066809.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E4013E8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2255985345.000038E4013E8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4013E8000
|
Size: |
53248
|
|
51B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2500479780.00000000051B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
51B0000
|
Size: |
159744
|
|
38E40171C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265842029.000038E40171C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40171C000
|
Size: |
176128
|
|
2E7A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2219908741.0000000002E7A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E7A000
|
Size: |
159744
|
|
38E401898000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267535948.000038E401898000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401898000
|
Size: |
94208
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2231191154.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E400CBC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238889870.000038E400CBC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400CBC000
|
Size: |
16384
|
|
38E4018E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2260551562.000038E4018E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4018E0000
|
Size: |
106496
|
|
1AE8000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047395251.0000000001AE8000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
1AE8000
|
Size: |
12288
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2224208559.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
16384
|
|
4C00006B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219812405.00004C00006B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C00006B0000
|
Size: |
208896
|
|
196E8142000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2226614971.00000196E8142000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8142000
|
Size: |
4096
|
|
5524000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.0000000005524000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5524000
|
Size: |
4096
|
|
3AF4002BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2215397508.00003AF4002BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3AF4002BC000
|
Size: |
4096
|
|
4C0000330000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219125911.00004C0000330000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000330000
|
Size: |
4096
|
|
5371000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2347785583.0000000005371000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5371000
|
Size: |
4096
|
|
38E400F70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2242926367.000038E400F70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400F70000
|
Size: |
4096
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2229311783.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
38E400CAC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2236839710.000038E400CAC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400CAC000
|
Size: |
16384
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
A42A000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047676171.000000000A42A000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A42A000
|
Size: |
8192
|
|
A726000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1988483358.000000000A726000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A726000
|
Size: |
16384
|
|
38E4018A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267718629.000038E4018A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4018A0000
|
Size: |
61440
|
|
915000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2590747601.0000000000915000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
915000
|
Size: |
16384
|
|
4C000060C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219739054.00004C000060C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C000060C000
|
Size: |
16384
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230934627.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230450575.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
12288
|
|
38E400228000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2221374446.000038E400228000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400228000
|
Size: |
16384
|
|
23E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2687994002.00000000023E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
23E0000
|
Size: |
20480
|
|
196E814F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2224208559.00000196E814F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814F000
|
Size: |
8192
|
|
5584000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.0000000005584000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5584000
|
Size: |
8192
|
|
1610000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047274422.0000000001610000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
1610000
|
Size: |
8192
|
|
38E401B84000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263558554.000038E401B84000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401B84000
|
Size: |
20480
|
|
196E813E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2225678659.00000196E813E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E813E000
|
Size: |
4096
|
|
536C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2347785583.000000000536C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
536C000
|
Size: |
8192
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235121567.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
52E6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.00000000052E6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
52E6000
|
Size: |
8192
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
8C0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2687542917.00000000008C0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
8C0000
|
Size: |
20480
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2231029460.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232345684.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
7A0000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000000.1735423995.00000000007A0000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
7A0000
|
Size: |
4096
|
|
5322000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.0000000005322000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5322000
|
Size: |
8192
|
|
38E401B80000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263485695.000038E401B80000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401B80000
|
Size: |
36864
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235331072.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E401434000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263450564.000038E401434000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401434000
|
Size: |
65536
|
|
38E401CB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2269111731.000038E401CB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401CB0000
|
Size: |
12288
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232760140.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
4C00006B4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219855681.00004C00006B4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C00006B4000
|
Size: |
192512
|
|
55BD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.00000000055BD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
55BD000
|
Size: |
12288
|
|
38E401174000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2242528449.000038E401174000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401174000
|
Size: |
20480
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233265161.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
FDB000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000000.1736688912.0000000000FDB000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
FDB000
|
Size: |
98304
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
|
60EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596093008.00000000060EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
60EE000
|
Size: |
4096
|
|
38E400294000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238381169.000038E400294000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400294000
|
Size: |
45056
|
|
38E401B10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263090621.000038E401B10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401B10000
|
Size: |
16384
|
|
A552000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989605713.000000000A552000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A552000
|
Size: |
4096
|
|
55A4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.00000000055A4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
55A4000
|
Size: |
12288
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239509350.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
57344
|
|
38E4016D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265448978.000038E4016D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4016D0000
|
Size: |
192512
|
|
4F20000
|
remote allocation
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2047109407.0000000004F20000.00000004.00000400.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
remote allocation
|
Protect: |
page read and write
|
Base address: |
4F20000
|
Size: |
4096
|
|
55EC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.00000000055EC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
55EC000
|
Size: |
4096
|
|
196E8171000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239326354.00000196E8171000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8171000
|
Size: |
4096
|
|
38E401018000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2240963206.000038E401018000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401018000
|
Size: |
53248
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
A45C000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047818882.000000000A45C000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A45C000
|
Size: |
8192
|
|
4DBF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592194123.0000000004DBF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4DBF000
|
Size: |
4096
|
|
AA82000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1921887318.000000000AA82000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
AA82000
|
Size: |
61440
|
|
7A0000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000002.2046165570.00000000007A0000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
7A0000
|
Size: |
4096
|
|
917000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2500428667.0000000000917000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
917000
|
Size: |
4096
|
|
AA52000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1922004052.000000000AA52000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
AA52000
|
Size: |
65536
|
|
196E813E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233832831.00000196E813E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E813E000
|
Size: |
4096
|
|
38E401688000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265385894.000038E401688000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401688000
|
Size: |
49152
|
|
38E400EBC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2243076368.000038E400EBC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400EBC000
|
Size: |
20480
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
4C3E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592100882.0000000004C3E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4C3E000
|
Size: |
8192
|
|
6798000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596741530.0000000006798000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6798000
|
Size: |
4096
|
|
1AEC000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047395251.0000000001AEC000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
1AEC000
|
Size: |
32768
|
|
1B00000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047395251.0000000001B00000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
1B00000
|
Size: |
8192
|
|
38E401B70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2269046667.000038E401B70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401B70000
|
Size: |
8192
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230696004.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E401678000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2264964623.000038E401678000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401678000
|
Size: |
241664
|
|
38E40165C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265151373.000038E40165C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40165C000
|
Size: |
61440
|
|
626800234000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2215535219.0000626800234000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
626800234000
|
Size: |
4096
|
|
4C0000424000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2224844246.00004C0000424000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000424000
|
Size: |
4096
|
|
23B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2687913797.00000000023B0000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
23B0000
|
Size: |
4096
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234500962.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
5BBA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2595659880.0000000005BBA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5BBA000
|
Size: |
8192
|
|
38E401028000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2254751862.000038E401028000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401028000
|
Size: |
98304
|
|
38E400210000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2221495872.000038E400210000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400210000
|
Size: |
16384
|
|
38E400F58000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2242107609.000038E400F58000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400F58000
|
Size: |
28672
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234370733.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
5C93000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2595659880.0000000005C93000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5C93000
|
Size: |
4096
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2228355683.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
38E401B70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263342054.000038E401B70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401B70000
|
Size: |
4096
|
|
5667000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.0000000005667000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5667000
|
Size: |
4096
|
|
A980000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2049027314.000000000A980000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A980000
|
Size: |
933888
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Malicious sample detected (through community Yara rule) |
System Summary |
|
Yara signature match |
System Summary |
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2228960400.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
12288
|
|
537B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2347713831.000000000537B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
537B000
|
Size: |
4096
|
|
571D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2594942743.000000000571D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
571D000
|
Size: |
8192
|
|
38E4016B4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265236081.000038E4016B4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4016B4000
|
Size: |
57344
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233265161.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232441897.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230776649.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2231149263.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
2C0F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2688385428.0000000002C0F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2C0F000
|
Size: |
4096
|
|
38E401C0C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2261150909.000038E401C0C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401C0C000
|
Size: |
114688
|
|
6139000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596093008.0000000006139000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6139000
|
Size: |
4096
|
|
3AF4002E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2215844838.00003AF4002E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3AF4002E4000
|
Size: |
4096
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
38E401BE8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2260957551.000038E401BE8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401BE8000
|
Size: |
49152
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230934627.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E401AC8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2262283742.000038E401AC8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401AC8000
|
Size: |
241664
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234418113.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
A5B6000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048400151.000000000A5B6000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A5B6000
|
Size: |
24576
|
|
38E400F34000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2255034082.000038E400F34000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400F34000
|
Size: |
135168
|
|
610E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596093008.000000000610E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
610E000
|
Size: |
4096
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235525966.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
A4A4000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047977753.000000000A4A4000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A4A4000
|
Size: |
4096
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235066738.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
38E401A78000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263064548.000038E401A78000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401A78000
|
Size: |
49152
|
|
A714000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048828709.000000000A714000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A714000
|
Size: |
8192
|
|
38E400A28000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238475357.000038E400A28000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400A28000
|
Size: |
32768
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
587B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2595134749.000000000587B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
587B000
|
Size: |
4096
|
|
38E400384000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2224349399.000038E400384000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400384000
|
Size: |
8192
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2226856162.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
12288
|
|
4C0000654000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219641837.00004C0000654000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000654000
|
Size: |
143360
|
|
4C0000320000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2218898834.00004C0000320000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000320000
|
Size: |
4096
|
|
38E401878000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267264306.000038E401878000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401878000
|
Size: |
225280
|
|
38E400CAC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2241014255.000038E400CAC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400CAC000
|
Size: |
12288
|
|
38E4010A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2260379226.000038E4010A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4010A4000
|
Size: |
4096
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
196E814F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238345380.00000196E814F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814F000
|
Size: |
16384
|
|
38E400CAC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238412733.000038E400CAC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400CAC000
|
Size: |
8192
|
|
38E401584000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263750178.000038E401584000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401584000
|
Size: |
143360
|
|
A603000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048513577.000000000A603000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A603000
|
Size: |
32768
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2229311783.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
74E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2590576924.000000000074E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
74E000
|
Size: |
4096
|
|
196E816F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239691985.00000196E816F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E816F000
|
Size: |
20480
|
|
38E4001E8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2221710923.000038E4001E8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4001E8000
|
Size: |
16384
|
|
3AF4002C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2215436218.00003AF4002C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3AF4002C0000
|
Size: |
4096
|
|
38E4001F8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2221600234.000038E4001F8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4001F8000
|
Size: |
16384
|
|
2C57000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2687632257.0000000002C57000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2C57000
|
Size: |
49152
|
|
8E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2590717154.00000000008E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
8E0000
|
Size: |
8192
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238643371.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
12288
|
|
5327000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.0000000005327000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5327000
|
Size: |
12288
|
|
5612000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.0000000005612000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5612000
|
Size: |
8192
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2228583035.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
31A0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2591941059.00000000031A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
31A0000
|
Size: |
53248
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230577122.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
A52A000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989605713.000000000A52A000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A52A000
|
Size: |
20480
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2231191154.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
27A0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2688144174.00000000027A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
27A0000
|
Size: |
32768
|
|
A522000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989605713.000000000A522000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A522000
|
Size: |
28672
|
|
4C000039C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219510219.00004C000039C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C000039C000
|
Size: |
323584
|
|
38E402EEC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2288767408.000038E402EEC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E402EEC000
|
Size: |
12288
|
|
A454000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047818882.000000000A454000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A454000
|
Size: |
28672
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230537595.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235066738.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233445439.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
38E401320000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2255123077.000038E401320000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401320000
|
Size: |
135168
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234971843.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
4C00002FC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2218924715.00004C00002FC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C00002FC000
|
Size: |
69632
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234072893.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
55AF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.00000000055AF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
55AF000
|
Size: |
4096
|
|
2DB8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2590994053.0000000002DB8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2DB8000
|
Size: |
266240
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
URLs found in memory or binary data |
Networking |
|
|
38E401720000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265878318.000038E401720000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401720000
|
Size: |
159744
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234177807.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
38E4017F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266722246.000038E4017F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4017F0000
|
Size: |
49152
|
|
38E401844000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266947948.000038E401844000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401844000
|
Size: |
167936
|
|
A408000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047676171.000000000A408000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A408000
|
Size: |
69632
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
5389000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.0000000005389000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5389000
|
Size: |
12288
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2EA1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2347602061.0000000002EA1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2EA1000
|
Size: |
4096
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232345684.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
38E401A34000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2261680105.000038E401A34000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401A34000
|
Size: |
16384
|
|
38E401028000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2260620772.000038E401028000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401028000
|
Size: |
106496
|
|
A3BA000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047540698.000000000A3BA000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A3BA000
|
Size: |
4096
|
|
38E4001EC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2221683312.000038E4001EC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4001EC000
|
Size: |
16384
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234543823.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
4C0000248000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2218877515.00004C0000248000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000248000
|
Size: |
4096
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230654071.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
917000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2214668064.0000000000917000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
917000
|
Size: |
4096
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233898014.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
F2A000
|
unkown
|
page write copy
|
|
|
|
Name: |
00000000.00000000.1736414864.0000000000F2A000.00000008.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page write copy
|
Base address: |
F2A000
|
Size: |
299008
|
|
38E4017AC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266471145.000038E4017AC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4017AC000
|
Size: |
102400
|
|
38E4002E3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2224486444.000038E4002E3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4002E3000
|
Size: |
8192
|
|
38E401818000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266916538.000038E401818000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401818000
|
Size: |
65536
|
|
4D7E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592166559.0000000004D7E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4D7E000
|
Size: |
8192
|
|
38E40162C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2264431985.000038E40162C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40162C000
|
Size: |
110592
|
|
38E400BF8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2237119368.000038E400BF8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400BF8000
|
Size: |
16384
|
|
38E400F0C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239191287.000038E400F0C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400F0C000
|
Size: |
151552
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found strings which match to known social media urls |
Networking |
|
|
38E400F70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2240315927.000038E400F70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400F70000
|
Size: |
4096
|
|
535D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2347785583.000000000535D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
535D000
|
Size: |
8192
|
|
38E401028000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2279333672.000038E401028000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401028000
|
Size: |
102400
|
|
38E4016C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265298697.000038E4016C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4016C8000
|
Size: |
225280
|
|
2E28000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2116214159.0000000002E28000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E28000
|
Size: |
12288
|
|
38E401698000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265210814.000038E401698000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401698000
|
Size: |
16384
|
|
38E400370000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2224234136.000038E400370000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400370000
|
Size: |
4096
|
|
538D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.000000000538D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
538D000
|
Size: |
4096
|
|
38E400CAC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239549867.000038E400CAC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400CAC000
|
Size: |
12288
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234925273.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
38E401594000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263909633.000038E401594000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401594000
|
Size: |
77824
|
|
38E4016A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265420377.000038E4016A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4016A4000
|
Size: |
61440
|
|
A5D6000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989266919.000000000A5D6000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A5D6000
|
Size: |
65536
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2227211799.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
4C0000354000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219058753.00004C0000354000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000354000
|
Size: |
16384
|
|
2EAA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2347602061.0000000002EAA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2EAA000
|
Size: |
20480
|
|
A566000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048285283.000000000A566000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A566000
|
Size: |
20480
|
|
A6F4000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1988582309.000000000A6F4000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A6F4000
|
Size: |
12288
|
|
55F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.00000000055F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
55F3000
|
Size: |
8192
|
|
A66A000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989083209.000000000A66A000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A66A000
|
Size: |
8192
|
|
38E401A74000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2261973414.000038E401A74000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401A74000
|
Size: |
65536
|
|
67ED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596741530.00000000067ED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
67ED000
|
Size: |
4096
|
|
A670000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989049280.000000000A670000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A670000
|
Size: |
16384
|
|
A6EC000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048692933.000000000A6EC000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A6EC000
|
Size: |
28672
|
|
FA4000
|
unkown
|
page write copy
|
|
|
|
Name: |
00000000.00000002.2046977644.0000000000FA4000.00000008.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page write copy
|
Base address: |
FA4000
|
Size: |
4096
|
|
196E8143000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2225568675.00000196E8143000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8143000
|
Size: |
16384
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234027744.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E400A28000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2242019689.000038E400A28000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400A28000
|
Size: |
36864
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
38E401450000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2255794480.000038E401450000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401450000
|
Size: |
53248
|
|
27C3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2591056677.00000000027C3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
27C3000
|
Size: |
4096
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230893076.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
A462000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989933629.000000000A462000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A462000
|
Size: |
4096
|
|
38E401108000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2242800367.000038E401108000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401108000
|
Size: |
61440
|
|
6878000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596741530.0000000006878000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6878000
|
Size: |
4096
|
|
A970000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048981014.000000000A970000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A970000
|
Size: |
4096
|
|
54FA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.00000000054FA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
54FA000
|
Size: |
8192
|
|
4C000040C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2220406470.00004C000040C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C000040C000
|
Size: |
4096
|
|
196E816C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239509350.00000196E816C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E816C000
|
Size: |
32768
|
|
196E8142000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233162526.00000196E8142000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8142000
|
Size: |
4096
|
|
AA0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2687610645.0000000000AA0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
AA0000
|
Size: |
16384
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230577122.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
38E4019D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2261311666.000038E4019D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4019D0000
|
Size: |
16384
|
|
5677000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.0000000005677000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5677000
|
Size: |
4096
|
|
A6F8000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1988582309.000000000A6F8000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A6F8000
|
Size: |
4096
|
|
2A5BD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2049237045.000000002A5BD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2A5BD000
|
Size: |
12288
|
|
38E4001DC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2221868999.000038E4001DC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4001DC000
|
Size: |
16384
|
|
57B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2595134749.00000000057B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
57B0000
|
Size: |
4096
|
|
F6B000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2046798355.0000000000F6B000.00000004.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
F6B000
|
Size: |
8192
|
|
38E401654000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2264927851.000038E401654000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401654000
|
Size: |
94208
|
|
2D80000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2590962162.0000000002D80000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2D80000
|
Size: |
4096
|
|
27AB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2688144174.00000000027AB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
27AB000
|
Size: |
28672
|
|
6898000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596741530.0000000006898000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6898000
|
Size: |
4096
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234221351.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
38E401560000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263632282.000038E401560000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401560000
|
Size: |
143360
|
|
196E813B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2229755028.00000196E813B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E813B000
|
Size: |
8192
|
|
CA7000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000000.1735787345.0000000000CA7000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
CA7000
|
Size: |
2633728
|
|
38E400DDC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238685672.000038E400DDC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400DDC000
|
Size: |
36864
|
|
38E4015C4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2264066418.000038E4015C4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4015C4000
|
Size: |
110592
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
4C00006D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219948746.00004C00006D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C00006D0000
|
Size: |
77824
|
|
4C0000688000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219837607.00004C0000688000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000688000
|
Size: |
65536
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232441897.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235202256.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
38E4010A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266213099.000038E4010A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4010A4000
|
Size: |
4096
|
|
F35000
|
unkown
|
page write copy
|
|
|
|
Name: |
00000000.00000002.2046754412.0000000000F35000.00000008.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page write copy
|
Base address: |
F35000
|
Size: |
221184
|
|
38E4016EC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265520978.000038E4016EC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4016EC000
|
Size: |
77824
|
|
550A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.000000000550A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
550A000
|
Size: |
8192
|
|
2B00000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2688327716.0000000002B00000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2B00000
|
Size: |
8192
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2226441652.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
38E40029A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2236728987.000038E40029A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40029A000
|
Size: |
24576
|
|
A470000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989933629.000000000A470000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A470000
|
Size: |
28672
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232574317.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E400384000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2241814109.000038E400384000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400384000
|
Size: |
8192
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232489575.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
12288
|
|
14D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047135058.00000000014D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
14D0000
|
Size: |
4096
|
|
71B000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2590554745.000000000071B000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
71B000
|
Size: |
20480
|
|
38E401648000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2264738849.000038E401648000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401648000
|
Size: |
143360
|
|
7A1000
|
unkown
|
page execute read
|
|
|
|
Name: |
00000000.00000002.2046180645.00000000007A1000.00000020.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page execute read
|
Base address: |
7A1000
|
Size: |
3772416
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235246892.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
38E400398000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2241949611.000038E400398000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400398000
|
Size: |
12288
|
|
4C00006F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2220260125.00004C00006F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C00006F0000
|
Size: |
49152
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235525966.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
38E401738000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266386865.000038E401738000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401738000
|
Size: |
61440
|
|
38E400F70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2255264724.000038E400F70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400F70000
|
Size: |
4096
|
|
196E8170000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238200763.00000196E8170000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8170000
|
Size: |
8192
|
|
27C1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2688144174.00000000027C1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
27C1000
|
Size: |
20480
|
|
38E400F70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2241854373.000038E400F70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400F70000
|
Size: |
4096
|
|
38E401B98000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2260957551.000038E401B98000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401B98000
|
Size: |
49152
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235246892.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
38E401CB4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2269111731.000038E401CB4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401CB4000
|
Size: |
24576
|
|
A622000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989155228.000000000A622000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A622000
|
Size: |
36864
|
|
5C0B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2595659880.0000000005C0B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5C0B000
|
Size: |
4096
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233559096.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
9DF000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2687589262.00000000009DF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
9DF000
|
Size: |
4096
|
|
196E813D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2237091380.00000196E813D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E813D000
|
Size: |
8192
|
|
A6A6000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1988582309.000000000A6A6000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A6A6000
|
Size: |
217088
|
|
67E2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596741530.00000000067E2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
67E2000
|
Size: |
4096
|
|
2E71000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2152497371.0000000002E71000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E71000
|
Size: |
4096
|
|
1620000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047291816.0000000001620000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1620000
|
Size: |
20480
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2227081452.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
5687000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.0000000005687000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5687000
|
Size: |
143360
|
|
38E401990000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2260830345.000038E401990000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401990000
|
Size: |
65536
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2228866669.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E40199B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2289289266.000038E40199B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40199B000
|
Size: |
4096
|
|
38E401A60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2261831727.000038E401A60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401A60000
|
Size: |
77824
|
|
55D8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.00000000055D8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
55D8000
|
Size: |
4096
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2231066809.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
38E400824000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2236344335.000038E400824000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400824000
|
Size: |
69632
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235880364.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
38E4017B4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266551755.000038E4017B4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4017B4000
|
Size: |
69632
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235121567.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
38E40166C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265487346.000038E40166C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40166C000
|
Size: |
49152
|
|
38E4001B4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2221289038.000038E4001B4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4001B4000
|
Size: |
8192
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232760140.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
534E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.000000000534E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
534E000
|
Size: |
45056
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235745744.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2227081452.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234971843.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
12288
|
|
38E400F60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239666746.000038E400F60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400F60000
|
Size: |
53248
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233445439.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
2E70000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2166267923.0000000002E70000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E70000
|
Size: |
8192
|
|
38E4003C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2260902379.000038E4003C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4003C8000
|
Size: |
65536
|
|
52F1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.00000000052F1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
52F1000
|
Size: |
4096
|
|
4C0000368000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219108447.00004C0000368000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000368000
|
Size: |
4096
|
|
38E4012D4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2254566663.000038E4012D4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4012D4000
|
Size: |
86016
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2231285073.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2227937440.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
A400000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047676171.000000000A400000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A400000
|
Size: |
28672
|
|
38E401708000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265604323.000038E401708000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401708000
|
Size: |
258048
|
|
234D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2687892812.000000000234D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
234D000
|
Size: |
12288
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234221351.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235469532.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E401AD0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2262399333.000038E401AD0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401AD0000
|
Size: |
208896
|
|
38E400F60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2240930365.000038E400F60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400F60000
|
Size: |
53248
|
|
38E401560000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2260674767.000038E401560000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401560000
|
Size: |
143360
|
|
38E401A88000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2261911454.000038E401A88000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401A88000
|
Size: |
4096
|
|
38E40140C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2255904780.000038E40140C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40140C000
|
Size: |
32768
|
|
F9C000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2046890445.0000000000F9C000.00000004.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
F9C000
|
Size: |
12288
|
|
A446000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1990077054.000000000A446000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A446000
|
Size: |
49152
|
|
38E401B44000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263194482.000038E401B44000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401B44000
|
Size: |
69632
|
|
A50A000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989605713.000000000A50A000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A50A000
|
Size: |
90112
|
|
38E400A28000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2236147117.000038E400A28000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400A28000
|
Size: |
32768
|
|
5C5B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2595659880.0000000005C5B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5C5B000
|
Size: |
4096
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233938109.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
38E400FE8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2260869105.000038E400FE8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400FE8000
|
Size: |
65536
|
|
38E401444000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2255485251.000038E401444000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401444000
|
Size: |
24576
|
|
536C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.000000000536C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
536C000
|
Size: |
8192
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233559096.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
38E4001D8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2221910180.000038E4001D8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4001D8000
|
Size: |
16384
|
|
4C0000390000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219304220.00004C0000390000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000390000
|
Size: |
372736
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234221351.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
5344000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.0000000005344000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5344000
|
Size: |
4096
|
|
38E400F34000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267788975.000038E400F34000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400F34000
|
Size: |
143360
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233559096.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
4DFB000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592224753.0000000004DFB000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4DFB000
|
Size: |
20480
|
|
688D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596741530.000000000688D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
688D000
|
Size: |
4096
|
|
A6A8000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048692933.000000000A6A8000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A6A8000
|
Size: |
208896
|
|
2EA6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2347602061.0000000002EA6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2EA6000
|
Size: |
8192
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
SQL strings found in memory and binary data |
System Summary |
|
|
4F20000
|
remote allocation
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2047150209.0000000004F20000.00000004.00000400.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
remote allocation
|
Protect: |
page read and write
|
Base address: |
4F20000
|
Size: |
4096
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2227007101.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
38E401840000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267045552.000038E401840000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401840000
|
Size: |
16384
|
|
5BB4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2595659880.0000000005BB4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5BB4000
|
Size: |
4096
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2225568675.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
4096
|
|
196E813E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233162526.00000196E813E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E813E000
|
Size: |
4096
|
|
196E8142000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2237091380.00000196E8142000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8142000
|
Size: |
4096
|
|
2E73000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2179782019.0000000002E73000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E73000
|
Size: |
4096
|
|
38E401694000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265109549.000038E401694000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401694000
|
Size: |
126976
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230537595.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
317E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2591401841.000000000317E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
317E000
|
Size: |
8192
|
|
38E400BF8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267986100.000038E400BF8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400BF8000
|
Size: |
16384
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2227081452.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
38E401650000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2264820080.000038E401650000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401650000
|
Size: |
110592
|
|
4C0000330000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219039490.00004C0000330000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000330000
|
Size: |
4096
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232618352.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
14F5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047150825.00000000014F5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
14F5000
|
Size: |
12288
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235202256.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
2E1A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2590994053.0000000002E1A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E1A000
|
Size: |
8192
|
|
38E40033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2255005988.000038E40033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40033C000
|
Size: |
20480
|
|
A560000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048285283.000000000A560000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A560000
|
Size: |
20480
|
|
A43B000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047676171.000000000A43B000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A43B000
|
Size: |
32768
|
|
4C0000760000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2220579336.00004C0000760000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000760000
|
Size: |
61440
|
|
38E401999000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2289289266.000038E401999000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401999000
|
Size: |
4096
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2228701814.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
AA32000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1922038128.000000000AA32000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
AA32000
|
Size: |
65536
|
|
A45C000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989933629.000000000A45C000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A45C000
|
Size: |
8192
|
|
A7A5000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048868715.000000000A7A5000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A7A5000
|
Size: |
745472
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233938109.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
4C0000704000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2220241798.00004C0000704000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000704000
|
Size: |
61440
|
|
196E8171000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239241112.00000196E8171000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8171000
|
Size: |
4096
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232574317.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
196E813B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2226614971.00000196E813B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E813B000
|
Size: |
4096
|
|
38E400DD8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238685672.000038E400DD8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400DD8000
|
Size: |
12288
|
|
38E400398000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2240284430.000038E400398000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400398000
|
Size: |
12288
|
|
38E401AEC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2262632791.000038E401AEC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401AEC000
|
Size: |
94208
|
|
38E400384000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2241411898.000038E400384000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400384000
|
Size: |
8192
|
|
38E401344000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2255123077.000038E401344000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401344000
|
Size: |
135168
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232714979.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
3AF4002BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2215423480.00003AF4002BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3AF4002BC000
|
Size: |
4096
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235121567.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
A6F8000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1838794108.000000000A6F8000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A6F8000
|
Size: |
4096
|
|
FA1000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2046890445.0000000000FA1000.00000004.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
FA1000
|
Size: |
4096
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234370733.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232182695.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
A470000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047818882.000000000A470000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A470000
|
Size: |
28672
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232345684.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
2E28000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2166299086.0000000002E28000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E28000
|
Size: |
12288
|
|
38E4003C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2240816128.000038E4003C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4003C8000
|
Size: |
69632
|
|
A55E000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989534715.000000000A55E000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A55E000
|
Size: |
28672
|
|
4C00006D4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2220008759.00004C00006D4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C00006D4000
|
Size: |
61440
|
|
3AF4002A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2215370580.00003AF4002A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3AF4002A0000
|
Size: |
4096
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234418113.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
535D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.000000000535D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
535D000
|
Size: |
8192
|
|
38E4015F8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2264272643.000038E4015F8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4015F8000
|
Size: |
16384
|
|
A66C000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989066160.000000000A66C000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A66C000
|
Size: |
16384
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2228355683.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
551C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.000000000551C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
551C000
|
Size: |
12288
|
|
38E400F70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2242304637.000038E400F70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400F70000
|
Size: |
4096
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230934627.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
5E0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2687457596.00000000005E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5E0000
|
Size: |
4096
|
|
61CE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596093008.00000000061CE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
61CE000
|
Size: |
4096
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234418113.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E401AD4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2262491693.000038E401AD4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401AD4000
|
Size: |
192512
|
|
612E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596093008.000000000612E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
612E000
|
Size: |
4096
|
|
38E400CA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2236644874.000038E400CA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400CA0000
|
Size: |
32768
|
|
4C0000418000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2222657898.00004C0000418000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000418000
|
Size: |
4096
|
|
38E4018B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267651114.000038E4018B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4018B0000
|
Size: |
159744
|
|
2E7D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2211366125.0000000002E7D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E7D000
|
Size: |
147456
|
|
A50A000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048074692.000000000A50A000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A50A000
|
Size: |
90112
|
|
38E401044000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2241145669.000038E401044000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401044000
|
Size: |
159744
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
4C0000310000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2218924715.00004C0000310000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000310000
|
Size: |
65536
|
|
38E4001AC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2222970597.000038E4001AC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4001AC000
|
Size: |
4096
|
|
50B1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2500378987.00000000050B1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
50B1000
|
Size: |
249856
|
|
A522000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048074692.000000000A522000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A522000
|
Size: |
28672
|
|
38E401734000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265985388.000038E401734000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401734000
|
Size: |
77824
|
|
A6FA000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1838794108.000000000A6FA000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A6FA000
|
Size: |
4096
|
|
38E400294000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2236728987.000038E400294000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400294000
|
Size: |
16384
|
|
A446000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047803146.000000000A446000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A446000
|
Size: |
49152
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232854301.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
38E400364000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2223906377.000038E400364000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400364000
|
Size: |
4096
|
|
A6F8000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048692933.000000000A6F8000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A6F8000
|
Size: |
4096
|
|
5535000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.0000000005535000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5535000
|
Size: |
20480
|
|
38E400398000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239435063.000038E400398000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400398000
|
Size: |
36864
|
|
38E40189C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267598108.000038E40189C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40189C000
|
Size: |
77824
|
|
38E401AD8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263676864.000038E401AD8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401AD8000
|
Size: |
49152
|
|
A466000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047818882.000000000A466000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A466000
|
Size: |
28672
|
|
38E4001F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2221659921.000038E4001F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4001F0000
|
Size: |
16384
|
|
196E815B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239429468.00000196E815B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E815B000
|
Size: |
4096
|
|
38E400FDC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2240509319.000038E400FDC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400FDC000
|
Size: |
45056
|
|
A58C000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048357146.000000000A58C000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A58C000
|
Size: |
40960
|
|
F70000
|
unkown
|
page write copy
|
|
|
|
Name: |
00000000.00000002.2046872434.0000000000F70000.00000008.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page write copy
|
Base address: |
F70000
|
Size: |
8192
|
|
4C0000640000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219621835.00004C0000640000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000640000
|
Size: |
77824
|
|
A538000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989605713.000000000A538000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A538000
|
Size: |
4096
|
|
5866000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2595134749.0000000005866000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5866000
|
Size: |
4096
|
|
38E4001B4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2223054167.000038E4001B4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4001B4000
|
Size: |
16384
|
|
38E4012EC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2254489565.000038E4012EC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4012EC000
|
Size: |
16384
|
|
AA92000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1921887318.000000000AA92000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
AA92000
|
Size: |
741376
|
|
A600000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989185499.000000000A600000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A600000
|
Size: |
8192
|
|
38E40038C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2254393787.000038E40038C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40038C000
|
Size: |
8192
|
|
38E401728000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266799427.000038E401728000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401728000
|
Size: |
49152
|
|
38E401018000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2258279774.000038E401018000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401018000
|
Size: |
53248
|
|
54B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593391786.00000000054B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
54B0000
|
Size: |
151552
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2236845042.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
12288
|
|
38E400294000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2243450279.000038E400294000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400294000
|
Size: |
8192
|
|
A4A8000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989860073.000000000A4A8000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A4A8000
|
Size: |
4096
|
|
74C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2590576924.000000000074C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
74C000
|
Size: |
4096
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2228282880.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E4001D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2222027538.000038E4001D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4001D0000
|
Size: |
16384
|
|
61A3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596093008.00000000061A3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
61A3000
|
Size: |
4096
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235660074.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
52D8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.00000000052D8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
52D8000
|
Size: |
12288
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2228701814.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
A904000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1907885866.000000000A904000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A904000
|
Size: |
61440
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233938109.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230696004.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
555C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.000000000555C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
555C000
|
Size: |
4096
|
|
A674000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989028627.000000000A674000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A674000
|
Size: |
32768
|
|
38E401460000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2260218151.000038E401460000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401460000
|
Size: |
110592
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
38E401320000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2260766803.000038E401320000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401320000
|
Size: |
143360
|
|
A35F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047511974.000000000A35F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
A35F000
|
Size: |
4096
|
|
38E400358000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2223739538.000038E400358000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400358000
|
Size: |
4096
|
|
38E401870000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267231513.000038E401870000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401870000
|
Size: |
16384
|
|
38E400FE8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2240848519.000038E400FE8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400FE8000
|
Size: |
69632
|
|
38E401A38000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2261631379.000038E401A38000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401A38000
|
Size: |
126976
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230410117.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E4014C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2260674767.000038E4014C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4014C0000
|
Size: |
651264
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
38E401480000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2268294957.000038E401480000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401480000
|
Size: |
4096
|
|
6962000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596741530.0000000006962000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6962000
|
Size: |
4096
|
|
38E401028000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2241042568.000038E401028000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401028000
|
Size: |
98304
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
196E8170000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238319973.00000196E8170000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8170000
|
Size: |
8192
|
|
38E4015F4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2264306033.000038E4015F4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4015F4000
|
Size: |
16384
|
|
A6A0000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048679215.000000000A6A0000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A6A0000
|
Size: |
24576
|
|
95E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2590833136.000000000095E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
95E000
|
Size: |
8192
|
|
5512000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.0000000005512000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5512000
|
Size: |
12288
|
|
38E4001D4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2221943593.000038E4001D4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4001D4000
|
Size: |
16384
|
|
562F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.000000000562F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
562F000
|
Size: |
4096
|
|
2E77000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2347744119.0000000002E77000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E77000
|
Size: |
172032
|
|
4C00006FC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2220056325.00004C00006FC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C00006FC000
|
Size: |
94208
|
|
38E4012F4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267921793.000038E4012F4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4012F4000
|
Size: |
110592
|
|
5951000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2595134749.0000000005951000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5951000
|
Size: |
299008
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
38E40020C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2221550210.000038E40020C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40020C000
|
Size: |
16384
|
|
5553000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.0000000005553000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5553000
|
Size: |
12288
|
|
A466000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989933629.000000000A466000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A466000
|
Size: |
28672
|
|
38E400294000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238779395.000038E400294000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400294000
|
Size: |
8192
|
|
38E400F70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239394726.000038E400F70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400F70000
|
Size: |
4096
|
|
38E40174C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266063815.000038E40174C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40174C000
|
Size: |
258048
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
38E401B7C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263373084.000038E401B7C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401B7C000
|
Size: |
53248
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233089552.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
589B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2595134749.000000000589B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
589B000
|
Size: |
4096
|
|
F6D000
|
unkown
|
page write copy
|
|
|
|
Name: |
00000000.00000002.2046814100.0000000000F6D000.00000008.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page write copy
|
Base address: |
F6D000
|
Size: |
4096
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2227211799.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
38E401754000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266188957.000038E401754000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401754000
|
Size: |
16384
|
|
6FD0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2561926459.0000000006FD0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6FD0000
|
Size: |
20480
|
|
FA5000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000002.2046990047.0000000000FA5000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
FA5000
|
Size: |
217088
|
|
38E401078000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2241077061.000038E401078000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401078000
|
Size: |
28672
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
4C00006E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2220562654.00004C00006E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C00006E0000
|
Size: |
12288
|
|
A67E000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048666785.000000000A67E000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A67E000
|
Size: |
8192
|
|
A5A4000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048400151.000000000A5A4000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A5A4000
|
Size: |
69632
|
|
38E40033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2226038770.000038E40033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40033C000
|
Size: |
12288
|
|
4C0000624000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219720717.00004C0000624000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000624000
|
Size: |
49152
|
|
4C00006B8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219929245.00004C00006B8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C00006B8000
|
Size: |
65536
|
|
38E40033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2242630344.000038E40033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40033C000
|
Size: |
8192
|
|
38E401590000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263977539.000038E401590000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401590000
|
Size: |
16384
|
|
4C0000788000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219488422.00004C0000788000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000788000
|
Size: |
4096
|
|
5307000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.0000000005307000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5307000
|
Size: |
12288
|
|
A70C000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1988582309.000000000A70C000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A70C000
|
Size: |
4096
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235246892.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
38E40169C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265181048.000038E40169C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40169C000
|
Size: |
94208
|
|
4C0000380000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219421732.00004C0000380000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000380000
|
Size: |
65536
|
|
1B22000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047395251.0000000001B22000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
1B22000
|
Size: |
8192
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233218597.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
38E4017DC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266695027.000038E4017DC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4017DC000
|
Size: |
77824
|
|
917000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2295874761.0000000000917000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
917000
|
Size: |
4096
|
|
67C2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596741530.00000000067C2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
67C2000
|
Size: |
4096
|
|
38E401750000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266110972.000038E401750000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401750000
|
Size: |
241664
|
|
505F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592315396.000000000505F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
505F000
|
Size: |
4096
|
|
5581000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.0000000005581000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5581000
|
Size: |
4096
|
|
38E40033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2240436095.000038E40033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40033C000
|
Size: |
8192
|
|
2E28000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2179807123.0000000002E28000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E28000
|
Size: |
4096
|
|
38E402C0C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2291760712.000038E402C0C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E402C0C000
|
Size: |
405504
|
|
38E4001E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2221759805.000038E4001E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4001E4000
|
Size: |
16384
|
|
4C0000658000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2220208730.00004C0000658000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000658000
|
Size: |
49152
|
|
38E40164C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2264900689.000038E40164C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40164C000
|
Size: |
16384
|
|
38E401D21000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2269452621.000038E401D21000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401D21000
|
Size: |
4096
|
|
196E8167000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239241112.00000196E8167000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8167000
|
Size: |
32768
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232760140.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
12288
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235794129.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
A4A8000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048031329.000000000A4A8000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A4A8000
|
Size: |
4096
|
|
38E401610000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2264464936.000038E401610000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401610000
|
Size: |
114688
|
|
4C0000698000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219792373.00004C0000698000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000698000
|
Size: |
77824
|
|
38E401BE8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2261109943.000038E401BE8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401BE8000
|
Size: |
49152
|
|
38E400CD4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2236982267.000038E400CD4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400CD4000
|
Size: |
61440
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2A73E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2049271877.000000002A73E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2A73E000
|
Size: |
8192
|
|
6263000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596093008.0000000006263000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6263000
|
Size: |
4096
|
|
537D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.000000000537D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
537D000
|
Size: |
4096
|
|
196E8171000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238732525.00000196E8171000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8171000
|
Size: |
4096
|
|
A5CA000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989266919.000000000A5CA000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A5CA000
|
Size: |
12288
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230139793.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
4C0000758000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2220505135.00004C0000758000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000758000
|
Size: |
94208
|
|
2E7A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2301315367.0000000002E7A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E7A000
|
Size: |
159744
|
|
A53A000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048074692.000000000A53A000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A53A000
|
Size: |
90112
|
|
38E400384000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2242753604.000038E400384000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400384000
|
Size: |
8192
|
|
38E40038C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2224377762.000038E40038C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40038C000
|
Size: |
12288
|
|
A58C000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989477388.000000000A58C000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A58C000
|
Size: |
40960
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230815036.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
50A0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592344768.00000000050A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
50A0000
|
Size: |
4096
|
|
55C5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.00000000055C5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
55C5000
|
Size: |
8192
|
|
196E8171000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238406672.00000196E8171000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8171000
|
Size: |
4096
|
|
38E400C84000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2236380994.000038E400C84000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400C84000
|
Size: |
16384
|
|
38E401AE8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2262593540.000038E401AE8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401AE8000
|
Size: |
110592
|
|
A61C000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989171349.000000000A61C000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A61C000
|
Size: |
24576
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234543823.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
38E4003C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2236310987.000038E4003C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4003C8000
|
Size: |
69632
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
4C000035C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219215031.00004C000035C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C000035C000
|
Size: |
24576
|
|
A708000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048692933.000000000A708000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A708000
|
Size: |
12288
|
|
87F000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2687498641.000000000087F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
87F000
|
Size: |
4096
|
|
38E400FDC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2253744741.000038E400FDC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400FDC000
|
Size: |
40960
|
|
196E8139000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2224559206.00000196E8139000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8139000
|
Size: |
8192
|
|
38E400480000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2225906520.000038E400480000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400480000
|
Size: |
20480
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2E2B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2194378381.0000000002E2B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E2B000
|
Size: |
8192
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233089552.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E4015C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2264111441.000038E4015C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4015C8000
|
Size: |
94208
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
62AE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596093008.00000000062AE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
62AE000
|
Size: |
4096
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2236766600.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
12288
|
|
38E4002F4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2236182541.000038E4002F4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4002F4000
|
Size: |
253952
|
|
38E4012B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2243618970.000038E4012B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4012B0000
|
Size: |
12288
|
|
196E813E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2229102135.00000196E813E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E813E000
|
Size: |
4096
|
|
2B02000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2687825673.0000000002B02000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2B02000
|
Size: |
4096
|
|
38E400218000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2221452817.000038E400218000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400218000
|
Size: |
16384
|
|
38E4017B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266505020.000038E4017B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4017B0000
|
Size: |
86016
|
|
13F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047119057.00000000013F0000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13F0000
|
Size: |
4096
|
|
A21F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047479818.000000000A21F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
A21F000
|
Size: |
4096
|
|
38E401588000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263843541.000038E401588000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401588000
|
Size: |
16384
|
|
196E816C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2237173120.00000196E816C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E816C000
|
Size: |
12288
|
|
38E4002E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2224486444.000038E4002E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4002E0000
|
Size: |
4096
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230450575.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
2CFE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2590867644.0000000002CFE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2CFE000
|
Size: |
8192
|
|
2E76000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2194338761.0000000002E76000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E76000
|
Size: |
8192
|
|
A5FA000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048513577.000000000A5FA000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A5FA000
|
Size: |
16384
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230815036.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E402EE8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2288767408.000038E402EE8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E402EE8000
|
Size: |
8192
|
|
4C0000734000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2220523333.00004C0000734000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000734000
|
Size: |
61440
|
|
7A1000
|
unkown
|
page execute read
|
|
|
|
Name: |
00000000.00000000.1735453479.00000000007A1000.00000020.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page execute read
|
Base address: |
7A1000
|
Size: |
3772416
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235660074.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
12288
|
|
83E000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2687477612.000000000083E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
83E000
|
Size: |
8192
|
|
61EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596093008.00000000061EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
61EE000
|
Size: |
4096
|
|
38E4010A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2254938104.000038E4010A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4010A4000
|
Size: |
4096
|
|
5377000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.0000000005377000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5377000
|
Size: |
8192
|
|
5871000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2595134749.0000000005871000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5871000
|
Size: |
4096
|
|
6780000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596741530.0000000006780000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6780000
|
Size: |
12288
|
|
4C00006C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219880445.00004C00006C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C00006C8000
|
Size: |
110592
|
|
38E401368000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2255324674.000038E401368000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401368000
|
Size: |
307200
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
38E401B60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263414745.000038E401B60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401B60000
|
Size: |
61440
|
|
A6EC000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1988582309.000000000A6EC000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A6EC000
|
Size: |
28672
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234971843.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235525966.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
38E402CDC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2285798677.000038E402CDC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E402CDC000
|
Size: |
409600
|
|
38E401C54000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2269111731.000038E401C54000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401C54000
|
Size: |
77824
|
|
58B1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2595134749.00000000058B1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
58B1000
|
Size: |
647168
|
|
38E400294000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2242390322.000038E400294000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400294000
|
Size: |
8192
|
|
A530000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048074692.000000000A530000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A530000
|
Size: |
28672
|
|
38E40129C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2242954240.000038E40129C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40129C000
|
Size: |
8192
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230934627.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
52C000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2687391422.000000000052C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
52C000
|
Size: |
16384
|
|
38E400F34000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239129728.000038E400F34000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400F34000
|
Size: |
131072
|
|
38E400294000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2249085067.000038E400294000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400294000
|
Size: |
8192
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230450575.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
52C2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.00000000052C2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
52C2000
|
Size: |
16384
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
38E401B38000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263592854.000038E401B38000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401B38000
|
Size: |
28672
|
|
A6DC000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1988582309.000000000A6DC000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A6DC000
|
Size: |
61440
|
|
38E40204F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2269843687.000038E40204F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40204F000
|
Size: |
335872
|
|
4C00006E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219966619.00004C00006E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C00006E4000
|
Size: |
192512
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2A83F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2049285423.000000002A83F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2A83F000
|
Size: |
4096
|
|
A598000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048372205.000000000A598000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A598000
|
Size: |
8192
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2227349692.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234072893.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
917000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2194476190.0000000000917000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
917000
|
Size: |
4096
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230577122.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
5501000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.0000000005501000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5501000
|
Size: |
4096
|
|
196E816C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238107824.00000196E816C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E816C000
|
Size: |
12288
|
|
38E401574000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263877426.000038E401574000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401574000
|
Size: |
61440
|
|
38E400F7C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2241889138.000038E400F7C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400F7C000
|
Size: |
20480
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234543823.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E400824000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2260929240.000038E400824000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400824000
|
Size: |
65536
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
55D1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.00000000055D1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
55D1000
|
Size: |
4096
|
|
23C0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2687935448.00000000023C0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
23C0000
|
Size: |
4096
|
|
A596000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989462428.000000000A596000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A596000
|
Size: |
16384
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235794129.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
1627000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047291816.0000000001627000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1627000
|
Size: |
90112
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
38E401620000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265047455.000038E401620000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401620000
|
Size: |
49152
|
|
4C0000750000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2220489721.00004C0000750000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000750000
|
Size: |
16384
|
|
2E15000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2166376249.0000000002E15000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E15000
|
Size: |
16384
|
|
5D0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2687437603.00000000005D0000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5D0000
|
Size: |
4096
|
|
38E4019D8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2262456478.000038E4019D8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4019D8000
|
Size: |
49152
|
|
2E12000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2347962708.0000000002E12000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E12000
|
Size: |
4096
|
|
52DE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.00000000052DE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
52DE000
|
Size: |
8192
|
|
A70C000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048692933.000000000A70C000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A70C000
|
Size: |
4096
|
|
38E4013B4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2258329748.000038E4013B4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4013B4000
|
Size: |
118784
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
A70C000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1838794108.000000000A70C000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A70C000
|
Size: |
4096
|
|
38E401760000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266239127.000038E401760000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401760000
|
Size: |
176128
|
|
38E400BF4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2237119368.000038E400BF4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400BF4000
|
Size: |
12288
|
|
38E401B4C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263523383.000038E401B4C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401B4C000
|
Size: |
16384
|
|
2E15000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2347962708.0000000002E15000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E15000
|
Size: |
372736
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
URLs found in memory or binary data |
Networking |
|
|
38E401B34000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263157778.000038E401B34000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401B34000
|
Size: |
45056
|
|
50B1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2214628881.00000000050B1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
50B1000
|
Size: |
233472
|
|
38E401A98000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2262123367.000038E401A98000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401A98000
|
Size: |
16384
|
|
2EA8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2211318950.0000000002EA8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2EA8000
|
Size: |
4096
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2228866669.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
5600000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.0000000005600000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5600000
|
Size: |
16384
|
|
56C000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2687417847.000000000056C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
56C000
|
Size: |
16384
|
|
38E401E04000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2269843687.000038E401E04000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401E04000
|
Size: |
2342912
|
|
4C0000694000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219991564.00004C0000694000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000694000
|
Size: |
16384
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232031555.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
A6FC000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1988582309.000000000A6FC000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A6FC000
|
Size: |
40960
|
|
60C4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596093008.00000000060C4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
60C4000
|
Size: |
4096
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235660074.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
4C0000614000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219680685.00004C0000614000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000614000
|
Size: |
49152
|
|
38E400294000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239471970.000038E400294000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400294000
|
Size: |
8192
|
|
5363000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2347785583.0000000005363000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5363000
|
Size: |
16384
|
|
196E8155000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238107824.00000196E8155000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8155000
|
Size: |
4096
|
|
38E401724000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265913735.000038E401724000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401724000
|
Size: |
143360
|
|
38E4016E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266282599.000038E4016E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4016E0000
|
Size: |
49152
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232134189.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
5C83000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2595659880.0000000005C83000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5C83000
|
Size: |
4096
|
|
A5BE000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048431521.000000000A5BE000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A5BE000
|
Size: |
40960
|
|
A556000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989605713.000000000A556000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A556000
|
Size: |
12288
|
|
196E8142000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233832831.00000196E8142000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8142000
|
Size: |
4096
|
|
A46E000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047818882.000000000A46E000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A46E000
|
Size: |
4096
|
|
38E40038C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2238921256.000038E40038C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40038C000
|
Size: |
12288
|
|
FDB000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000002.2046990047.0000000000FDB000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
FDB000
|
Size: |
98304
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232345684.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234826621.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
38E401C18000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2261177665.000038E401C18000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401C18000
|
Size: |
65536
|
|
38E4010A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2242218704.000038E4010A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4010A4000
|
Size: |
4096
|
|
AA62000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1921987697.000000000AA62000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
AA62000
|
Size: |
65536
|
|
38E400230000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2221342661.000038E400230000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400230000
|
Size: |
237568
|
|
38E400F60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2259752095.000038E400F60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400F60000
|
Size: |
53248
|
|
A63A000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048594623.000000000A63A000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A63A000
|
Size: |
176128
|
|
196E8143000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2224208559.00000196E8143000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8143000
|
Size: |
4096
|
|
A59E000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989364223.000000000A59E000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A59E000
|
Size: |
4096
|
|
38E40022C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2221307711.000038E40022C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40022C000
|
Size: |
253952
|
|
1A9E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047354177.0000000001A9E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1A9E000
|
Size: |
8192
|
|
A5E8000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048495598.000000000A5E8000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A5E8000
|
Size: |
65536
|
|
38E401710000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265721803.000038E401710000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401710000
|
Size: |
225280
|
|
3AF400248000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2215274216.00003AF400248000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3AF400248000
|
Size: |
4096
|
|
4C0000354000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219142154.00004C0000354000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000354000
|
Size: |
16384
|
|
277E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2688123007.000000000277E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
277E000
|
Size: |
8192
|
|
38E4013D4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2258240581.000038E4013D4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4013D4000
|
Size: |
45056
|
|
A5CE000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989266919.000000000A5CE000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A5CE000
|
Size: |
28672
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2229311783.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2227937440.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
4C0000320000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2220613860.00004C0000320000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000320000
|
Size: |
4096
|
|
38E400F58000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267788975.000038E400F58000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400F58000
|
Size: |
28672
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235378143.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
12288
|
|
38E401874000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267182741.000038E401874000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401874000
|
Size: |
241664
|
|
38E401564000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263940502.000038E401564000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401564000
|
Size: |
49152
|
|
2E2F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2116214159.0000000002E2F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E2F000
|
Size: |
241664
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2228355683.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
38E4010B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2242800367.000038E4010B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4010B0000
|
Size: |
356352
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
FA4000
|
unkown
|
page write copy
|
|
|
|
Name: |
00000000.00000000.1736414864.0000000000FA4000.00000008.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page write copy
|
Base address: |
FA4000
|
Size: |
4096
|
|
531A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.000000000531A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
531A000
|
Size: |
8192
|
|
38E401634000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2264692537.000038E401634000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401634000
|
Size: |
77824
|
|
38E40175C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266336173.000038E40175C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40175C000
|
Size: |
16384
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234675912.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
12288
|
|
38E401A90000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2262050871.000038E401A90000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401A90000
|
Size: |
16384
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2226441652.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2227564128.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232760140.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233218597.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
6FDA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2561926459.0000000006FDA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6FDA000
|
Size: |
8192
|
|
38E400298000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2255413408.000038E400298000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400298000
|
Size: |
36864
|
|
A41A000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047676171.000000000A41A000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A41A000
|
Size: |
45056
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
67A2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596741530.00000000067A2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
67A2000
|
Size: |
4096
|
|
A6DC000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048692933.000000000A6DC000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A6DC000
|
Size: |
61440
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2231191154.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
8192
|
|
2E6B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2125043127.0000000002E6B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E6B000
|
Size: |
4096
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2234072893.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
A6EC000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1838794108.000000000A6EC000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A6EC000
|
Size: |
28672
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2226856162.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E4017C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266661087.000038E4017C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4017C8000
|
Size: |
20480
|
|
2E6A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000003.2116188913.0000000002E6A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E6A000
|
Size: |
24576
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
4C0000644000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219663936.00004C0000644000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000644000
|
Size: |
61440
|
|
A578000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989534715.000000000A578000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A578000
|
Size: |
4096
|
|
38E4002B4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2223096384.000038E4002B4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4002B4000
|
Size: |
4096
|
|
38E401778000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2266414018.000038E401778000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401778000
|
Size: |
77824
|
|
38E401A0C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2261874242.000038E401A0C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401A0C000
|
Size: |
49152
|
|
A39D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047526156.000000000A39D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
A39D000
|
Size: |
12288
|
|
196E8150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2226856162.00000196E8150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8150000
|
Size: |
20480
|
|
3AF4002BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2215449405.00003AF4002BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3AF4002BC000
|
Size: |
4096
|
|
A5D6000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048431521.000000000A5D6000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A5D6000
|
Size: |
65536
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2227081452.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
4BFD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592074619.0000000004BFD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4BFD000
|
Size: |
12288
|
|
561A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2593428501.000000000561A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
561A000
|
Size: |
4096
|
|
196E8142000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2229755028.00000196E8142000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8142000
|
Size: |
4096
|
|
A620000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048567745.000000000A620000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A620000
|
Size: |
57344
|
|
38E401A3C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263118474.000038E401A3C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401A3C000
|
Size: |
49152
|
|
8DE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2590684865.00000000008DE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
8DE000
|
Size: |
8192
|
|
38E400FC4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2240509319.000038E400FC4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400FC4000
|
Size: |
94208
|
|
38E400398000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2253705634.000038E400398000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400398000
|
Size: |
12288
|
|
38E40187C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267390260.000038E40187C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40187C000
|
Size: |
16384
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2233265161.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
38E400E6C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239786651.000038E400E6C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400E6C000
|
Size: |
4096
|
|
38E40033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2260492394.000038E40033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40033C000
|
Size: |
8192
|
|
196E814A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235525966.00000196E814A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E814A000
|
Size: |
8192
|
|
52F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.00000000052F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
52F3000
|
Size: |
12288
|
|
533B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.000000000533B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
533B000
|
Size: |
12288
|
|
196E815B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2237173120.00000196E815B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E815B000
|
Size: |
4096
|
|
FA5000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000000.1736688912.0000000000FA5000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
FA5000
|
Size: |
217088
|
|
A25D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2047492775.000000000A25D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
A25D000
|
Size: |
12288
|
|
38E401B04000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2262968048.000038E401B04000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401B04000
|
Size: |
16384
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230410117.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
38E401B08000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2262756888.000038E401B08000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401B08000
|
Size: |
94208
|
|
56B6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2594942743.00000000056B6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
56B6000
|
Size: |
8192
|
|
38E40182C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2267568194.000038E40182C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E40182C000
|
Size: |
61440
|
|
A6DC000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1838794108.000000000A6DC000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A6DC000
|
Size: |
61440
|
|
581B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2595134749.000000000581B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
581B000
|
Size: |
4096
|
|
456000
|
remote allocation
|
page execute and read and write
|
|
|
|
Name: |
00000004.00000002.2590366796.0000000000456000.00000040.00000400.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
remote allocation
|
Protect: |
page execute and read and write
|
Base address: |
456000
|
Size: |
40960
|
|
A66A000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048617138.000000000A66A000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A66A000
|
Size: |
8192
|
|
196E8144000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2235794129.00000196E8144000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8144000
|
Size: |
12288
|
|
38E4010A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2242866729.000038E4010A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E4010A4000
|
Size: |
4096
|
|
38E401368000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2255123077.000038E401368000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401368000
|
Size: |
307200
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
38E400FA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2239595878.000038E400FA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400FA0000
|
Size: |
12288
|
|
196E8153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2230139793.00000196E8153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8153000
|
Size: |
8192
|
|
38E401570000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2263712064.000038E401570000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401570000
|
Size: |
77824
|
|
A4A4000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1989896708.000000000A4A4000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A4A4000
|
Size: |
4096
|
|
61E3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596093008.00000000061E3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
61E3000
|
Size: |
4096
|
|
4C00006CC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219904677.00004C00006CC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C00006CC000
|
Size: |
94208
|
|
4C0000664000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2219700581.00004C0000664000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C0000664000
|
Size: |
77824
|
|
60CC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2596093008.00000000060CC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
60CC000
|
Size: |
12288
|
|
38E401700000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2265558094.000038E401700000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E401700000
|
Size: |
290816
|
|
196E8156000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2232031555.00000196E8156000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
196E8156000
|
Size: |
8192
|
|
38E400C64000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2236467880.000038E400C64000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E400C64000
|
Size: |
61440
|
|
A52A000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2048074692.000000000A52A000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
A52A000
|
Size: |
20480
|
|
3AF4002C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2215461949.00003AF4002C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3AF4002C0000
|
Size: |
4096
|
|
F2A000
|
unkown
|
page write copy
|
|
|
|
Name: |
00000000.00000002.2046720421.0000000000F2A000.00000008.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page write copy
|
Base address: |
F2A000
|
Size: |
4096
|
|
531D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2592445565.000000000531D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
531D000
|
Size: |
4096
|
|