1EE5FF27000
|
trusted library allocation
|
page read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000000.00000002.1715523883.000001EE5FF27000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE5FF27000
|
Size: |
4063232
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found malware configuration |
AV Detection |
|
Malicious sample detected (through community Yara rule) |
System Summary |
|
Yara detected XWorm |
Stealing of Sensitive Information, Remote Access Functionality |
|
Sample uses string decryption to hide its real strings |
AV Detection |
|
Yara signature match |
System Summary |
|
|
2BD1000
|
trusted library allocation
|
page read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000002.00000002.2250081540.0000000002BD1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BD1000
|
Size: |
278528
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected XWorm |
Stealing of Sensitive Information, Remote Access Functionality |
|
URLs found in memory or binary data |
Networking |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
1EE5F278000
|
trusted library allocation
|
page read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000000.00000002.1715523883.000001EE5F278000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE5F278000
|
Size: |
2240512
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Malicious sample detected (through community Yara rule) |
System Summary |
|
Yara detected XWorm |
Stealing of Sensitive Information, Remote Access Functionality |
|
Yara signature match |
System Summary |
|
URLs found in memory or binary data |
Networking |
|
|
402000
|
remote allocation
|
page execute and read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000002.00000002.2246251774.0000000000402000.00000040.00000400.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
remote allocation
|
Protect: |
page execute and read and write
|
Base address: |
402000
|
Size: |
61440
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Malicious sample detected (through community Yara rule) |
System Summary |
|
Yara detected XWorm |
Stealing of Sensitive Information, Remote Access Functionality |
|
Yara signature match |
System Summary |
|
|
1EE5F4AB000
|
trusted library allocation
|
page read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000000.00000002.1715523883.000001EE5F4AB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE5F4AB000
|
Size: |
212992
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Malicious sample detected (through community Yara rule) |
System Summary |
|
Yara detected XWorm |
Stealing of Sensitive Information, Remote Access Functionality |
|
Yara signature match |
System Summary |
|
|
8058000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008058000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8058000
|
Size: |
65536
|
|
98733FE000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000009.00000002.2948161808.00000098733FE000.00000002.00000001.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
98733FE000
|
Size: |
4096
|
|
8A7A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008A7A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A7A000
|
Size: |
20480
|
|
7FFD9B9A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1747711525.00007FFD9B9A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9B9A0000
|
Size: |
65536
|
|
30E3000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000003.2246438491.00000000030E3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
30E3000
|
Size: |
4096
|
|
62E9000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2067340503.00000000062E9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
62E9000
|
Size: |
249856
|
|
6E4B000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2070214769.0000000006E4B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6E4B000
|
Size: |
389120
|
|
8A74000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008A74000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A74000
|
Size: |
20480
|
|
1EE6F2B1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1736362189.000001EE6F2B1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE6F2B1000
|
Size: |
4096
|
|
4B01000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948283291.0000000004B01000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4B01000
|
Size: |
36864
|
|
89B2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000089B2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
89B2000
|
Size: |
20480
|
|
641C000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2058184078.000000000641C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
641C000
|
Size: |
12288
|
|
642C000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2064079495.000000000642C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
642C000
|
Size: |
65536
|
|
8817000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008817000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8817000
|
Size: |
20480
|
|
2F54000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002F54000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F54000
|
Size: |
4096
|
|
CC0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2159478569.0000000000CC0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
CC0000
|
Size: |
8192
|
|
28AFECD0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2042981227.0000028AFECD0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFECD0000
|
Size: |
4096
|
|
8114000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008114000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8114000
|
Size: |
20480
|
|
567E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2162324398.000000000567E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
567E000
|
Size: |
8192
|
|
2BBE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2249993091.0000000002BBE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2BBE000
|
Size: |
8192
|
|
F9B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160042918.0000000000F9B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F9B000
|
Size: |
12288
|
|
2C20000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000F.00000002.2273904546.0000000002C20000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
15
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2C20000
|
Size: |
24576
|
|
88E5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000088E5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
88E5000
|
Size: |
20480
|
|
5B7E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2266462202.0000000005B7E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5B7E000
|
Size: |
8192
|
|
88D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2163374529.00000000088D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
88D0000
|
Size: |
4096
|
|
629B000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2070457843.000000000629B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
629B000
|
Size: |
90112
|
|
874CABE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714734755.000000874CABE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
874CABE000
|
Size: |
8192
|
|
C60D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2269484319.000000000C60D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
C60D000
|
Size: |
12288
|
|
F4B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000006.00000002.2159990066.0000000000F4B000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
F4B000
|
Size: |
4096
|
|
2EAD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002EAD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2EAD000
|
Size: |
4096
|
|
51C3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2265645438.00000000051C3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
51C3000
|
Size: |
8192
|
|
8902000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008902000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8902000
|
Size: |
20480
|
|
5310000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2031839257.0000000005310000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5310000
|
Size: |
36864
|
|
7FFD9BA10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1748490274.00007FFD9BA10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9BA10000
|
Size: |
65536
|
|
98735FE000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000009.00000002.2948263679.00000098735FE000.00000002.00000001.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
98735FE000
|
Size: |
4096
|
|
7A2D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2163139370.0000000007A2D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
7A2D000
|
Size: |
12288
|
|
80AA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000080AA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
80AA000
|
Size: |
20480
|
|
6E1D000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2949852878.0000000006E1D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6E1D000
|
Size: |
12288
|
|
62B3000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2054557516.00000000062B3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
62B3000
|
Size: |
4096
|
|
6346000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2070457843.0000000006346000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6346000
|
Size: |
393216
|
|
82D8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000082D8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
82D8000
|
Size: |
20480
|
|
81BE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000081BE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
81BE000
|
Size: |
20480
|
|
7AC2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056643898.0000000007AC2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7AC2000
|
Size: |
8192
|
|
7FFD9B9B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1747826893.00007FFD9B9B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9B9B0000
|
Size: |
65536
|
|
89E1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000089E1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
89E1000
|
Size: |
20480
|
|
2C16000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002C16000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C16000
|
Size: |
4096
|
|
2C4F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002C4F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C4F000
|
Size: |
49152
|
|
2BA0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2047932137.0000000002BA0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2BA0000
|
Size: |
16384
|
|
524F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2161840585.000000000524F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
524F000
|
Size: |
8192
|
|
6459000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948824376.0000000006459000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6459000
|
Size: |
20480
|
|
9872CFE000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000009.00000002.2947579026.0000009872CFE000.00000002.00000001.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
9872CFE000
|
Size: |
4096
|
|
6437000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2058759143.0000000006437000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6437000
|
Size: |
20480
|
|
2C9D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160888258.0000000002C9D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C9D000
|
Size: |
20480
|
|
6CA0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2949803726.0000000006CA0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6CA0000
|
Size: |
8192
|
|
2C9B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160888258.0000000002C9B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C9B000
|
Size: |
4096
|
|
14BC000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2049894940.00000000014BC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
14BC000
|
Size: |
16384
|
|
28AFEEF6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951722734.0000028AFEEF6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFEEF6000
|
Size: |
12288
|
|
641C000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2054557516.000000000641C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
641C000
|
Size: |
12288
|
|
F8F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160042918.0000000000F8F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F8F000
|
Size: |
8192
|
|
30FE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000003.2246692753.00000000030FE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
30FE000
|
Size: |
4096
|
|
7A6E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2060040646.0000000007A6E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
7A6E000
|
Size: |
8192
|
|
79A0000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2059853309.00000000079A0000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
79A0000
|
Size: |
4096
|
|
4580000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2048442243.0000000004580000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4580000
|
Size: |
4096
|
|
63B2000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2058759143.00000000063B2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63B2000
|
Size: |
233472
|
|
28AFD6F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2948696140.0000028AFD6F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFD6F0000
|
Size: |
12288
|
|
8AEA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008AEA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8AEA000
|
Size: |
20480
|
|
8AD2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008AD2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8AD2000
|
Size: |
20480
|
|
8978000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008978000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8978000
|
Size: |
40960
|
|
80F6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000080F6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
80F6000
|
Size: |
20480
|
|
89BE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000089BE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
89BE000
|
Size: |
20480
|
|
643D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948824376.000000000643D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
643D000
|
Size: |
110592
|
|
640F000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2061630462.000000000640F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
640F000
|
Size: |
61440
|
|
2EA5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002EA5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2EA5000
|
Size: |
4096
|
|
647D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2063516550.000000000647D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
647D000
|
Size: |
73728
|
|
2EAF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002EAF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2EAF000
|
Size: |
4096
|
|
834E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000834E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
834E000
|
Size: |
20480
|
|
76EB000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2059252837.00000000076EB000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
76EB000
|
Size: |
20480
|
|
874C155000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714421086.000000874C155000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
874C155000
|
Size: |
45056
|
|
987367E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2948306619.000000987367E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
987367E000
|
Size: |
8192
|
|
9872DFE000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000009.00000002.2947680034.0000009872DFE000.00000002.00000001.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
9872DFE000
|
Size: |
4096
|
|
3132000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000003132000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3132000
|
Size: |
4096
|
|
3130000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000003130000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3130000
|
Size: |
4096
|
|
63E0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2064079495.00000000063E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63E0000
|
Size: |
188416
|
|
8931000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008931000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8931000
|
Size: |
20480
|
|
73B5000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2058075347.00000000073B5000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
73B5000
|
Size: |
8192
|
|
28AFD82B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2948964714.0000028AFD82B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFD82B000
|
Size: |
86016
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
2E7D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002E7D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2E7D000
|
Size: |
4096
|
|
5EFD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2266829200.0000000005EFD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5EFD000
|
Size: |
12288
|
|
59E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2043534193.00000000059E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59E0000
|
Size: |
12288
|
|
7BE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2062706699.0000000007BE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7BE0000
|
Size: |
61440
|
|
1EE5EC30000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715362809.000001EE5EC30000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE5EC30000
|
Size: |
12288
|
|
28AFF0BA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040570757.0000028AFF0BA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF0BA000
|
Size: |
28672
|
|
315C000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2947930158.000000000315C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
315C000
|
Size: |
16384
|
|
FC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2249228470.0000000000FC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
FC0000
|
Size: |
65536
|
|
662C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2268130973.000000000662C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
662C000
|
Size: |
16384
|
|
8925000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008925000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8925000
|
Size: |
20480
|
|
11DE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2249474922.00000000011DE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
11DE000
|
Size: |
8192
|
|
88EB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000088EB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
88EB000
|
Size: |
40960
|
|
886F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.000000000886F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
886F000
|
Size: |
20480
|
|
645F000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2061630462.000000000645F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
645F000
|
Size: |
4096
|
|
317E000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2043356762.000000000317E000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
317E000
|
Size: |
8192
|
|
28AFE8A0000
|
trusted library section
|
page readonly
|
|
|
|
Name: |
00000009.00000002.2950693045.0000028AFE8A0000.00000002.08000000.00040000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page readonly
|
Base address: |
28AFE8A0000
|
Size: |
65536
|
|
8960000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008960000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8960000
|
Size: |
20480
|
|
635E000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2056869017.000000000635E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
635E000
|
Size: |
319488
|
|
34F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2046516991.00000000034F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34F0000
|
Size: |
4096
|
|
59E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2043399064.00000000059E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59E0000
|
Size: |
12288
|
|
6E34000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2949900767.0000000006E34000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6E34000
|
Size: |
4096
|
|
2F67000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002F67000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F67000
|
Size: |
4096
|
|
4D5E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2047172306.0000000004D5E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4D5E000
|
Size: |
8192
|
|
6323000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2267566176.0000000006323000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6323000
|
Size: |
4096
|
|
6459000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2064079495.0000000006459000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6459000
|
Size: |
20480
|
|
6329000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2070457843.0000000006329000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6329000
|
Size: |
49152
|
|
5295000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2048538649.0000000005295000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5295000
|
Size: |
16384
|
|
7FFD9B82C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1746452792.00007FFD9B82C000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFD9B82C000
|
Size: |
12288
|
|
28AFDE80000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2949757024.0000028AFDE80000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFDE80000
|
Size: |
4096
|
|
731F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2057924250.000000000731F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
731F000
|
Size: |
4096
|
|
28AFEF0A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2107988166.0000028AFEF0A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFEF0A000
|
Size: |
4096
|
|
98737FE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2948388024.00000098737FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
98737FE000
|
Size: |
8192
|
|
5230000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2161807743.0000000005230000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5230000
|
Size: |
16384
|
|
2E73000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002E73000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2E73000
|
Size: |
4096
|
|
28AFD841000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2949020731.0000028AFD841000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFD841000
|
Size: |
102400
|
|
6690000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2268289723.0000000006690000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6690000
|
Size: |
94208
|
|
30E9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.00000000030E9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
30E9000
|
Size: |
4096
|
|
59E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2043804893.00000000059E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59E0000
|
Size: |
16384
|
|
15E0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2947704249.00000000015E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
15E0000
|
Size: |
12288
|
|
63AF000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2063516550.00000000063AF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63AF000
|
Size: |
389120
|
|
2F57000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002F57000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F57000
|
Size: |
53248
|
|
5310000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2162163661.0000000005310000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5310000
|
Size: |
65536
|
|
7C10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2062882891.0000000007C10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C10000
|
Size: |
65536
|
|
2C5E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002C5E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C5E000
|
Size: |
4096
|
|
1EE6F0CD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1736362189.000001EE6F0CD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE6F0CD000
|
Size: |
1937408
|
|
28AFD873000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2949066007.0000028AFD873000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFD873000
|
Size: |
4096
|
|
D40000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2246663737.0000000000D40000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
D40000
|
Size: |
8192
|
|
313A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.000000000313A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
313A000
|
Size: |
16384
|
|
13B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2249587754.00000000013B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13B0000
|
Size: |
20480
|
|
88D3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000088D3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
88D3000
|
Size: |
20480
|
|
6437000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2059119906.0000000006437000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6437000
|
Size: |
20480
|
|
32A9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2043642191.00000000032A9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
32A9000
|
Size: |
90112
|
|
D56000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2246707516.0000000000D56000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
D56000
|
Size: |
12288
|
|
824B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000824B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
824B000
|
Size: |
20480
|
|
8A16000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008A16000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A16000
|
Size: |
20480
|
|
28AFF010000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2952102039.0000028AFF010000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF010000
|
Size: |
4096
|
|
8377000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008377000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8377000
|
Size: |
20480
|
|
89F9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000089F9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
89F9000
|
Size: |
20480
|
|
643D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2070457843.000000000643D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
643D000
|
Size: |
110592
|
|
34A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2045884589.00000000034A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34A4000
|
Size: |
36864
|
|
69BE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2269389983.00000000069BE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
69BE000
|
Size: |
8192
|
|
6E3A000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2061424879.0000000006E3A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6E3A000
|
Size: |
12288
|
|
8908000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008908000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8908000
|
Size: |
20480
|
|
6F01000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2067049542.0000000006F01000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6F01000
|
Size: |
159744
|
|
8348000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008348000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8348000
|
Size: |
20480
|
|
8A2E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008A2E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A2E000
|
Size: |
20480
|
|
83AC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000083AC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
83AC000
|
Size: |
20480
|
|
61A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2267330505.00000000061A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
61A0000
|
Size: |
16384
|
|
4D1E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2047085367.0000000004D1E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4D1E000
|
Size: |
8192
|
|
5E40000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948455136.0000000005E40000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5E40000
|
Size: |
192512
|
|
1EE773A0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1745259736.000001EE773A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE773A0000
|
Size: |
16384
|
|
5310000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2031796646.0000000005310000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5310000
|
Size: |
16384
|
|
6346000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2063369840.0000000006346000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6346000
|
Size: |
339968
|
|
11AE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160624172.00000000011AE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
11AE000
|
Size: |
8192
|
|
402000
|
remote allocation
|
page execute and read and write
|
|
|
|
Name: |
00000006.00000002.2159298688.0000000000402000.00000040.00000400.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
remote allocation
|
Protect: |
page execute and read and write
|
Base address: |
402000
|
Size: |
45056
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
6345000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2054557516.0000000006345000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6345000
|
Size: |
69632
|
|
8A86000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008A86000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A86000
|
Size: |
20480
|
|
77FE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2059573944.00000000077FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
77FE000
|
Size: |
8192
|
|
890C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2057894829.000000000890C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
890C000
|
Size: |
4096
|
|
3136000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000003136000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3136000
|
Size: |
4096
|
|
639C000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2062759821.000000000639C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
639C000
|
Size: |
40960
|
|
8983000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008983000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8983000
|
Size: |
20480
|
|
874C1DE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714441754.000000874C1DE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
874C1DE000
|
Size: |
8192
|
|
3450000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2045609877.0000000003450000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3450000
|
Size: |
4096
|
|
30FE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000003.2274950119.00000000030FE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
30FE000
|
Size: |
12288
|
|
34D5000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2046330829.00000000034D5000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
34D5000
|
Size: |
4096
|
|
4D60000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2047241627.0000000004D60000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
4D60000
|
Size: |
12288
|
|
342E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2045460728.000000000342E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
342E000
|
Size: |
8192
|
|
2C2B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002C2B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C2B000
|
Size: |
4096
|
|
28AFEEC4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951467795.0000028AFEEC4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFEEC4000
|
Size: |
16384
|
|
28AFEF02000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951971893.0000028AFEF02000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFEF02000
|
Size: |
16384
|
|
6459000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2067340503.0000000006459000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6459000
|
Size: |
20480
|
|
2C62000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002C62000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C62000
|
Size: |
950272
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
819B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000819B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
819B000
|
Size: |
20480
|
|
6329000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2061630462.0000000006329000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6329000
|
Size: |
106496
|
|
1037000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160042918.0000000001037000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1037000
|
Size: |
36864
|
|
28AFE015000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2949957629.0000028AFE015000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFE015000
|
Size: |
4096
|
|
8846000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008846000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8846000
|
Size: |
20480
|
|
81E7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000081E7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
81E7000
|
Size: |
20480
|
|
2D5E000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000F.00000002.2274023543.0000000002D5E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
15
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2D5E000
|
Size: |
8192
|
|
874C5FB000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714521161.000000874C5FB000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
874C5FB000
|
Size: |
20480
|
|
FD7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2249326602.0000000000FD7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FD7000
|
Size: |
8192
|
|
806F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000806F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
806F000
|
Size: |
20480
|
|
63AF000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2054557516.00000000063AF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63AF000
|
Size: |
245760
|
|
51A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2042000136.00000000051A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
51A0000
|
Size: |
16384
|
|
8143000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008143000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8143000
|
Size: |
20480
|
|
6437000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2054557516.0000000006437000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6437000
|
Size: |
20480
|
|
7FFD9B9C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1747912886.00007FFD9B9C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9B9C0000
|
Size: |
65536
|
|
643D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2057428968.000000000643D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
643D000
|
Size: |
53248
|
|
5E73000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948455136.0000000005E73000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5E73000
|
Size: |
835584
|
|
7B37000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2064641743.0000000007B37000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7B37000
|
Size: |
4100096
|
|
28AFF0FF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040570757.0000028AFF0FF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF0FF000
|
Size: |
28672
|
|
1EE5ED05000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715472610.000001EE5ED05000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE5ED05000
|
Size: |
24576
|
|
62A0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2061630462.00000000062A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
62A0000
|
Size: |
69632
|
|
98722FE000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000009.00000002.2947097441.00000098722FE000.00000002.00000001.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
98722FE000
|
Size: |
4096
|
|
81ED000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000081ED000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
81ED000
|
Size: |
20480
|
|
2F37000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002F37000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F37000
|
Size: |
4096
|
|
8234000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008234000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8234000
|
Size: |
40960
|
|
8342000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008342000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8342000
|
Size: |
20480
|
|
28AFEDA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2043894798.0000028AFEDA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFEDA0000
|
Size: |
4096
|
|
647D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2067340503.000000000647D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
647D000
|
Size: |
73728
|
|
FA8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160042918.0000000000FA8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FA8000
|
Size: |
192512
|
|
2E7B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002E7B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2E7B000
|
Size: |
4096
|
|
640F000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2059119906.000000000640F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
640F000
|
Size: |
36864
|
|
874CB3F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714753692.000000874CB3F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
874CB3F000
|
Size: |
4096
|
|
7AC9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2060284870.0000000007AC9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7AC9000
|
Size: |
167936
|
|
62B8000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2061630462.00000000062B8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
62B8000
|
Size: |
192512
|
|
15DE000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2947654939.00000000015DE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
15DE000
|
Size: |
8192
|
|
28AFD87D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2949269553.0000028AFD87D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFD87D000
|
Size: |
4096
|
|
62B8000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2067340503.00000000062B8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
62B8000
|
Size: |
192512
|
|
987407E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2948569145.000000987407E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
987407E000
|
Size: |
8192
|
|
1054000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160042918.0000000001054000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1054000
|
Size: |
45056
|
|
28AFECD0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951096234.0000028AFECD0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFECD0000
|
Size: |
4096
|
|
59E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2042897614.00000000059E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59E0000
|
Size: |
12288
|
|
4D80000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2047627215.0000000004D80000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4D80000
|
Size: |
4096
|
|
8875000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008875000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8875000
|
Size: |
20480
|
|
8154000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008154000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8154000
|
Size: |
20480
|
|
2C27000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002C27000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C27000
|
Size: |
12288
|
|
6437000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2059879105.0000000006437000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6437000
|
Size: |
8192
|
|
82EA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000082EA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
82EA000
|
Size: |
20480
|
|
2C28000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000F.00000002.2273904546.0000000002C28000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
15
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2C28000
|
Size: |
45056
|
|
1EE5D410000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715279547.000001EE5D410000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE5D410000
|
Size: |
4096
|
|
6336000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2067340503.0000000006336000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6336000
|
Size: |
53248
|
|
7FFD9B770000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1746101608.00007FFD9B770000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9B770000
|
Size: |
4096
|
|
82F6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000082F6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
82F6000
|
Size: |
40960
|
|
5F3C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2266874697.0000000005F3C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5F3C000
|
Size: |
16384
|
|
3303000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2045233207.0000000003303000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3303000
|
Size: |
61440
|
|
2F99000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002F99000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F99000
|
Size: |
4096
|
|
FBE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2249196372.0000000000FBE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
FBE000
|
Size: |
8192
|
|
6F17000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2068320669.0000000006F17000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6F17000
|
Size: |
69632
|
|
28AFE15A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2107757946.0000028AFE15A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFE15A000
|
Size: |
4096
|
|
324B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2043642191.000000000324B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
324B000
|
Size: |
8192
|
|
28AFEE1F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951230208.0000028AFEE1F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFEE1F000
|
Size: |
49152
|
|
28AFE002000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2949876082.0000028AFE002000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFE002000
|
Size: |
4096
|
|
2EB1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002EB1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2EB1000
|
Size: |
4096
|
|
30FE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000003.2246348216.00000000030FE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
30FE000
|
Size: |
4096
|
|
9CC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2159362961.00000000009CC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
9CC000
|
Size: |
16384
|
|
30ED000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.00000000030ED000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
30ED000
|
Size: |
57344
|
|
F37000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.2249003848.0000000000F37000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
F37000
|
Size: |
4096
|
|
15F5000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2947807477.00000000015F5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
15F5000
|
Size: |
40960
|
|
68D0000
|
trusted library section
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2269118993.00000000068D0000.00000004.08000000.00040000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page read and write
|
Base address: |
68D0000
|
Size: |
122880
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
8ADE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008ADE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8ADE000
|
Size: |
20480
|
|
6399000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2062759821.0000000006399000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6399000
|
Size: |
4096
|
|
28AFF072000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040570757.0000028AFF072000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF072000
|
Size: |
110592
|
|
28AFECC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951064499.0000028AFECC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFECC0000
|
Size: |
4096
|
|
1EE6067C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715523883.000001EE6067C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE6067C000
|
Size: |
8192
|
|
6331000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2267845608.0000000006331000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6331000
|
Size: |
53248
|
|
2C40000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160857468.0000000002C40000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2C40000
|
Size: |
4096
|
|
F20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2159814530.0000000000F20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
F20000
|
Size: |
40960
|
|
28AFD895000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2949269553.0000028AFD895000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFD895000
|
Size: |
40960
|
|
81D6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000081D6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
81D6000
|
Size: |
40960
|
|
9873AFE000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000009.00000002.2948537163.0000009873AFE000.00000002.00000001.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
9873AFE000
|
Size: |
4096
|
|
78A1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2059790278.00000000078A1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
78A1000
|
Size: |
8192
|
|
4B0C000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2059971468.0000000004B0C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4B0C000
|
Size: |
20480
|
|
6459000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2070457843.0000000006459000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6459000
|
Size: |
20480
|
|
63E0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2059119906.00000000063E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63E0000
|
Size: |
45056
|
|
8222000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008222000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8222000
|
Size: |
20480
|
|
8301000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008301000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8301000
|
Size: |
20480
|
|
8D0F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2064047901.0000000008D0F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8D0F000
|
Size: |
45056
|
|
8210000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008210000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8210000
|
Size: |
20480
|
|
ED7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2159602090.0000000000ED7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
ED7000
|
Size: |
20480
|
|
7FFD9BA30000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1748736054.00007FFD9BA30000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9BA30000
|
Size: |
65536
|
|
6346000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2061630462.0000000006346000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6346000
|
Size: |
344064
|
|
2F39000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002F39000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F39000
|
Size: |
4096
|
|
82A9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000082A9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
82A9000
|
Size: |
20480
|
|
643E000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2059723117.000000000643E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
643E000
|
Size: |
49152
|
|
2F4A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002F4A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F4A000
|
Size: |
12288
|
|
812B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000812B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
812B000
|
Size: |
20480
|
|
28B00000000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2952211640.0000028B00000000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28B00000000
|
Size: |
4096
|
|
28AFE540000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2950285890.0000028AFE540000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFE540000
|
Size: |
4096
|
|
D9D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2246806059.0000000000D9D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
D9D000
|
Size: |
12288
|
|
6291000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2054557516.0000000006291000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6291000
|
Size: |
32768
|
|
640F000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2058759143.000000000640F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
640F000
|
Size: |
36864
|
|
643D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2058759143.000000000643D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
643D000
|
Size: |
53248
|
|
59F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2043097579.00000000059F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59F0000
|
Size: |
12288
|
|
2D53000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002D53000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2D53000
|
Size: |
946176
|
|
5A00000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2042379245.0000000005A00000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5A00000
|
Size: |
65536
|
|
7C70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2063639441.0000000007C70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C70000
|
Size: |
65536
|
|
30FE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2275592916.00000000030FE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
30FE000
|
Size: |
12288
|
|
2F9F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002F9F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F9F000
|
Size: |
4096
|
|
7B1E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2062039074.0000000007B1E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7B1E000
|
Size: |
32768
|
|
62E9000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2070457843.00000000062E9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
62E9000
|
Size: |
249856
|
|
8257000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008257000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8257000
|
Size: |
20480
|
|
82E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000082E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
82E4000
|
Size: |
20480
|
|
28AFD8B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2949269553.0000028AFD8B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFD8B0000
|
Size: |
53248
|
|
2B80000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2047913089.0000000002B80000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2B80000
|
Size: |
4096
|
|
7BC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2062549936.0000000007BC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7BC0000
|
Size: |
49152
|
|
5526000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2048538649.0000000005526000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5526000
|
Size: |
12288
|
|
61A9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2267330505.00000000061A9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
61A9000
|
Size: |
16384
|
|
81E1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000081E1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
81E1000
|
Size: |
20480
|
|
300E000
|
unkown
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2275509762.000000000300E000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
300E000
|
Size: |
8192
|
|
55CE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2266241812.00000000055CE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55CE000
|
Size: |
8192
|
|
80CD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000080CD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
80CD000
|
Size: |
20480
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.2246251774.0000000000400000.00000040.00000400.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
remote allocation
|
Protect: |
page execute and read and write
|
Base address: |
400000
|
Size: |
4096
|
|
6329000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2067340503.0000000006329000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6329000
|
Size: |
49152
|
|
59E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2042602202.00000000059E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59E0000
|
Size: |
12288
|
|
EBD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2248258838.0000000000EBD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
EBD000
|
Size: |
4096
|
|
66AA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2268513140.00000000066AA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
66AA000
|
Size: |
12288
|
|
98723FE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2947144764.00000098723FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
98723FE000
|
Size: |
8192
|
|
59E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2042734174.00000000059E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59E0000
|
Size: |
12288
|
|
80BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000080BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
80BC000
|
Size: |
40960
|
|
FD0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2249326602.0000000000FD0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FD0000
|
Size: |
16384
|
|
28AFF008000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040570757.0000028AFF008000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF008000
|
Size: |
16384
|
|
2EFD000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2275452776.0000000002EFD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2EFD000
|
Size: |
12288
|
|
34A3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2045808954.00000000034A3000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
34A3000
|
Size: |
4096
|
|
80DF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000080DF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
80DF000
|
Size: |
20480
|
|
98732FE000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000009.00000002.2948060539.00000098732FE000.00000002.00000001.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
98732FE000
|
Size: |
4096
|
|
62B3000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2070457843.00000000062B3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
62B3000
|
Size: |
4096
|
|
640F000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2059452039.000000000640F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
640F000
|
Size: |
36864
|
|
98739F9000
|
stack
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2948484455.00000098739F9000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
98739F9000
|
Size: |
28672
|
|
8383000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008383000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8383000
|
Size: |
40960
|
|
2FBA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002FBA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2FBA000
|
Size: |
4096
|
|
28AFF056000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040570757.0000028AFF056000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF056000
|
Size: |
53248
|
|
7C30000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2063126415.0000000007C30000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C30000
|
Size: |
65536
|
|
1EE5ED00000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715472610.000001EE5ED00000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE5ED00000
|
Size: |
12288
|
|
54F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2048538649.00000000054F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
54F0000
|
Size: |
110592
|
|
5293000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2048538649.0000000005293000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5293000
|
Size: |
4096
|
|
7FFD9BA50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1748916473.00007FFD9BA50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9BA50000
|
Size: |
65536
|
|
1EE5D198000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714928058.000001EE5D198000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE5D198000
|
Size: |
36864
|
|
E05000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2247089519.0000000000E05000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
E05000
|
Size: |
32768
|
|
2C18000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002C18000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C18000
|
Size: |
20480
|
|
8131000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008131000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8131000
|
Size: |
20480
|
|
87E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2057706973.00000000087E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
87E0000
|
Size: |
8192
|
|
8989000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008989000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8989000
|
Size: |
20480
|
|
28AFEEC9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951651640.0000028AFEEC9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFEEC9000
|
Size: |
102400
|
|
2A10000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2047672164.0000000002A10000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2A10000
|
Size: |
4096
|
|
1EE5D3A0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715257943.000001EE5D3A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE5D3A0000
|
Size: |
4096
|
|
6437000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2056869017.0000000006437000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6437000
|
Size: |
20480
|
|
8178000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008178000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8178000
|
Size: |
40960
|
|
6325000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2267566176.0000000006325000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6325000
|
Size: |
36864
|
|
63AF000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948824376.00000000063AF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63AF000
|
Size: |
389120
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2B4E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2249826547.0000000002B4E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2B4E000
|
Size: |
8192
|
|
63AF000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2057428968.00000000063AF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63AF000
|
Size: |
245760
|
|
6399000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2057428968.0000000006399000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6399000
|
Size: |
77824
|
|
63AF000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2067340503.00000000063AF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63AF000
|
Size: |
389120
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1495000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2947256948.0000000001495000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1495000
|
Size: |
126976
|
|
98727FC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2947348503.00000098727FC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
98727FC000
|
Size: |
16384
|
|
643D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2058184078.000000000643D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
643D000
|
Size: |
53248
|
|
1EE5D22A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714928058.000001EE5D22A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE5D22A000
|
Size: |
8192
|
|
825D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000825D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
825D000
|
Size: |
20480
|
|
1EE774A0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1745333828.000001EE774A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE774A0000
|
Size: |
69632
|
|
2C51000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160888258.0000000002C51000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C51000
|
Size: |
208896
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
874D60F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714824927.000000874D60F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
874D60F000
|
Size: |
4096
|
|
893D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.000000000893D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
893D000
|
Size: |
20480
|
|
613E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2267024799.000000000613E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
613E000
|
Size: |
8192
|
|
7B10000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2061821082.0000000007B10000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7B10000
|
Size: |
12288
|
|
30E5000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000003.2274569050.00000000030E5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
30E5000
|
Size: |
8192
|
|
810E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000810E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
810E000
|
Size: |
20480
|
|
7BF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2062803011.0000000007BF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7BF0000
|
Size: |
24576
|
|
5320000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2032118978.0000000005320000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5320000
|
Size: |
24576
|
|
8292000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008292000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8292000
|
Size: |
65536
|
|
3C57000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2161307446.0000000003C57000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3C57000
|
Size: |
4096
|
|
98738FE000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000009.00000002.2948433851.00000098738FE000.00000002.00000001.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
98738FE000
|
Size: |
4096
|
|
F70000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160042918.0000000000F70000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F70000
|
Size: |
28672
|
|
89D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000089D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
89D0000
|
Size: |
20480
|
|
7B50000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2069055218.0000000007B50000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7B50000
|
Size: |
16384
|
|
1EE6F051000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1736362189.000001EE6F051000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE6F051000
|
Size: |
53248
|
|
4E0E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2047753783.0000000004E0E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4E0E000
|
Size: |
8192
|
|
34B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2046053112.00000000034B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34B0000
|
Size: |
32768
|
|
28AFECB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951030992.0000028AFECB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFECB0000
|
Size: |
4096
|
|
67CE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2269003030.00000000067CE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
67CE000
|
Size: |
8192
|
|
28AFEEEC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951722734.0000028AFEEEC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFEEEC000
|
Size: |
28672
|
|
896C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.000000000896C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
896C000
|
Size: |
20480
|
|
62EE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2267520481.00000000062EE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
62EE000
|
Size: |
8192
|
|
8966000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008966000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8966000
|
Size: |
20480
|
|
80FC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000080FC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
80FC000
|
Size: |
20480
|
|
801D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000801D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
801D000
|
Size: |
20480
|
|
7FFD9BA80000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1749221818.00007FFD9BA80000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9BA80000
|
Size: |
65536
|
|
3115000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000003115000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3115000
|
Size: |
20480
|
|
2F65000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002F65000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F65000
|
Size: |
4096
|
|
2E3B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002E3B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2E3B000
|
Size: |
4096
|
|
116F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160594799.000000000116F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
116F000
|
Size: |
4096
|
|
813D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000813D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
813D000
|
Size: |
20480
|
|
1EE5D27A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714928058.000001EE5D27A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE5D27A000
|
Size: |
86016
|
|
4CCD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2265428681.0000000004CCD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4CCD000
|
Size: |
12288
|
|
5330000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2035290033.0000000005330000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5330000
|
Size: |
16384
|
|
6E49000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2070214769.0000000006E49000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6E49000
|
Size: |
4096
|
|
8A28000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008A28000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A28000
|
Size: |
20480
|
|
30E5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.00000000030E5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
30E5000
|
Size: |
4096
|
|
28AFF015000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040570757.0000028AFF015000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF015000
|
Size: |
4096
|
|
5A00000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000006.00000002.2162688403.0000000005A00000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
5A00000
|
Size: |
45056
|
|
51DE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2161623750.00000000051DE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
51DE000
|
Size: |
8192
|
|
9872AFE000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000009.00000002.2947472668.0000009872AFE000.00000002.00000001.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
9872AFE000
|
Size: |
4096
|
|
52A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2048538649.00000000052A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
52A0000
|
Size: |
8192
|
|
642B000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2070457843.000000000642B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
642B000
|
Size: |
69632
|
|
1EE5D425000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715298513.000001EE5D425000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE5D425000
|
Size: |
40960
|
|
833C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000833C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
833C000
|
Size: |
20480
|
|
898F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.000000000898F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
898F000
|
Size: |
20480
|
|
FF0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2947099398.0000000000FF0000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FF0000
|
Size: |
4096
|
|
2F52000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002F52000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F52000
|
Size: |
4096
|
|
643D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2064079495.000000000643D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
643D000
|
Size: |
110592
|
|
28AFE880000
|
trusted library section
|
page readonly
|
|
|
|
Name: |
00000009.00000002.2950558055.0000028AFE880000.00000002.08000000.00040000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page readonly
|
Base address: |
28AFE880000
|
Size: |
65536
|
|
2EA7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002EA7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2EA7000
|
Size: |
4096
|
|
F00000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2159664529.0000000000F00000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
F00000
|
Size: |
8192
|
|
6EB0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2068218493.0000000006EB0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6EB0000
|
Size: |
61440
|
|
F04000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2248716600.0000000000F04000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
F04000
|
Size: |
4096
|
|
88F6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000088F6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
88F6000
|
Size: |
20480
|
|
1EE774C2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1745333828.000001EE774C2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE774C2000
|
Size: |
237568
|
|
4E5E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2048319719.0000000004E5E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4E5E000
|
Size: |
8192
|
|
2E75000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002E75000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2E75000
|
Size: |
4096
|
|
7FFD9B990000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1747616662.00007FFD9B990000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9B990000
|
Size: |
65536
|
|
52A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2048538649.00000000052A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
52A8000
|
Size: |
167936
|
|
62A0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2054557516.00000000062A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
62A0000
|
Size: |
69632
|
|
DF8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2246951962.0000000000DF8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
DF8000
|
Size: |
49152
|
|
28AFF020000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2952170918.0000028AFF020000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF020000
|
Size: |
4096
|
|
9466000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056557474.0000000009466000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
9466000
|
Size: |
4096
|
|
F50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2249057975.0000000000F50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
F50000
|
Size: |
4096
|
|
30FE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000003.2274867151.00000000030FE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
30FE000
|
Size: |
8192
|
|
31DE000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2043557826.00000000031DE000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
31DE000
|
Size: |
8192
|
|
89CA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000089CA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
89CA000
|
Size: |
20480
|
|
6C98000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2949754679.0000000006C98000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6C98000
|
Size: |
32768
|
|
6329000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948824376.0000000006329000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6329000
|
Size: |
49152
|
|
2AA0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2047832248.0000000002AA0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2AA0000
|
Size: |
16384
|
|
E5B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2247653196.0000000000E5B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
E5B000
|
Size: |
229376
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
640F000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2057428968.000000000640F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
640F000
|
Size: |
36864
|
|
530E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2048538649.000000000530E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
530E000
|
Size: |
1847296
|
|
640F000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2054557516.000000000640F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
640F000
|
Size: |
36864
|
|
D50000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2246707516.0000000000D50000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
D50000
|
Size: |
16384
|
|
68CE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2269074507.00000000068CE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
68CE000
|
Size: |
8192
|
|
50E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2057397274.00000000050E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
50E0000
|
Size: |
20480
|
|
8365000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008365000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8365000
|
Size: |
20480
|
|
3BD9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2265112792.0000000003BD9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3BD9000
|
Size: |
77824
|
|
807B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000807B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
807B000
|
Size: |
20480
|
|
2C60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002C60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C60000
|
Size: |
4096
|
|
5243000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2048538649.0000000005243000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5243000
|
Size: |
319488
|
|
6346000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2067340503.0000000006346000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6346000
|
Size: |
393216
|
|
828C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000828C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
828C000
|
Size: |
20480
|
|
28AFD85B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2949066007.0000028AFD85B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFD85B000
|
Size: |
69632
|
|
827A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000827A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
827A000
|
Size: |
20480
|
|
2C2F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002C2F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C2F000
|
Size: |
4096
|
|
2F72000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002F72000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F72000
|
Size: |
45056
|
|
3290000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2043642191.0000000003290000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3290000
|
Size: |
98304
|
|
66BF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2268513140.00000000066BF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
66BF000
|
Size: |
8192
|
|
30CE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.00000000030CE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
30CE000
|
Size: |
4096
|
|
1EE5D170000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714900857.000001EE5D170000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE5D170000
|
Size: |
16384
|
|
2BD0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2275362408.0000000002BD0000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2BD0000
|
Size: |
4096
|
|
15E4000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2947704249.00000000015E4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
15E4000
|
Size: |
45056
|
|
30FE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.00000000030FE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
30FE000
|
Size: |
12288
|
|
6EAB000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2070214769.0000000006EAB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6EAB000
|
Size: |
139264
|
|
28AFEE4F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951401320.0000028AFEE4F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFEE4F000
|
Size: |
8192
|
|
2B90000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2275325744.0000000002B90000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2B90000
|
Size: |
20480
|
|
80A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000080A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
80A4000
|
Size: |
20480
|
|
82D2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000082D2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
82D2000
|
Size: |
20480
|
|
874C47E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714461463.000000874C47E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
874C47E000
|
Size: |
8192
|
|
8995000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008995000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8995000
|
Size: |
20480
|
|
88E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2058275193.00000000088E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
88E0000
|
Size: |
4096
|
|
874C4FD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714483267.000000874C4FD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
874C4FD000
|
Size: |
12288
|
|
640F000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948824376.000000000640F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
640F000
|
Size: |
86016
|
|
6330000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2057893716.0000000006330000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6330000
|
Size: |
8192
|
|
87DD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000087DD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
87DD000
|
Size: |
49152
|
|
8898000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008898000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8898000
|
Size: |
20480
|
|
7FFD9B9E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1748143460.00007FFD9B9E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9B9E0000
|
Size: |
65536
|
|
7FFD9BAB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1749441948.00007FFD9BAB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9BAB0000
|
Size: |
24576
|
|
8274000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008274000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8274000
|
Size: |
20480
|
|
874C67E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714539896.000000874C67E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
874C67E000
|
Size: |
8192
|
|
721F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2057586613.000000000721F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
721F000
|
Size: |
4096
|
|
7FFD9B940000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1747234249.00007FFD9B940000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFD9B940000
|
Size: |
4096
|
|
7FFD9B960000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1747395580.00007FFD9B960000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFD9B960000
|
Size: |
12288
|
|
2AC0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000F.00000002.2273771955.0000000002AC0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
15
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2AC0000
|
Size: |
4096
|
|
2AA6000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2047832248.0000000002AA6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2AA6000
|
Size: |
12288
|
|
3220000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2043642191.0000000003220000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3220000
|
Size: |
28672
|
|
3269000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948015954.0000000003269000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
3269000
|
Size: |
28672
|
|
8A05000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008A05000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A05000
|
Size: |
40960
|
|
4C8C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2161376577.0000000004C8C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4C8C000
|
Size: |
16384
|
|
87D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2163311510.00000000087D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
87D0000
|
Size: |
4096
|
|
C30000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2159394496.0000000000C30000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
C30000
|
Size: |
4096
|
|
82F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000082F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
82F0000
|
Size: |
20480
|
|
641C000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2056869017.000000000641C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
641C000
|
Size: |
12288
|
|
5A10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2162721183.0000000005A10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5A10000
|
Size: |
12288
|
|
2C31000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002C31000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C31000
|
Size: |
16384
|
|
888D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.000000000888D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
888D000
|
Size: |
40960
|
|
816C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000816C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
816C000
|
Size: |
20480
|
|
28AFF08E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040570757.0000028AFF08E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF08E000
|
Size: |
4096
|
|
6336000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2057893716.0000000006336000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6336000
|
Size: |
53248
|
|
725E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2057682713.000000000725E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
725E000
|
Size: |
8192
|
|
307C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2043181113.000000000307C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
307C000
|
Size: |
16384
|
|
1EE7720E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1744127452.000001EE7720E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE7720E000
|
Size: |
8192
|
|
617D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2267103688.000000000617D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
617D000
|
Size: |
12288
|
|
28AFEE42000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951328923.0000028AFEE42000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFEE42000
|
Size: |
49152
|
|
8394000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008394000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8394000
|
Size: |
20480
|
|
7FFD9BAE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1749630236.00007FFD9BAE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9BAE0000
|
Size: |
4096
|
|
534E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2265838815.000000000534E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
534E000
|
Size: |
8192
|
|
7C80000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2063765058.0000000007C80000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C80000
|
Size: |
65536
|
|
81A1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000081A1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
81A1000
|
Size: |
20480
|
|
2D4B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002D4B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2D4B000
|
Size: |
4096
|
|
F30000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2159876368.0000000000F30000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
F30000
|
Size: |
4096
|
|
7FFD9B826000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1746405473.00007FFD9B826000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9B826000
|
Size: |
24576
|
|
28AFED00000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951128289.0000028AFED00000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFED00000
|
Size: |
4096
|
|
28AFD902000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2949609748.0000028AFD902000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFD902000
|
Size: |
45056
|
|
88B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000088B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
88B0000
|
Size: |
20480
|
|
5310000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2030740976.0000000005310000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5310000
|
Size: |
12288
|
|
1350000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2947149913.0000000001350000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1350000
|
Size: |
24576
|
|
8972000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008972000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8972000
|
Size: |
20480
|
|
28AFEE0F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951230208.0000028AFEE0F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFEE0F000
|
Size: |
49152
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
FD8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160042918.0000000000FD8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FD8000
|
Size: |
204800
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
598E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2162474165.000000000598E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
598E000
|
Size: |
8192
|
|
28AFEC40000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2950958178.0000028AFEC40000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFEC40000
|
Size: |
4096
|
|
874C6FE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714558353.000000874C6FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
874C6FE000
|
Size: |
8192
|
|
8319000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008319000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8319000
|
Size: |
20480
|
|
11C0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160692091.00000000011C0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
11C0000
|
Size: |
16384
|
|
641C000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2059119906.000000000641C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
641C000
|
Size: |
12288
|
|
28AFD710000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2948747905.0000028AFD710000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFD710000
|
Size: |
4096
|
|
1EE5D24B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714928058.000001EE5D24B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE5D24B000
|
Size: |
24576
|
|
987337E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2948115022.000000987337E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
987337E000
|
Size: |
8192
|
|
63A9000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2063516550.00000000063A9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63A9000
|
Size: |
12288
|
|
1EE5F4A7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715523883.000001EE5F4A7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE5F4A7000
|
Size: |
12288
|
|
1EE776D0000
|
trusted library section
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1745894177.000001EE776D0000.00000004.08000000.00040000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page read and write
|
Base address: |
1EE776D0000
|
Size: |
65536
|
|
7B18000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2061971502.0000000007B18000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7B18000
|
Size: |
12288
|
|
28AFED10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2043139074.0000028AFED10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFED10000
|
Size: |
4096
|
|
28AFD88F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2949269553.0000028AFD88F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFD88F000
|
Size: |
4096
|
|
1EE6F0C1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1736362189.000001EE6F0C1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE6F0C1000
|
Size: |
45056
|
|
28AFE11A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2107757946.0000028AFE11A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFE11A000
|
Size: |
4096
|
|
59F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2042436968.00000000059F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59F0000
|
Size: |
65536
|
|
F1D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000006.00000002.2159784014.0000000000F1D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
F1D000
|
Size: |
4096
|
|
835F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000835F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
835F000
|
Size: |
20480
|
|
CD6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2159511986.0000000000CD6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
CD6000
|
Size: |
12288
|
|
28A80000000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2948655479.0000028A80000000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28A80000000
|
Size: |
4096
|
|
2E64000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002E64000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2E64000
|
Size: |
57344
|
|
8A22000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008A22000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A22000
|
Size: |
20480
|
|
8228000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008228000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8228000
|
Size: |
20480
|
|
6329000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2054557516.0000000006329000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6329000
|
Size: |
36864
|
|
1019000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160042918.0000000001019000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1019000
|
Size: |
4096
|
|
7FFD9BAD0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1749566422.00007FFD9BAD0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9BAD0000
|
Size: |
49152
|
|
8195000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008195000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8195000
|
Size: |
20480
|
|
2BC0000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.2250047158.0000000002BC0000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
2BC0000
|
Size: |
4096
|
|
33CF000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2275817634.00000000033CF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
33CF000
|
Size: |
4096
|
|
6E20000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2949900767.0000000006E20000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6E20000
|
Size: |
73728
|
|
98729FB000
|
stack
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2947437569.00000098729FB000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
98729FB000
|
Size: |
20480
|
|
88DF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000088DF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
88DF000
|
Size: |
20480
|
|
2EBE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002EBE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2EBE000
|
Size: |
4096
|
|
643D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2056869017.000000000643D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
643D000
|
Size: |
53248
|
|
F92000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160042918.0000000000F92000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F92000
|
Size: |
32768
|
|
2EB3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002EB3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2EB3000
|
Size: |
32768
|
|
63AF000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2058184078.00000000063AF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63AF000
|
Size: |
245760
|
|
63EC000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2054557516.00000000063EC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63EC000
|
Size: |
139264
|
|
2C99000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160888258.0000000002C99000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C99000
|
Size: |
4096
|
|
1EE5F49D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715523883.000001EE5F49D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE5F49D000
|
Size: |
4096
|
|
815A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000815A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
815A000
|
Size: |
20480
|
|
66B4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2268513140.00000000066B4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
66B4000
|
Size: |
40960
|
|
2E92000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002E92000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2E92000
|
Size: |
4096
|
|
1370000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2947196761.0000000001370000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1370000
|
Size: |
8192
|
|
62E9000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2054557516.00000000062E9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
62E9000
|
Size: |
249856
|
|
645F000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2062759821.000000000645F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
645F000
|
Size: |
4096
|
|
1EE5FF25000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715523883.000001EE5FF25000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE5FF25000
|
Size: |
4096
|
|
7510000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2058791861.0000000007510000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7510000
|
Size: |
241664
|
|
7DE0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2069344901.0000000007DE0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7DE0000
|
Size: |
16384
|
|
563E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2162286078.000000000563E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
563E000
|
Size: |
8192
|
|
2E49000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002E49000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2E49000
|
Size: |
57344
|
|
923A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2269436995.000000000923A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
923A000
|
Size: |
8192
|
|
1EE5D190000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714928058.000001EE5D190000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE5D190000
|
Size: |
28672
|
|
7FFD9B9F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1748262813.00007FFD9B9F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9B9F0000
|
Size: |
65536
|
|
6E76000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2061424879.0000000006E76000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6E76000
|
Size: |
4096
|
|
3196000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2043464026.0000000003196000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3196000
|
Size: |
12288
|
|
1EE776E0000
|
trusted library section
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1745999472.000001EE776E0000.00000004.08000000.00040000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page read and write
|
Base address: |
1EE776E0000
|
Size: |
4096
|
|
6292000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2061630462.0000000006292000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6292000
|
Size: |
20480
|
|
28AFEE61000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951467795.0000028AFEE61000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFEE61000
|
Size: |
155648
|
|
50E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2161526421.00000000050E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
50E0000
|
Size: |
65536
|
|
1453000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2047698009.0000000001453000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1453000
|
Size: |
8192
|
|
59E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2043726939.00000000059E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59E0000
|
Size: |
16384
|
|
77EE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2163026922.00000000077EE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
77EE000
|
Size: |
8192
|
|
2AE0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000F.00000002.2273807012.0000000002AE0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
15
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2AE0000
|
Size: |
20480
|
|
644A000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2056755121.000000000644A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
644A000
|
Size: |
73728
|
|
30E7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.00000000030E7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
30E7000
|
Size: |
4096
|
|
8ABB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008ABB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8ABB000
|
Size: |
20480
|
|
635A000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2054557516.000000000635A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
635A000
|
Size: |
4096
|
|
6380000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.2267954212.0000000006380000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
6380000
|
Size: |
65536
|
|
98728FE000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000009.00000002.2947387992.00000098728FE000.00000002.00000001.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
98728FE000
|
Size: |
4096
|
|
5289000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2161994522.0000000005289000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5289000
|
Size: |
28672
|
|
28AFF0E8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040570757.0000028AFF0E8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF0E8000
|
Size: |
32768
|
|
59E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2043071261.00000000059E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59E0000
|
Size: |
16384
|
|
76ED000
|
stack
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2162893050.00000000076ED000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
76ED000
|
Size: |
12288
|
|
8125000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008125000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8125000
|
Size: |
20480
|
|
5275000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2161840585.0000000005275000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5275000
|
Size: |
36864
|
|
5290000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000006.00000002.2162091712.0000000005290000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
5290000
|
Size: |
4096
|
|
884C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.000000000884C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
884C000
|
Size: |
20480
|
|
28AFD813000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2948904972.0000028AFD813000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFD813000
|
Size: |
94208
|
|
98725FE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2947254358.00000098725FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
98725FE000
|
Size: |
8192
|
|
8216000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008216000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8216000
|
Size: |
20480
|
|
28AFEF00000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951971893.0000028AFEF00000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFEF00000
|
Size: |
4096
|
|
8A34000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008A34000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A34000
|
Size: |
40960
|
|
83A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000083A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
83A0000
|
Size: |
20480
|
|
816F000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2950874788.000000000816F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
816F000
|
Size: |
4096
|
|
30E5000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000003.2246692753.00000000030E5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
30E5000
|
Size: |
4096
|
|
63AF000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2056869017.00000000063AF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63AF000
|
Size: |
245760
|
|
6E49000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2949900767.0000000006E49000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6E49000
|
Size: |
4096
|
|
F26000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.2248914691.0000000000F26000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
F26000
|
Size: |
8192
|
|
51E1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2048538649.00000000051E1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
51E1000
|
Size: |
40960
|
|
9872BFB000
|
stack
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2947521295.0000009872BFB000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
9872BFB000
|
Size: |
20480
|
|
7FFD9B9D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1748033820.00007FFD9B9D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9B9D0000
|
Size: |
65536
|
|
6670000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2268197569.0000000006670000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6670000
|
Size: |
4096
|
|
2FA3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002FA3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2FA3000
|
Size: |
4096
|
|
8AB5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008AB5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8AB5000
|
Size: |
20480
|
|
59E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2043652996.00000000059E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59E0000
|
Size: |
12288
|
|
8A10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008A10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A10000
|
Size: |
20480
|
|
7319000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2950564048.0000000007319000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
7319000
|
Size: |
28672
|
|
1EE770CD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1742566655.000001EE770CD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE770CD000
|
Size: |
987136
|
|
2FBC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002FBC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2FBC000
|
Size: |
1101824
|
|
8869000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008869000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8869000
|
Size: |
20480
|
|
5330000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2034168748.0000000005330000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5330000
|
Size: |
16384
|
|
6437000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2059452039.0000000006437000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6437000
|
Size: |
20480
|
|
2E45000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002E45000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2E45000
|
Size: |
4096
|
|
2FA5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002FA5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2FA5000
|
Size: |
49152
|
|
30FE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000003.2246438491.00000000030FE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
30FE000
|
Size: |
4096
|
|
6F01000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2070018402.0000000006F01000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6F01000
|
Size: |
57344
|
|
792B000
|
stack
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2163067230.000000000792B000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
792B000
|
Size: |
20480
|
|
8330000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008330000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8330000
|
Size: |
20480
|
|
7A50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2055851601.0000000007A50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7A50000
|
Size: |
20480
|
|
6F10000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2070018402.0000000006F10000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6F10000
|
Size: |
106496
|
|
28AFE8C0000
|
trusted library section
|
page readonly
|
|
|
|
Name: |
00000009.00000002.2950813206.0000028AFE8C0000.00000002.08000000.00040000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page readonly
|
Base address: |
28AFE8C0000
|
Size: |
65536
|
|
7FFA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000007FFA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFA000
|
Size: |
65536
|
|
8BE8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2065093646.0000000008BE8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
8BE8000
|
Size: |
4096
|
|
889E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.000000000889E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
889E000
|
Size: |
20480
|
|
88BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000088BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
88BC000
|
Size: |
40960
|
|
63EC000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2056869017.00000000063EC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63EC000
|
Size: |
139264
|
|
30B7000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2043228221.00000000030B7000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
30B7000
|
Size: |
36864
|
|
874CC3C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714798935.000000874CC3C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
874CC3C000
|
Size: |
16384
|
|
13B7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2249587754.00000000013B7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13B7000
|
Size: |
16384
|
|
7FFD9BA00000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1748374928.00007FFD9BA00000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9BA00000
|
Size: |
65536
|
|
F3A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000006.00000002.2159936903.0000000000F3A000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
F3A000
|
Size: |
4096
|
|
697E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2269349885.000000000697E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
697E000
|
Size: |
8192
|
|
FF530000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000006.00000002.2163532749.00000000FF530000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
FF530000
|
Size: |
4096
|
|
28AFEEE3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951685960.0000028AFEEE3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFEEE3000
|
Size: |
16384
|
|
7FFD9B856000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1746550996.00007FFD9B856000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFD9B856000
|
Size: |
69632
|
|
1EE5D274000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714928058.000001EE5D274000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE5D274000
|
Size: |
4096
|
|
9113000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056557474.0000000009113000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
9113000
|
Size: |
8192
|
|
7B05000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2060284870.0000000007B05000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7B05000
|
Size: |
28672
|
|
2E77000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002E77000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2E77000
|
Size: |
4096
|
|
2E62000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002E62000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2E62000
|
Size: |
4096
|
|
28AFF06F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040570757.0000028AFF06F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF06F000
|
Size: |
4096
|
|
14C1000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2049894940.00000000014C1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
14C1000
|
Size: |
4096
|
|
5266000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2161840585.0000000005266000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5266000
|
Size: |
4096
|
|
5E73000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2051897661.0000000005E73000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5E73000
|
Size: |
512000
|
|
59E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2042483813.00000000059E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59E0000
|
Size: |
65536
|
|
8A51000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008A51000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A51000
|
Size: |
20480
|
|
28AFEEE8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951722734.0000028AFEEE8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFEEE8000
|
Size: |
12288
|
|
7FFD9B830000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1746488890.00007FFD9B830000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFD9B830000
|
Size: |
36864
|
|
6249000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2057109535.0000000006249000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6249000
|
Size: |
20480
|
|
28AFEE54000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951401320.0000028AFEE54000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFEE54000
|
Size: |
49152
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
8880000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2064512199.0000000008880000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
8880000
|
Size: |
4096
|
|
874CA3E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714715646.000000874CA3E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
874CA3E000
|
Size: |
8192
|
|
30CC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.00000000030CC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
30CC000
|
Size: |
4096
|
|
603E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2266929853.000000000603E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
603E000
|
Size: |
8192
|
|
803A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000803A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
803A000
|
Size: |
20480
|
|
1EE5D160000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714880966.000001EE5D160000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE5D160000
|
Size: |
4096
|
|
6931000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2269292291.0000000006931000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6931000
|
Size: |
20480
|
|
7DF4DC900000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1746050765.00007DF4DC900000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7DF4DC900000
|
Size: |
4096
|
|
6319000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2267566176.0000000006319000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6319000
|
Size: |
4096
|
|
34D7000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2046390546.00000000034D7000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
34D7000
|
Size: |
36864
|
|
643D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2054557516.000000000643D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
643D000
|
Size: |
126976
|
|
640F000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2058184078.000000000640F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
640F000
|
Size: |
36864
|
|
13D0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2947256948.00000000013D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13D0000
|
Size: |
610304
|
|
1EE5F49F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715523883.000001EE5F49F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE5F49F000
|
Size: |
12288
|
|
82C1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000082C1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
82C1000
|
Size: |
65536
|
|
874C83E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714636962.000000874C83E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
874C83E000
|
Size: |
8192
|
|
30E5000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000003.2274950119.00000000030E5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
30E5000
|
Size: |
8192
|
|
80B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000080B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
80B0000
|
Size: |
20480
|
|
28AFD8A2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2949269553.0000028AFD8A2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFD8A2000
|
Size: |
45056
|
|
59F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2043139322.00000000059F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59F0000
|
Size: |
12288
|
|
28AFF091000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040570757.0000028AFF091000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF091000
|
Size: |
57344
|
|
8160000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008160000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8160000
|
Size: |
20480
|
|
73FB000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2058279617.00000000073FB000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
73FB000
|
Size: |
20480
|
|
8A92000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008A92000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A92000
|
Size: |
65536
|
|
DF0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2246951962.0000000000DF0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
DF0000
|
Size: |
28672
|
|
53C0000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.2266121995.00000000053C0000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
53C0000
|
Size: |
4096
|
|
4AC0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948283291.0000000004AC0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4AC0000
|
Size: |
262144
|
|
80E5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000080E5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
80E5000
|
Size: |
20480
|
|
82AF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000082AF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
82AF000
|
Size: |
20480
|
|
1EE5D360000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715239328.000001EE5D360000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE5D360000
|
Size: |
4096
|
|
66AE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2268513140.00000000066AE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
66AE000
|
Size: |
20480
|
|
1EE5D420000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715298513.000001EE5D420000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE5D420000
|
Size: |
16384
|
|
30D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.00000000030D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
30D0000
|
Size: |
4096
|
|
8943000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008943000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8943000
|
Size: |
20480
|
|
59E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2042785823.00000000059E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59E0000
|
Size: |
12288
|
|
2EC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002EC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2EC0000
|
Size: |
475136
|
|
8286000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008286000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8286000
|
Size: |
20480
|
|
54C9000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2266160399.00000000054C9000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
54C9000
|
Size: |
28672
|
|
321E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2043603899.000000000321E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
321E000
|
Size: |
8192
|
|
98724FE000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000009.00000002.2947194570.00000098724FE000.00000002.00000001.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
98724FE000
|
Size: |
4096
|
|
2C22000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002C22000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C22000
|
Size: |
8192
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
|
6F01000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2949900767.0000000006F01000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6F01000
|
Size: |
57344
|
|
66C7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2268513140.00000000066C7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
66C7000
|
Size: |
16384
|
|
883A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.000000000883A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
883A000
|
Size: |
20480
|
|
30D0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2275592916.00000000030D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
30D0000
|
Size: |
20480
|
|
647D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948824376.000000000647D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
647D000
|
Size: |
73728
|
|
98740FE000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000009.00000002.2948618017.00000098740FE000.00000002.00000001.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
98740FE000
|
Size: |
4096
|
|
2C36000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002C36000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C36000
|
Size: |
81920
|
|
28AFE201000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2950212638.0000028AFE201000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFE201000
|
Size: |
4096
|
|
28AFE000000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2949876082.0000028AFE000000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFE000000
|
Size: |
4096
|
|
27CC000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000F.00000002.2273510252.00000000027CC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
15
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
27CC000
|
Size: |
16384
|
|
641C000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2059879105.000000000641C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
641C000
|
Size: |
12288
|
|
28AFF107000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040570757.0000028AFF107000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF107000
|
Size: |
73728
|
|
895A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.000000000895A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
895A000
|
Size: |
20480
|
|
EBF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2248258838.0000000000EBF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
EBF000
|
Size: |
36864
|
|
28AFF0A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040570757.0000028AFF0A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF0A0000
|
Size: |
4096
|
|
529D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2048538649.000000000529D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
529D000
|
Size: |
8192
|
|
100D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160042918.000000000100D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
100D000
|
Size: |
45056
|
|
874CBBF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714775660.000000874CBBF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
874CBBF000
|
Size: |
4096
|
|
6E37000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2070214769.0000000006E37000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6E37000
|
Size: |
4096
|
|
2E47000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002E47000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2E47000
|
Size: |
4096
|
|
52A3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2048538649.00000000052A3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
52A3000
|
Size: |
16384
|
|
87D1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2057706973.00000000087D1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
87D1000
|
Size: |
20480
|
|
8AA3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008AA3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8AA3000
|
Size: |
20480
|
|
63A9000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2062759821.00000000063A9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63A9000
|
Size: |
12288
|
|
7B11000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2064641743.0000000007B11000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7B11000
|
Size: |
8192
|
|
3102000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000003102000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3102000
|
Size: |
4096
|
|
30FE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000003.2246512099.00000000030FE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
30FE000
|
Size: |
4096
|
|
640F000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2064079495.000000000640F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
640F000
|
Size: |
61440
|
|
81D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000081D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
81D0000
|
Size: |
20480
|
|
8A1C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008A1C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A1C000
|
Size: |
20480
|
|
874C57E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714504619.000000874C57E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
874C57E000
|
Size: |
8192
|
|
8040000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008040000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8040000
|
Size: |
20480
|
|
276B000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2047565950.000000000276B000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
276B000
|
Size: |
20480
|
|
28AFECE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2063307960.0000028AFECE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFECE0000
|
Size: |
4096
|
|
2F6D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002F6D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F6D000
|
Size: |
4096
|
|
1EE61080000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715523883.000001EE61080000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE61080000
|
Size: |
655360
|
|
6297000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2067340503.0000000006297000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6297000
|
Size: |
4096
|
|
74BD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2058637957.00000000074BD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
74BD000
|
Size: |
12288
|
|
8954000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008954000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8954000
|
Size: |
20480
|
|
874D70B000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714863388.000000874D70B000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
874D70B000
|
Size: |
20480
|
|
4E70000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2048389264.0000000004E70000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
4E70000
|
Size: |
4096
|
|
1EE5EC70000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1715429369.000001EE5EC70000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
1EE5EC70000
|
Size: |
4096
|
|
DE9000
|
stack
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2159570492.0000000000DE9000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
DE9000
|
Size: |
28672
|
|
8BDC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2163412050.0000000008BDC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
8BDC000
|
Size: |
8192
|
|
2D3F000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2048331379.0000000002D3F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2D3F000
|
Size: |
4096
|
|
5C3E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2266593196.0000000005C3E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5C3E000
|
Size: |
8192
|
|
54D4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2048538649.00000000054D4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
54D4000
|
Size: |
106496
|
|
839A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000839A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
839A000
|
Size: |
20480
|
|
7FFD9B774000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1746189872.00007FFD9B774000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9B774000
|
Size: |
36864
|
|
1EE60680000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715523883.000001EE60680000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE60680000
|
Size: |
10485760
|
|
7FFD9B773000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1746162539.00007FFD9B773000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFD9B773000
|
Size: |
4096
|
|
6F0D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2068283990.0000000006F0D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6F0D000
|
Size: |
110592
|
|
1EE6F07A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1736362189.000001EE6F07A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE6F07A000
|
Size: |
274432
|
|
1EE77251000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1744127452.000001EE77251000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE77251000
|
Size: |
380928
|
|
6210000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948771433.0000000006210000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6210000
|
Size: |
61440
|
|
9B7000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2246528207.00000000009B7000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
9B7000
|
Size: |
36864
|
|
59E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2042556277.00000000059E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59E0000
|
Size: |
12288
|
|
63AF000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2070457843.00000000063AF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63AF000
|
Size: |
389120
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6345000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2057893716.0000000006345000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6345000
|
Size: |
69632
|
|
5310000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2031080047.0000000005310000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5310000
|
Size: |
20480
|
|
88B6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000088B6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
88B6000
|
Size: |
20480
|
|
28AFDF90000
|
trusted library section
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2949826048.0000028AFDF90000.00000004.08000000.00040000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page read and write
|
Base address: |
28AFDF90000
|
Size: |
4096
|
|
1EE6030E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715523883.000001EE6030E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE6030E000
|
Size: |
155648
|
|
8840000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008840000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8840000
|
Size: |
20480
|
|
8A5D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008A5D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A5D000
|
Size: |
20480
|
|
DB0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2246890649.0000000000DB0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
DB0000
|
Size: |
4096
|
|
7FFD9BA60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1749019653.00007FFD9BA60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9BA60000
|
Size: |
65536
|
|
6680000
|
trusted library section
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2268239486.0000000006680000.00000004.08000000.00040000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page read and write
|
Base address: |
6680000
|
Size: |
4096
|
|
145A000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2047638770.000000000145A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
145A000
|
Size: |
28672
|
|
643D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2059775444.000000000643D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
643D000
|
Size: |
4096
|
|
2B6F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160765075.0000000002B6F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2B6F000
|
Size: |
4096
|
|
642B000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948824376.000000000642B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
642B000
|
Size: |
69632
|
|
52CD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2265737371.00000000052CD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
52CD000
|
Size: |
12288
|
|
7C50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2063389875.0000000007C50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C50000
|
Size: |
65536
|
|
8AF6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008AF6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8AF6000
|
Size: |
40960
|
|
32CF000
|
unkown
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2275752499.00000000032CF000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
32CF000
|
Size: |
4096
|
|
2FB6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002FB6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2FB6000
|
Size: |
4096
|
|
15F0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2947807477.00000000015F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
15F0000
|
Size: |
16384
|
|
30DF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.00000000030DF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
30DF000
|
Size: |
12288
|
|
89C4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000089C4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
89C4000
|
Size: |
20480
|
|
F03000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.2248692784.0000000000F03000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
F03000
|
Size: |
4096
|
|
874C77D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714585528.000000874C77D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
874C77D000
|
Size: |
12288
|
|
640F000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2067340503.000000000640F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
640F000
|
Size: |
69632
|
|
2BEC000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000003.2047291729.0000000002BEC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2BEC000
|
Size: |
147456
|
|
2C8E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160888258.0000000002C8E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C8E000
|
Size: |
4096
|
|
2F35000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002F35000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F35000
|
Size: |
4096
|
|
3313000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2045233207.0000000003313000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3313000
|
Size: |
49152
|
|
F60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160016132.0000000000F60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
F60000
|
Size: |
4096
|
|
6EAA000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2068218493.0000000006EAA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6EAA000
|
Size: |
20480
|
|
6E41000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2070214769.0000000006E41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6E41000
|
Size: |
28672
|
|
63AF000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2061630462.00000000063AF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63AF000
|
Size: |
389120
|
|
32C0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2043642191.00000000032C0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
32C0000
|
Size: |
176128
|
|
28AFF064000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040570757.0000028AFF064000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF064000
|
Size: |
28672
|
|
1EE5D22F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714928058.000001EE5D22F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE5D22F000
|
Size: |
4096
|
|
7B44000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2062417725.0000000007B44000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7B44000
|
Size: |
20480
|
|
635E000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2054557516.000000000635E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
635E000
|
Size: |
319488
|
|
28AFF11A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040570757.0000028AFF11A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF11A000
|
Size: |
28672
|
|
62B3000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2061630462.00000000062B3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
62B3000
|
Size: |
4096
|
|
30D2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.00000000030D2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
30D2000
|
Size: |
49152
|
|
8858000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008858000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8858000
|
Size: |
65536
|
|
8280000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008280000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8280000
|
Size: |
20480
|
|
652E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2268074246.000000000652E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
652E000
|
Size: |
8192
|
|
552A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2048538649.000000000552A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
552A000
|
Size: |
4096
|
|
3530000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2046984366.0000000003530000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3530000
|
Size: |
28672
|
|
6439000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2059775444.0000000006439000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6439000
|
Size: |
12288
|
|
645F000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2064495158.000000000645F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
645F000
|
Size: |
4096
|
|
7FFD9B910000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1746806233.00007FFD9B910000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9B910000
|
Size: |
65536
|
|
8AC1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008AC1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8AC1000
|
Size: |
65536
|
|
881D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.000000000881D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
881D000
|
Size: |
20480
|
|
7FFD9B930000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1747169921.00007FFD9B930000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFD9B930000
|
Size: |
20480
|
|
83B2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000083B2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
83B2000
|
Size: |
36864
|
|
304E000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2275562736.000000000304E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
304E000
|
Size: |
8192
|
|
874D68B000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714843398.000000874D68B000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
874D68B000
|
Size: |
20480
|
|
52B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2030171984.00000000052B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
52B0000
|
Size: |
20480
|
|
6333000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2057893716.0000000006333000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6333000
|
Size: |
8192
|
|
F78000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160042918.0000000000F78000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F78000
|
Size: |
90112
|
|
2BC0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2047985071.0000000002BC0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2BC0000
|
Size: |
24576
|
|
7A40000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056127417.0000000007A40000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7A40000
|
Size: |
65536
|
|
2EA9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002EA9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2EA9000
|
Size: |
12288
|
|
6425000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948824376.0000000006425000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6425000
|
Size: |
8192
|
|
3109000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000003109000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3109000
|
Size: |
45056
|
|
28AFF000000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2952066240.0000028AFF000000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF000000
|
Size: |
4096
|
|
50D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2161452985.00000000050D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
50D0000
|
Size: |
65536
|
|
8B07000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008B07000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8B07000
|
Size: |
20480
|
|
5300000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2030200992.0000000005300000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5300000
|
Size: |
49152
|
|
2C1E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002C1E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C1E000
|
Size: |
8192
|
|
27AB000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2047619227.00000000027AB000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
27AB000
|
Size: |
20480
|
|
89F3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000089F3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
89F3000
|
Size: |
20480
|
|
28AFF070000
|
remote allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2046386007.0000028AFF070000.00000004.00000400.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
remote allocation
|
Protect: |
page read and write
|
Base address: |
28AFF070000
|
Size: |
4096
|
|
8052000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008052000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8052000
|
Size: |
20480
|
|
F60000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.2249083581.0000000000F60000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
F60000
|
Size: |
65536
|
|
2C25000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002C25000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C25000
|
Size: |
4096
|
|
2E8E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002E8E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2E8E000
|
Size: |
4096
|
|
8AF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008AF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8AF0000
|
Size: |
20480
|
|
7FF5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000007FF5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF5000
|
Size: |
16384
|
|
642C000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2062759821.000000000642C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
642C000
|
Size: |
65536
|
|
28AFEE88000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951467795.0000028AFEE88000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFEE88000
|
Size: |
4096
|
|
2CA3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160888258.0000000002CA3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2CA3000
|
Size: |
4096
|
|
2ABE000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000F.00000002.2273704317.0000000002ABE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
15
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2ABE000
|
Size: |
8192
|
|
6E41000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2067131872.0000000006E41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6E41000
|
Size: |
28672
|
|
2E7F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002E7F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2E7F000
|
Size: |
49152
|
|
6E8A000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2068083265.0000000006E8A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6E8A000
|
Size: |
151552
|
|
1EE5EC50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715403559.000001EE5EC50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE5EC50000
|
Size: |
65536
|
|
59DE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2162599859.00000000059DE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
59DE000
|
Size: |
8192
|
|
2F7E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002F7E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F7E000
|
Size: |
4096
|
|
8A57000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008A57000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A57000
|
Size: |
20480
|
|
6EB0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2067131872.0000000006EB0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6EB0000
|
Size: |
61440
|
|
8172000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008172000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8172000
|
Size: |
20480
|
|
6333000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2054557516.0000000006333000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6333000
|
Size: |
8192
|
|
5CBE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2266682115.0000000005CBE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5CBE000
|
Size: |
8192
|
|
2E58000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002E58000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2E58000
|
Size: |
4096
|
|
28AFF0C2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040570757.0000028AFF0C2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF0C2000
|
Size: |
135168
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
7FFD9B780000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1746281213.00007FFD9B780000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9B780000
|
Size: |
40960
|
|
8852000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008852000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8852000
|
Size: |
20480
|
|
1EE5F4A3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715523883.000001EE5F4A3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE5F4A3000
|
Size: |
8192
|
|
804C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000804C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
804C000
|
Size: |
20480
|
|
7CB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2064164546.0000000007CB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7CB0000
|
Size: |
65536
|
|
647D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2061630462.000000000647D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
647D000
|
Size: |
73728
|
|
28AFD7F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2948799409.0000028AFD7F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFD7F0000
|
Size: |
4096
|
|
1EE5EC40000
|
heap
|
page readonly
|
|
|
|
Name: |
00000000.00000002.1715383105.000001EE5EC40000.00000002.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page readonly
|
Base address: |
1EE5EC40000
|
Size: |
4096
|
|
3BD1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2265112792.0000000003BD1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3BD1000
|
Size: |
20480
|
|
28AFF0F4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040570757.0000028AFF0F4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF0F4000
|
Size: |
28672
|
|
6E2A000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2068351438.0000000006E2A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6E2A000
|
Size: |
32768
|
|
7500000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2058791861.0000000007500000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7500000
|
Size: |
36864
|
|
6336000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948824376.0000000006336000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6336000
|
Size: |
53248
|
|
7FFD9BA90000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1749306637.00007FFD9BA90000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9BA90000
|
Size: |
12288
|
|
490E000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2048465798.000000000490E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
490E000
|
Size: |
8192
|
|
1EE5EC00000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715342838.000001EE5EC00000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE5EC00000
|
Size: |
4096
|
|
2ACE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2249730982.0000000002ACE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2ACE000
|
Size: |
8192
|
|
4DCC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2047675047.0000000004DCC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4DCC000
|
Size: |
16384
|
|
8325000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008325000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8325000
|
Size: |
40960
|
|
8098000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008098000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8098000
|
Size: |
20480
|
|
5E70000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948455136.0000000005E70000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5E70000
|
Size: |
8192
|
|
34AD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2045971028.00000000034AD000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
34AD000
|
Size: |
4096
|
|
63A7000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2067340503.00000000063A7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63A7000
|
Size: |
20480
|
|
FA8000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2946968619.0000000000FA8000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
FA8000
|
Size: |
32768
|
|
44F0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2048370878.00000000044F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
44F0000
|
Size: |
4096
|
|
830D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000830D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
830D000
|
Size: |
20480
|
|
34D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2046247420.00000000034D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34D0000
|
Size: |
4096
|
|
28AFEC11000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2950897209.0000028AFEC11000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFEC11000
|
Size: |
4096
|
|
82A3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000082A3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
82A3000
|
Size: |
20480
|
|
5331000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2034225490.0000000005331000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5331000
|
Size: |
53248
|
|
772D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2059343153.000000000772D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
772D000
|
Size: |
12288
|
|
2FB8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002FB8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2FB8000
|
Size: |
4096
|
|
2E41000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002E41000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2E41000
|
Size: |
4096
|
|
1EE5D1A2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714928058.000001EE5D1A2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE5D1A2000
|
Size: |
548864
|
|
28AFD8A0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2949269553.0000028AFD8A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFD8A0000
|
Size: |
4096
|
|
59E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2162634204.00000000059E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59E0000
|
Size: |
28672
|
|
E28000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2247089519.0000000000E28000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
E28000
|
Size: |
20480
|
|
8354000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008354000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8354000
|
Size: |
40960
|
|
28AFF00E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040570757.0000028AFF00E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF00E000
|
Size: |
24576
|
|
62B8000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2054557516.00000000062B8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
62B8000
|
Size: |
192512
|
|
1468000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2947256948.0000000001468000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1468000
|
Size: |
135168
|
|
EF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2248632036.0000000000EF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
EF0000
|
Size: |
8192
|
|
1EE6F2BF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1736362189.000001EE6F2BF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE6F2BF000
|
Size: |
2342912
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
5C7E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2266636487.0000000005C7E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5C7E000
|
Size: |
8192
|
|
63AF000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2062759821.00000000063AF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63AF000
|
Size: |
389120
|
|
59E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2043352818.00000000059E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59E0000
|
Size: |
16384
|
|
F3B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.2249030054.0000000000F3B000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
F3B000
|
Size: |
4096
|
|
2A3C000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000F.00000002.2273589741.0000000002A3C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
15
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2A3C000
|
Size: |
16384
|
|
8023000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008023000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8023000
|
Size: |
20480
|
|
28AFF0FC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040570757.0000028AFF0FC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF0FC000
|
Size: |
4096
|
|
2C85000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160888258.0000000002C85000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C85000
|
Size: |
12288
|
|
88FC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000088FC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
88FC000
|
Size: |
20480
|
|
7FFD9BAC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1749511894.00007FFD9BAC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9BAC0000
|
Size: |
24576
|
|
6209000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2057109535.0000000006209000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6209000
|
Size: |
176128
|
|
8BEF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056432214.0000000008BEF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
8BEF000
|
Size: |
4096
|
|
7A2E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2059986812.0000000007A2E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
7A2E000
|
Size: |
8192
|
|
F2A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.2248947482.0000000000F2A000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
F2A000
|
Size: |
8192
|
|
30CA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.00000000030CA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
30CA000
|
Size: |
4096
|
|
639C000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2061630462.000000000639C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
639C000
|
Size: |
40960
|
|
8A8C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008A8C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A8C000
|
Size: |
20480
|
|
5DBD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2266724691.0000000005DBD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5DBD000
|
Size: |
12288
|
|
385F000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948234881.000000000385F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
385F000
|
Size: |
4096
|
|
1EE77370000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1745179698.000001EE77370000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
1EE77370000
|
Size: |
20480
|
|
5BFE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2266550868.0000000005BFE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5BFE000
|
Size: |
8192
|
|
7FFD9BA40000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1748819602.00007FFD9BA40000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9BA40000
|
Size: |
65536
|
|
645F000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2064079495.000000000645F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
645F000
|
Size: |
4096
|
|
2F80000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002F80000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F80000
|
Size: |
28672
|
|
6336000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2070457843.0000000006336000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6336000
|
Size: |
53248
|
|
642C000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2063516550.000000000642C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
642C000
|
Size: |
65536
|
|
28AFEE2C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951328923.0000028AFEE2C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFEE2C000
|
Size: |
73728
|
|
76AD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2059205665.00000000076AD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
76AD000
|
Size: |
12288
|
|
7AAD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2060096394.0000000007AAD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
7AAD000
|
Size: |
12288
|
|
61E1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2057109535.00000000061E1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
61E1000
|
Size: |
28672
|
|
28AFD800000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2948853923.0000028AFD800000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFD800000
|
Size: |
73728
|
|
310E000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000003.2274324737.000000000310E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
310E000
|
Size: |
12288
|
|
7CA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2064039245.0000000007CA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7CA0000
|
Size: |
65536
|
|
52B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2030293131.00000000052B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
52B0000
|
Size: |
32768
|
|
647D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2068379674.000000000647D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
647D000
|
Size: |
73728
|
|
8245000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008245000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8245000
|
Size: |
20480
|
|
9871E7B000
|
stack
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2946967868.0000009871E7B000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
9871E7B000
|
Size: |
20480
|
|
8BB000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2246463574.00000000008BB000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
8BB000
|
Size: |
20480
|
|
7B1E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2064641743.0000000007B1E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7B1E000
|
Size: |
53248
|
|
6459000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2062759821.0000000006459000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6459000
|
Size: |
20480
|
|
2E90000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002E90000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2E90000
|
Size: |
4096
|
|
3106000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000003106000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3106000
|
Size: |
4096
|
|
5512000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2048538649.0000000005512000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5512000
|
Size: |
77824
|
|
28AFD8FF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2949609748.0000028AFD8FF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFD8FF000
|
Size: |
8192
|
|
5227000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2048538649.0000000005227000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5227000
|
Size: |
86016
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
7CB0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2069228852.0000000007CB0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7CB0000
|
Size: |
16384
|
|
640F000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2070457843.000000000640F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
640F000
|
Size: |
86016
|
|
CBE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2159454483.0000000000CBE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
CBE000
|
Size: |
8192
|
|
8B01000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008B01000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8B01000
|
Size: |
20480
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
Name: |
00000006.00000002.2159298688.0000000000400000.00000040.00000400.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
remote allocation
|
Protect: |
page execute and read and write
|
Base address: |
400000
|
Size: |
4096
|
|
4B13000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2071410029.0000000004B13000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4B13000
|
Size: |
8192
|
|
6180000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2267170473.0000000006180000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6180000
|
Size: |
4096
|
|
31D9000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2947967895.00000000031D9000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
31D9000
|
Size: |
28672
|
|
50E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2057553110.00000000050E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
50E0000
|
Size: |
4096
|
|
7FFD9B77D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1746249259.00007FFD9B77D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFD9B77D000
|
Size: |
12288
|
|
8D23000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2064047901.0000000008D23000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8D23000
|
Size: |
3330048
|
|
63EC000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2058759143.00000000063EC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63EC000
|
Size: |
139264
|
|
87F5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000087F5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
87F5000
|
Size: |
16384
|
|
5680000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2162358958.0000000005680000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5680000
|
Size: |
4096
|
|
80C7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000080C7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
80C7000
|
Size: |
20480
|
|
5273000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2161840585.0000000005273000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5273000
|
Size: |
4096
|
|
1EE5F4E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715523883.000001EE5F4E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE5F4E0000
|
Size: |
10485760
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
59E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2042975079.00000000059E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59E0000
|
Size: |
12288
|
|
6459000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2061630462.0000000006459000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6459000
|
Size: |
20480
|
|
8881000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008881000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8881000
|
Size: |
20480
|
|
59E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2042530516.00000000059E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59E0000
|
Size: |
12288
|
|
643E000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2068379674.000000000643E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
643E000
|
Size: |
106496
|
|
6459000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2063516550.0000000006459000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6459000
|
Size: |
20480
|
|
8949000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008949000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8949000
|
Size: |
40960
|
|
1EE6F060000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1736362189.000001EE6F060000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE6F060000
|
Size: |
69632
|
|
28AFEE8A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951467795.0000028AFEE8A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFEE8A000
|
Size: |
221184
|
|
310F000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000003.2274426368.000000000310F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
310F000
|
Size: |
8192
|
|
ED0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2159602090.0000000000ED0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
ED0000
|
Size: |
20480
|
|
28AFD891000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2949269553.0000028AFD891000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFD891000
|
Size: |
4096
|
|
3190000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2043464026.0000000003190000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3190000
|
Size: |
16384
|
|
3138000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000003138000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3138000
|
Size: |
4096
|
|
87FA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000087FA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
87FA000
|
Size: |
65536
|
|
88D9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000088D9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
88D9000
|
Size: |
20480
|
|
2CB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160888258.0000000002CB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2CB0000
|
Size: |
53248
|
|
7AB0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2060200056.0000000007AB0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7AB0000
|
Size: |
4096
|
|
412000
|
remote allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.2246251774.0000000000412000.00000040.00000400.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
remote allocation
|
Protect: |
page execute and read and write
|
Base address: |
412000
|
Size: |
4096
|
|
104B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2058148647.000000000104B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
104B000
|
Size: |
20480
|
|
1EE77211000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1744127452.000001EE77211000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE77211000
|
Size: |
258048
|
|
5226000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2161669538.0000000005226000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5226000
|
Size: |
36864
|
|
E95000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2248068419.0000000000E95000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
E95000
|
Size: |
81920
|
|
311B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.000000000311B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
311B000
|
Size: |
4096
|
|
75ED000
|
stack
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2162859129.00000000075ED000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
75ED000
|
Size: |
12288
|
|
498F000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2048542884.000000000498F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
498F000
|
Size: |
4096
|
|
7B14000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2061883112.0000000007B14000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7B14000
|
Size: |
12288
|
|
6346000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948824376.0000000006346000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6346000
|
Size: |
393216
|
|
2BEF000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2047985071.0000000002BEF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2BEF000
|
Size: |
135168
|
|
7AF9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2060284870.0000000007AF9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7AF9000
|
Size: |
40960
|
|
1EE5F051000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715523883.000001EE5F051000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE5F051000
|
Size: |
536576
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1EE774FD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1745333828.000001EE774FD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE774FD000
|
Size: |
114688
|
|
51C0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2265645438.00000000051C0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
51C0000
|
Size: |
4096
|
|
2F69000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002F69000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F69000
|
Size: |
12288
|
|
52D3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2048538649.00000000052D3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
52D3000
|
Size: |
237568
|
|
50F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2161563759.00000000050F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
50F0000
|
Size: |
4096
|
|
880B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.000000000880B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
880B000
|
Size: |
20480
|
|
2E94000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002E94000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2E94000
|
Size: |
65536
|
|
5370000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2265926997.0000000005370000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5370000
|
Size: |
4096
|
|
28AFF0A3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040570757.0000028AFF0A3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF0A3000
|
Size: |
90112
|
|
8904000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2057894829.0000000008904000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
8904000
|
Size: |
4096
|
|
81F9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000081F9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
81F9000
|
Size: |
20480
|
|
6330000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2063369840.0000000006330000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6330000
|
Size: |
77824
|
|
34A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2045748502.00000000034A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34A0000
|
Size: |
12288
|
|
81CA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000081CA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
81CA000
|
Size: |
20480
|
|
F00000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2248666388.0000000000F00000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
F00000
|
Size: |
4096
|
|
F36000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000006.00000002.2159907173.0000000000F36000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
F36000
|
Size: |
8192
|
|
2C5C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002C5C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C5C000
|
Size: |
4096
|
|
7FFD9B952000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1747275149.00007FFD9B952000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9B952000
|
Size: |
8192
|
|
7BD0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2062650786.0000000007BD0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7BD0000
|
Size: |
4096
|
|
641C000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2059452039.000000000641C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
641C000
|
Size: |
12288
|
|
82B5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000082B5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
82B5000
|
Size: |
20480
|
|
6336000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2054557516.0000000006336000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6336000
|
Size: |
53248
|
|
494D000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2048507308.000000000494D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
494D000
|
Size: |
12288
|
|
12CF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160734480.00000000012CF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
12CF000
|
Size: |
4096
|
|
7B36000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2062267218.0000000007B36000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7B36000
|
Size: |
8192
|
|
8A45000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008A45000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A45000
|
Size: |
20480
|
|
28AFF0E5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040570757.0000028AFF0E5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF0E5000
|
Size: |
4096
|
|
7FFD9B820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1746361730.00007FFD9B820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9B820000
|
Size: |
8192
|
|
874C9B9000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714697433.000000874C9B9000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
874C9B9000
|
Size: |
28672
|
|
59E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2043024900.00000000059E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59E0000
|
Size: |
12288
|
|
76EC000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2950722945.00000000076EC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
76EC000
|
Size: |
16384
|
|
874C8B7000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714656217.000000874C8B7000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
874C8B7000
|
Size: |
36864
|
|
49FE000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2048578008.00000000049FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
49FE000
|
Size: |
8192
|
|
1EE5ECD0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715449561.000001EE5ECD0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE5ECD0000
|
Size: |
4096
|
|
635A000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2056869017.000000000635A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
635A000
|
Size: |
4096
|
|
62E9000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948824376.00000000062E9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
62E9000
|
Size: |
249856
|
|
6EAB000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2949900767.0000000006EAB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6EAB000
|
Size: |
184320
|
|
7B2A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2062202202.0000000007B2A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7B2A000
|
Size: |
8192
|
|
747E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2058578376.000000000747E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
747E000
|
Size: |
8192
|
|
6459000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2064495158.0000000006459000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6459000
|
Size: |
20480
|
|
647D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2062759821.000000000647D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
647D000
|
Size: |
73728
|
|
8251000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008251000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8251000
|
Size: |
20480
|
|
8307000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008307000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8307000
|
Size: |
20480
|
|
88E1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2057894829.00000000088E1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
88E1000
|
Size: |
40960
|
|
E2E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2247357569.0000000000E2E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
E2E000
|
Size: |
180224
|
|
4A3F000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2048638151.0000000004A3F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4A3F000
|
Size: |
4096
|
|
28AFE790000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2950431237.0000028AFE790000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFE790000
|
Size: |
4096
|
|
7FFD9B970000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1747430923.00007FFD9B970000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9B970000
|
Size: |
65536
|
|
4D70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2047391379.0000000004D70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4D70000
|
Size: |
65536
|
|
86A0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2064380041.00000000086A0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
86A0000
|
Size: |
12288
|
|
73B0000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2058075347.00000000073B0000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
73B0000
|
Size: |
12288
|
|
8336000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008336000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8336000
|
Size: |
20480
|
|
6459000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2068379674.0000000006459000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6459000
|
Size: |
20480
|
|
8081000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008081000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8081000
|
Size: |
20480
|
|
28AFE11A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2098115219.0000028AFE11A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFE11A000
|
Size: |
4096
|
|
1EE77480000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1745307995.000001EE77480000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
1EE77480000
|
Size: |
4096
|
|
36A0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948187102.00000000036A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
36A0000
|
Size: |
4096
|
|
8A4B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008A4B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A4B000
|
Size: |
20480
|
|
28AFEE00000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951230208.0000028AFEE00000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFEE00000
|
Size: |
49152
|
|
98734FD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2948213878.00000098734FD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
98734FD000
|
Size: |
12288
|
|
28AFD879000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2949066007.0000028AFD879000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFD879000
|
Size: |
4096
|
|
8149000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008149000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8149000
|
Size: |
40960
|
|
899B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.000000000899B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
899B000
|
Size: |
20480
|
|
2A9E000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2047772670.0000000002A9E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2A9E000
|
Size: |
8192
|
|
63A7000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948824376.00000000063A7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63A7000
|
Size: |
20480
|
|
28AFEEFD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951936294.0000028AFEEFD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFEEFD000
|
Size: |
4096
|
|
2F3B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002F3B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F3B000
|
Size: |
57344
|
|
7FDD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000007FDD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FDD000
|
Size: |
49152
|
|
2EBC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002EBC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2EBC000
|
Size: |
4096
|
|
ECF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2248492011.0000000000ECF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
ECF000
|
Size: |
28672
|
|
33D0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2275891446.00000000033D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
33D0000
|
Size: |
4096
|
|
F13000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000006.00000002.2159722828.0000000000F13000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
F13000
|
Size: |
4096
|
|
52A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2162128332.00000000052A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
52A0000
|
Size: |
65536
|
|
59F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2043201294.00000000059F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59F0000
|
Size: |
12288
|
|
F20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2248861746.0000000000F20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
F20000
|
Size: |
4096
|
|
3180000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2043401853.0000000003180000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3180000
|
Size: |
8192
|
|
3C51000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2161307446.0000000003C51000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3C51000
|
Size: |
20480
|
|
809E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000809E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
809E000
|
Size: |
20480
|
|
783E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2059650060.000000000783E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
783E000
|
Size: |
8192
|
|
2CA5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160888258.0000000002CA5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2CA5000
|
Size: |
40960
|
|
987317E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2947909351.000000987317E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
987317E000
|
Size: |
8192
|
|
2B0E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2249790943.0000000002B0E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2B0E000
|
Size: |
8192
|
|
2E3F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002E3F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2E3F000
|
Size: |
4096
|
|
3100000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000003.2274813810.0000000003100000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3100000
|
Size: |
4096
|
|
9872EFE000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000009.00000002.2947779170.0000009872EFE000.00000002.00000001.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
9872EFE000
|
Size: |
4096
|
|
28AFE890000
|
trusted library section
|
page readonly
|
|
|
|
Name: |
00000009.00000002.2950636825.0000028AFE890000.00000002.08000000.00040000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page readonly
|
Base address: |
28AFE890000
|
Size: |
65536
|
|
635C000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2056869017.000000000635C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
635C000
|
Size: |
4096
|
|
1021000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160042918.0000000001021000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1021000
|
Size: |
4096
|
|
100B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160042918.000000000100B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
100B000
|
Size: |
4096
|
|
2E3D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002E3D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2E3D000
|
Size: |
4096
|
|
F0D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.2248745579.0000000000F0D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
F0D000
|
Size: |
4096
|
|
729E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2057753994.000000000729E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
729E000
|
Size: |
8192
|
|
5320000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2032028997.0000000005320000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5320000
|
Size: |
24576
|
|
D3E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2246634147.0000000000D3E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
D3E000
|
Size: |
8192
|
|
821C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000821C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
821C000
|
Size: |
20480
|
|
7B3F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2062417725.0000000007B3F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7B3F000
|
Size: |
16384
|
|
51EC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2048538649.00000000051EC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
51EC000
|
Size: |
143360
|
|
2FB4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002FB4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2FB4000
|
Size: |
4096
|
|
7F850000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.2269651104.000000007F850000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7F850000
|
Size: |
4096
|
|
28AFF000000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040570757.0000028AFF000000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF000000
|
Size: |
28672
|
|
F10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2248768384.0000000000F10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
F10000
|
Size: |
8192
|
|
3304000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948065403.0000000003304000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
3304000
|
Size: |
49152
|
|
58CF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2266385868.00000000058CF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
58CF000
|
Size: |
4096
|
|
10DF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2249443383.00000000010DF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
10DF000
|
Size: |
4096
|
|
28AFE113000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2950159732.0000028AFE113000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFE113000
|
Size: |
28672
|
|
643D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2067340503.000000000643D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
643D000
|
Size: |
110592
|
|
3120000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000003120000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3120000
|
Size: |
53248
|
|
640F000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2063516550.000000000640F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
640F000
|
Size: |
61440
|
|
2F9B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002F9B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F9B000
|
Size: |
4096
|
|
4B0B000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948283291.0000000004B0B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4B0B000
|
Size: |
40960
|
|
8108000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008108000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8108000
|
Size: |
20480
|
|
56CE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2266287361.00000000056CE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
56CE000
|
Size: |
8192
|
|
72DE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2057842092.00000000072DE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
72DE000
|
Size: |
8192
|
|
2F50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002F50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F50000
|
Size: |
4096
|
|
5330000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2035366919.0000000005330000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5330000
|
Size: |
20480
|
|
81B2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000081B2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
81B2000
|
Size: |
20480
|
|
C720000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.2269566442.000000000C720000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
C720000
|
Size: |
28672
|
|
82DE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000082DE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
82DE000
|
Size: |
20480
|
|
7A40000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2055932451.0000000007A40000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7A40000
|
Size: |
65536
|
|
7CC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2064317577.0000000007CC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7CC0000
|
Size: |
24576
|
|
766C000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2950667480.000000000766C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
766C000
|
Size: |
16384
|
|
647D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2064495158.000000000647D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
647D000
|
Size: |
73728
|
|
2B70000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000006.00000002.2160794496.0000000002B70000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
2B70000
|
Size: |
4096
|
|
6421000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2067340503.0000000006421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6421000
|
Size: |
8192
|
|
8A63000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008A63000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A63000
|
Size: |
65536
|
|
1EE772CA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1744127452.000001EE772CA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE772CA000
|
Size: |
20480
|
|
55FE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2162197697.00000000055FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55FE000
|
Size: |
8192
|
|
5A10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2042344021.0000000005A10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5A10000
|
Size: |
12288
|
|
891A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.000000000891A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
891A000
|
Size: |
40960
|
|
6E41000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2949900767.0000000006E41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6E41000
|
Size: |
28672
|
|
454D000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2048402802.000000000454D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
454D000
|
Size: |
12288
|
|
89D6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000089D6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
89D6000
|
Size: |
40960
|
|
88CD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000088CD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
88CD000
|
Size: |
20480
|
|
6E4B000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2067131872.0000000006E4B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6E4B000
|
Size: |
253952
|
|
6425000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2070457843.0000000006425000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6425000
|
Size: |
8192
|
|
EBA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2248258838.0000000000EBA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
EBA000
|
Size: |
8192
|
|
89E7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000089E7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
89E7000
|
Size: |
20480
|
|
87E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2159184343.00000000087E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
87E0000
|
Size: |
8192
|
|
8046000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008046000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8046000
|
Size: |
20480
|
|
2FB2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002FB2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2FB2000
|
Size: |
4096
|
|
F22000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2248887952.0000000000F22000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
F22000
|
Size: |
4096
|
|
6E51000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2061424879.0000000006E51000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6E51000
|
Size: |
147456
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
818F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000818F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
818F000
|
Size: |
20480
|
|
890E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.000000000890E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
890E000
|
Size: |
20480
|
|
4550000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000F.00000002.2274147525.0000000004550000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
15
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4550000
|
Size: |
20480
|
|
63EC000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2059119906.00000000063EC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63EC000
|
Size: |
139264
|
|
1054000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2058148647.0000000001054000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1054000
|
Size: |
45056
|
|
8A3F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008A3F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A3F000
|
Size: |
20480
|
|
E25000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2247089519.0000000000E25000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
E25000
|
Size: |
4096
|
|
1EE605B7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715523883.000001EE605B7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE605B7000
|
Size: |
802816
|
|
74FD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2058727663.00000000074FD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
74FD000
|
Size: |
12288
|
|
89ED000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000089ED000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
89ED000
|
Size: |
20480
|
|
7FFD9B955000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1747275149.00007FFD9B955000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9B955000
|
Size: |
20480
|
|
28AFE870000
|
trusted library section
|
page readonly
|
|
|
|
Name: |
00000009.00000002.2950502424.0000028AFE870000.00000002.08000000.00040000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page readonly
|
Base address: |
28AFE870000
|
Size: |
65536
|
|
640F000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2062759821.000000000640F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
640F000
|
Size: |
61440
|
|
6EB0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2068083265.0000000006EB0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6EB0000
|
Size: |
61440
|
|
F32000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2248979923.0000000000F32000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
F32000
|
Size: |
4096
|
|
8189000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008189000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8189000
|
Size: |
20480
|
|
73AD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2057993729.00000000073AD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
73AD000
|
Size: |
12288
|
|
7A50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056062725.0000000007A50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7A50000
|
Size: |
8192
|
|
643D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2063516550.000000000643D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
643D000
|
Size: |
110592
|
|
81B8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000081B8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
81B8000
|
Size: |
20480
|
|
509E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2265541369.000000000509E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
509E000
|
Size: |
8192
|
|
892B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.000000000892B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
892B000
|
Size: |
20480
|
|
8313000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008313000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8313000
|
Size: |
20480
|
|
6F1A000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2068478671.0000000006F1A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6F1A000
|
Size: |
57344
|
|
28AFF070000
|
remote allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2046492582.0000028AFF070000.00000004.00000400.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
remote allocation
|
Protect: |
page read and write
|
Base address: |
28AFF070000
|
Size: |
4096
|
|
2D9F000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000F.00000002.2274068221.0000000002D9F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
15
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2D9F000
|
Size: |
4096
|
|
81F3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000081F3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
81F3000
|
Size: |
20480
|
|
987327E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2948011597.000000987327E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
987327E000
|
Size: |
8192
|
|
EB1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2248258838.0000000000EB1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
EB1000
|
Size: |
32768
|
|
519C000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2161592125.000000000519C000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
519C000
|
Size: |
16384
|
|
8011000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008011000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8011000
|
Size: |
20480
|
|
5280000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2161994522.0000000005280000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5280000
|
Size: |
32768
|
|
9872FFE000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000009.00000002.2947858053.0000009872FFE000.00000002.00000001.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
9872FFE000
|
Size: |
4096
|
|
641C000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2057428968.000000000641C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
641C000
|
Size: |
12288
|
|
8937000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008937000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8937000
|
Size: |
20480
|
|
2E5A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002E5A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2E5A000
|
Size: |
4096
|
|
80D9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000080D9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
80D9000
|
Size: |
20480
|
|
5EF1000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2051897661.0000000005EF1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5EF1000
|
Size: |
180224
|
|
98736FE000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000009.00000002.2948341180.00000098736FE000.00000002.00000001.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
98736FE000
|
Size: |
4096
|
|
88C7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000088C7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
88C7000
|
Size: |
20480
|
|
7AC6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056603517.0000000007AC6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7AC6000
|
Size: |
4096
|
|
8263000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008263000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8263000
|
Size: |
65536
|
|
3130000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2043303592.0000000003130000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3130000
|
Size: |
4096
|
|
7C20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2063012347.0000000007C20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C20000
|
Size: |
65536
|
|
28AFEEC2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951467795.0000028AFEEC2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFEEC2000
|
Size: |
4096
|
|
E1B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2247089519.0000000000E1B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
E1B000
|
Size: |
20480
|
|
7FFD9B980000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1747522338.00007FFD9B980000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9B980000
|
Size: |
65536
|
|
8183000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008183000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8183000
|
Size: |
20480
|
|
2CFE000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2048298235.0000000002CFE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2CFE000
|
Size: |
8192
|
|
2C8B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160888258.0000000002C8B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C8B000
|
Size: |
8192
|
|
81A7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000081A7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
81A7000
|
Size: |
40960
|
|
2F4E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002F4E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F4E000
|
Size: |
4096
|
|
3485000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948117869.0000000003485000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
3485000
|
Size: |
45056
|
|
28AFD913000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2949717665.0000028AFD913000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFD913000
|
Size: |
24576
|
|
89A7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000089A7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
89A7000
|
Size: |
40960
|
|
6293000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2067340503.0000000006293000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6293000
|
Size: |
4096
|
|
9872E7E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2947730510.0000009872E7E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
9872E7E000
|
Size: |
8192
|
|
EDF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2248492011.0000000000EDF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
EDF000
|
Size: |
65536
|
|
7C40000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2063258906.0000000007C40000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C40000
|
Size: |
65536
|
|
5330000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2033088001.0000000005330000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5330000
|
Size: |
36864
|
|
81C4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000081C4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
81C4000
|
Size: |
20480
|
|
504C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2265476788.000000000504C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
504C000
|
Size: |
16384
|
|
77BE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2059512788.00000000077BE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
77BE000
|
Size: |
8192
|
|
98726FE000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000009.00000002.2947306915.00000098726FE000.00000002.00000001.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
98726FE000
|
Size: |
4096
|
|
9872F7E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2947813216.0000009872F7E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
9872F7E000
|
Size: |
8192
|
|
63A9000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2061630462.00000000063A9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63A9000
|
Size: |
12288
|
|
80D3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000080D3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
80D3000
|
Size: |
20480
|
|
6316000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2267566176.0000000006316000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6316000
|
Size: |
4096
|
|
1EE5D237000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714928058.000001EE5D237000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE5D237000
|
Size: |
12288
|
|
F2D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000006.00000002.2159846390.0000000000F2D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
F2D000
|
Size: |
4096
|
|
62A0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2067340503.00000000062A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
62A0000
|
Size: |
69632
|
|
2BC8000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2047985071.0000000002BC8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2BC8000
|
Size: |
147456
|
|
3BF6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2265112792.0000000003BF6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3BF6000
|
Size: |
16384
|
|
7C90000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2063897184.0000000007C90000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C90000
|
Size: |
65536
|
|
837D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000837D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
837D000
|
Size: |
20480
|
|
2C90000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160888258.0000000002C90000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C90000
|
Size: |
32768
|
|
30FC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.00000000030FC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
30FC000
|
Size: |
4096
|
|
7FFD9B921000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1747003294.00007FFD9B921000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9B921000
|
Size: |
32768
|
|
8D03000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2064047901.0000000008D03000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8D03000
|
Size: |
8192
|
|
14C2000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2049634274.00000000014C2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
14C2000
|
Size: |
32768
|
|
647D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2064079495.000000000647D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
647D000
|
Size: |
73728
|
|
645F000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2063516550.000000000645F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
645F000
|
Size: |
4096
|
|
6020000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948722089.0000000006020000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6020000
|
Size: |
28672
|
|
2A70000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000F.00000002.2273657791.0000000002A70000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
15
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2A70000
|
Size: |
4096
|
|
28AFE100000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2950013382.0000028AFE100000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFE100000
|
Size: |
4096
|
|
98731FE000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000009.00000002.2947963598.00000098731FE000.00000002.00000001.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
98731FE000
|
Size: |
4096
|
|
838E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000838E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
838E000
|
Size: |
20480
|
|
8B0D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008B0D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8B0D000
|
Size: |
4096
|
|
8AD8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008AD8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8AD8000
|
Size: |
20480
|
|
6190000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2267207596.0000000006190000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6190000
|
Size: |
65536
|
|
2B70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2249887601.0000000002B70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B70000
|
Size: |
65536
|
|
C7E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2159427435.0000000000C7E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
C7E000
|
Size: |
8192
|
|
98721F7000
|
stack
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2947036466.00000098721F7000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
98721F7000
|
Size: |
36864
|
|
30D8000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2275592916.00000000030D8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
30D8000
|
Size: |
61440
|
|
7FFD9B772000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1746101608.00007FFD9B772000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9B772000
|
Size: |
4096
|
|
3104000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000003104000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3104000
|
Size: |
4096
|
|
59E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2043307101.00000000059E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59E0000
|
Size: |
65536
|
|
1EE5D231000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714928058.000001EE5D231000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE5D231000
|
Size: |
12288
|
|
2A5E000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2047725184.0000000002A5E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2A5E000
|
Size: |
8192
|
|
80EC000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2950815789.00000000080EC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
80EC000
|
Size: |
16384
|
|
6E4B000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2949900767.0000000006E4B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6E4B000
|
Size: |
389120
|
|
311D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.000000000311D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
311D000
|
Size: |
4096
|
|
1EE77377000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1745179698.000001EE77377000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
1EE77377000
|
Size: |
4096
|
|
30FE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000003.2274569050.00000000030FE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
30FE000
|
Size: |
12288
|
|
2E43000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002E43000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2E43000
|
Size: |
4096
|
|
89A1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000089A1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
89A1000
|
Size: |
20480
|
|
F13000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2248768384.0000000000F13000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
F13000
|
Size: |
40960
|
|
62B3000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948824376.00000000062B3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
62B3000
|
Size: |
4096
|
|
8029000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008029000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8029000
|
Size: |
65536
|
|
8A80000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008A80000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A80000
|
Size: |
20480
|
|
C20000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2246606070.0000000000C20000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
C20000
|
Size: |
4096
|
|
7FFD9B92A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1747003294.00007FFD9B92A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9B92A000
|
Size: |
24576
|
|
911F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056557474.000000000911F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
911F000
|
Size: |
45056
|
|
2B5D000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2275284577.0000000002B5D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2B5D000
|
Size: |
12288
|
|
5211000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2048538649.0000000005211000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5211000
|
Size: |
57344
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
28AFF0F1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040570757.0000028AFF0F1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF0F1000
|
Size: |
4096
|
|
63A7000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2070457843.00000000063A7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63A7000
|
Size: |
20480
|
|
4D8D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2161417399.0000000004D8D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4D8D000
|
Size: |
12288
|
|
643D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2059452039.000000000643D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
643D000
|
Size: |
53248
|
|
5310000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2031137301.0000000005310000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5310000
|
Size: |
12288
|
|
28AFEDA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951163269.0000028AFEDA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFEDA0000
|
Size: |
4096
|
|
1EE5F0D7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715523883.000001EE5F0D7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE5F0D7000
|
Size: |
1679360
|
|
2BF0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2275419246.0000000002BF0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2BF0000
|
Size: |
8192
|
|
5254000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2161840585.0000000005254000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5254000
|
Size: |
8192
|
|
806B000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2950775756.000000000806B000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
806B000
|
Size: |
20480
|
|
5330000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2032920013.0000000005330000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5330000
|
Size: |
20480
|
|
5220000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2161669538.0000000005220000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5220000
|
Size: |
20480
|
|
2C20000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160823364.0000000002C20000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2C20000
|
Size: |
4096
|
|
28AFE102000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2950013382.0000028AFE102000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFE102000
|
Size: |
32768
|
|
8823000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008823000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8823000
|
Size: |
20480
|
|
8166000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008166000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8166000
|
Size: |
20480
|
|
2BE0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2275392672.0000000002BE0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2BE0000
|
Size: |
4096
|
|
50E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2057473964.00000000050E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
50E0000
|
Size: |
53248
|
|
874C937000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714677874.000000874C937000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
874C937000
|
Size: |
36864
|
|
6304000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2267566176.0000000006304000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6304000
|
Size: |
8192
|
|
7FFD9B890000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1746658869.00007FFD9B890000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFD9B890000
|
Size: |
94208
|
|
89B8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000089B8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
89B8000
|
Size: |
20480
|
|
8829000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008829000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8829000
|
Size: |
65536
|
|
2C2D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002C2D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C2D000
|
Size: |
4096
|
|
831F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000831F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
831F000
|
Size: |
20480
|
|
62F4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2267566176.00000000062F4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
62F4000
|
Size: |
4096
|
|
62B3000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2067340503.00000000062B3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
62B3000
|
Size: |
4096
|
|
82BB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000082BB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
82BB000
|
Size: |
20480
|
|
83A6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000083A6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
83A6000
|
Size: |
20480
|
|
1EE77050000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1742439798.000001EE77050000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE77050000
|
Size: |
4096
|
|
30E3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.00000000030E3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
30E3000
|
Size: |
4096
|
|
8137000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008137000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8137000
|
Size: |
20480
|
|
62B8000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2070457843.00000000062B8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
62B8000
|
Size: |
192512
|
|
2F89000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002F89000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F89000
|
Size: |
61440
|
|
2E5C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002E5C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2E5C000
|
Size: |
20480
|
|
59F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2043243918.00000000059F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59F0000
|
Size: |
12288
|
|
5F33000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2053092061.0000000005F33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5F33000
|
Size: |
16384
|
|
28AFED14000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2043139074.0000028AFED14000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFED14000
|
Size: |
4096
|
|
822E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000822E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
822E000
|
Size: |
20480
|
|
57CE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2266330771.00000000057CE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
57CE000
|
Size: |
8192
|
|
642B000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2067340503.000000000642B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
642B000
|
Size: |
69632
|
|
1EE5FEE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715523883.000001EE5FEE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE5FEE0000
|
Size: |
278528
|
|
1EE771D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1744127452.000001EE771D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE771D0000
|
Size: |
217088
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
529A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2048538649.000000000529A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
529A000
|
Size: |
8192
|
|
6E8A000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2067131872.0000000006E8A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6E8A000
|
Size: |
151552
|
|
518E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2265600720.000000000518E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
518E000
|
Size: |
8192
|
|
5BBD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2266503698.0000000005BBD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5BBD000
|
Size: |
12288
|
|
6437000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2058184078.0000000006437000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6437000
|
Size: |
20480
|
|
1EE5D276000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714928058.000001EE5D276000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE5D276000
|
Size: |
8192
|
|
148E000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2947256948.000000000148E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
148E000
|
Size: |
24576
|
|
C70D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2269520855.000000000C70D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
C70D000
|
Size: |
12288
|
|
63EC000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2058184078.00000000063EC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63EC000
|
Size: |
139264
|
|
FA6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160042918.0000000000FA6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FA6000
|
Size: |
4096
|
|
6E32000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2067131872.0000000006E32000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6E32000
|
Size: |
32768
|
|
28AFD87B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2949066007.0000028AFD87B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFD87B000
|
Size: |
4096
|
|
88A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000088A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
88A4000
|
Size: |
20480
|
|
62B8000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948824376.00000000062B8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
62B8000
|
Size: |
192512
|
|
7AC0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2060284870.0000000007AC0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7AC0000
|
Size: |
32768
|
|
E0E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2247089519.0000000000E0E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
E0E000
|
Size: |
49152
|
|
8069000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008069000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8069000
|
Size: |
20480
|
|
5DFC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2266771203.0000000005DFC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5DFC000
|
Size: |
16384
|
|
9056000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2064047901.0000000009056000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
9056000
|
Size: |
4096
|
|
89FF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000089FF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
89FF000
|
Size: |
20480
|
|
743E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2058383299.000000000743E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
743E000
|
Size: |
8192
|
|
11B0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000006.00000002.2160660447.00000000011B0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
11B0000
|
Size: |
65536
|
|
5330000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2035328712.0000000005330000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5330000
|
Size: |
28672
|
|
3490000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2045672886.0000000003490000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3490000
|
Size: |
8192
|
|
2FA1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002FA1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2FA1000
|
Size: |
4096
|
|
9133000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056557474.0000000009133000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
9133000
|
Size: |
3330048
|
|
4E90000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2048461006.0000000004E90000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4E90000
|
Size: |
16384
|
|
7C60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2063507799.0000000007C60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C60000
|
Size: |
65536
|
|
14B7000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2947256948.00000000014B7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
14B7000
|
Size: |
98304
|
|
81FF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000081FF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
81FF000
|
Size: |
20480
|
|
8371000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008371000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8371000
|
Size: |
20480
|
|
F14000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2159753371.0000000000F14000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
F14000
|
Size: |
4096
|
|
823F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000823F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
823F000
|
Size: |
20480
|
|
787E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2059727204.000000000787E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
787E000
|
Size: |
8192
|
|
F10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2159695479.0000000000F10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
F10000
|
Size: |
4096
|
|
588E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2162441692.000000000588E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
588E000
|
Size: |
8192
|
|
5360000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2265880998.0000000005360000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5360000
|
Size: |
8192
|
|
2F9D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002F9D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F9D000
|
Size: |
4096
|
|
59E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2043460318.00000000059E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59E0000
|
Size: |
16384
|
|
2C4B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002C4B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C4B000
|
Size: |
12288
|
|
5E41000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2049300619.0000000005E41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5E41000
|
Size: |
118784
|
|
3BD7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2265112792.0000000003BD7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3BD7000
|
Size: |
4096
|
|
5A7E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2266426180.0000000005A7E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5A7E000
|
Size: |
8192
|
|
310F000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000003.2274511567.000000000310F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
310F000
|
Size: |
8192
|
|
647D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2070457843.000000000647D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
647D000
|
Size: |
73728
|
|
86B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2064463457.00000000086B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
86B0000
|
Size: |
4096
|
|
8AAF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008AAF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8AAF000
|
Size: |
20480
|
|
CD0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2159511986.0000000000CD0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
CD0000
|
Size: |
16384
|
|
3500000
|
heap
|
page readonly
|
|
|
|
Name: |
00000007.00000002.2046841277.0000000003500000.00000002.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page readonly
|
Base address: |
3500000
|
Size: |
4096
|
|
63EC000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2057428968.00000000063EC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63EC000
|
Size: |
139264
|
|
811A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000811A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
811A000
|
Size: |
40960
|
|
66CC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2268513140.00000000066CC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
66CC000
|
Size: |
8192
|
|
312E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.000000000312E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
312E000
|
Size: |
4096
|
|
7FFD9BA20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1748625388.00007FFD9BA20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9BA20000
|
Size: |
65536
|
|
30EB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.00000000030EB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
30EB000
|
Size: |
4096
|
|
80B6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000080B6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
80B6000
|
Size: |
20480
|
|
6458000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2056817692.0000000006458000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6458000
|
Size: |
16384
|
|
836B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000836B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
836B000
|
Size: |
20480
|
|
776B000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2059427174.000000000776B000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
776B000
|
Size: |
20480
|
|
F70000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2249171386.0000000000F70000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F70000
|
Size: |
4096
|
|
28AFED00000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2043037208.0000028AFED00000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFED00000
|
Size: |
8192
|
|
87E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2163311510.00000000087E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
87E0000
|
Size: |
8192
|
|
34D2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2046278103.00000000034D2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34D2000
|
Size: |
12288
|
|
7FFD9BA70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1749113346.00007FFD9BA70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9BA70000
|
Size: |
65536
|
|
28AFF06C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040570757.0000028AFF06C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF06C000
|
Size: |
4096
|
|
8811000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008811000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8811000
|
Size: |
20480
|
|
7FFD9B78B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1746281213.00007FFD9B78B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9B78B000
|
Size: |
4096
|
|
28AFF018000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040570757.0000028AFF018000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF018000
|
Size: |
212992
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2C89000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160888258.0000000002C89000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C89000
|
Size: |
4096
|
|
8205000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008205000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8205000
|
Size: |
40960
|
|
8887000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008887000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8887000
|
Size: |
20480
|
|
2E79000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002E79000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2E79000
|
Size: |
4096
|
|
8102000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008102000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8102000
|
Size: |
20480
|
|
F47000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000006.00000002.2159963893.0000000000F47000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
F47000
|
Size: |
4096
|
|
28AFE8B0000
|
trusted library section
|
page readonly
|
|
|
|
Name: |
00000009.00000002.2950751250.0000028AFE8B0000.00000002.08000000.00040000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page readonly
|
Base address: |
28AFE8B0000
|
Size: |
65536
|
|
62E9000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2061630462.00000000062E9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
62E9000
|
Size: |
249856
|
|
28AFEEFA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951722734.0000028AFEEFA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28AFEEFA000
|
Size: |
8192
|
|
7B3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2062267218.0000000007B3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7B3B000
|
Size: |
8192
|
|
1EE774B2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1745333828.000001EE774B2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE774B2000
|
Size: |
36864
|
|
53B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2266003546.00000000053B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
53B0000
|
Size: |
61440
|
|
6425000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2067340503.0000000006425000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6425000
|
Size: |
8192
|
|
28AFEDB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2951195903.0000028AFEDB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFEDB0000
|
Size: |
4096
|
|
530D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2265788454.000000000530D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
530D000
|
Size: |
12288
|
|
28AFECE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040508523.0000028AFECE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFECE0000
|
Size: |
8192
|
|
1041000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2160042918.0000000001041000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1041000
|
Size: |
40960
|
|
643D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2062759821.000000000643D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
643D000
|
Size: |
110592
|
|
88D1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2058275193.00000000088D1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
88D1000
|
Size: |
20480
|
|
5E52000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2051897661.0000000005E52000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5E52000
|
Size: |
118784
|
|
13AC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2249521831.00000000013AC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
13AC000
|
Size: |
16384
|
|
28AFF070000
|
remote allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2046527591.0000028AFF070000.00000004.00000400.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
remote allocation
|
Protect: |
page read and write
|
Base address: |
28AFF070000
|
Size: |
4096
|
|
7FFD9BAA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1749345165.00007FFD9BAA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9BAA0000
|
Size: |
65536
|
|
8AA9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008AA9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8AA9000
|
Size: |
20480
|
|
8075000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008075000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8075000
|
Size: |
20480
|
|
800B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000800B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
800B000
|
Size: |
20480
|
|
63A6000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2058184078.00000000063A6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63A6000
|
Size: |
24576
|
|
1EE77080000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1742439798.000001EE77080000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE77080000
|
Size: |
20480
|
|
808D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.000000000808D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
808D000
|
Size: |
40960
|
|
887B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.000000000887B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
887B000
|
Size: |
20480
|
|
28AFF04D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2040570757.0000028AFF04D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFF04D000
|
Size: |
32768
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
EC9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2248258838.0000000000EC9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
EC9000
|
Size: |
20480
|
|
88AA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.00000000088AA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
88AA000
|
Size: |
20480
|
|
2BFE000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000F.00000002.2273848513.0000000002BFE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
15
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2BFE000
|
Size: |
8192
|
|
3134000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000003134000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3134000
|
Size: |
4096
|
|
643E000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2064495158.000000000643E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
643E000
|
Size: |
106496
|
|
2F6F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002F6F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F6F000
|
Size: |
4096
|
|
59E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2042644795.00000000059E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59E0000
|
Size: |
12288
|
|
34B9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2046053112.00000000034B9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34B9000
|
Size: |
16384
|
|
30E6000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000003.2274867151.00000000030E6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
30E6000
|
Size: |
4096
|
|
642C000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2061630462.000000000642C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
642C000
|
Size: |
65536
|
|
643D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2059119906.000000000643D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
643D000
|
Size: |
53248
|
|
640F000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2056869017.000000000640F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
640F000
|
Size: |
36864
|
|
874C7F9000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714614616.000000874C7F9000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
874C7F9000
|
Size: |
28672
|
|
6290000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2948824376.0000000006290000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6290000
|
Size: |
135168
|
|
8017000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008017000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8017000
|
Size: |
20480
|
|
73D9000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2950613366.00000000073D9000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
73D9000
|
Size: |
28672
|
|
EAA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2248202206.0000000000EAA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
EAA000
|
Size: |
24576
|
|
61EC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2267461339.00000000061EC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
61EC000
|
Size: |
16384
|
|
1EE5D22D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1714928058.000001EE5D22D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1EE5D22D000
|
Size: |
4096
|
|
7B0D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2061750007.0000000007B0D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7B0D000
|
Size: |
8192
|
|
6437000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2057428968.0000000006437000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6437000
|
Size: |
20480
|
|
3228000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2043642191.0000000003228000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3228000
|
Size: |
139264
|
|
79EE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2059913121.00000000079EE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
79EE000
|
Size: |
8192
|
|
80EB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.00000000080EB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
80EB000
|
Size: |
40960
|
|
2E8C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002E8C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2E8C000
|
Size: |
4096
|
|
635C000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2054557516.000000000635C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
635C000
|
Size: |
4096
|
|
1EE60336000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715523883.000001EE60336000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE60336000
|
Size: |
2613248
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
88F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2057894829.00000000088F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
88F0000
|
Size: |
69632
|
|
63EC000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2059452039.00000000063EC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
63EC000
|
Size: |
139264
|
|
28AFEC50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2950996406.0000028AFEC50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFEC50000
|
Size: |
4096
|
|
28AFECE1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000009.00000003.2108457108.0000028AFECE1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28AFECE1000
|
Size: |
4096
|
|
7FFD9B95B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1747275149.00007FFD9B95B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFD9B95B000
|
Size: |
20480
|
|
8087000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2056715046.0000000008087000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8087000
|
Size: |
20480
|
|
3257000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2043642191.0000000003257000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3257000
|
Size: |
172032
|
|
8914000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008914000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8914000
|
Size: |
20480
|
|
641C000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2058759143.000000000641C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
641C000
|
Size: |
12288
|
|
9872D7E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000009.00000002.2947628350.0000009872D7E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
9
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
9872D7E000
|
Size: |
8192
|
|
1455000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2047544771.0000000001455000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1455000
|
Size: |
49152
|
|
6F10000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2949900767.0000000006F10000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6F10000
|
Size: |
106496
|
|
1EE6030C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1715523883.000001EE6030C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1EE6030C000
|
Size: |
4096
|
|
643D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2061630462.000000000643D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
643D000
|
Size: |
110592
|
|
74EE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2162754580.00000000074EE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
74EE000
|
Size: |
8192
|
|
7AC0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000006.00000002.2163171051.0000000007AC0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7AC0000
|
Size: |
8192
|
|
5E70000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2051897661.0000000005E70000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5E70000
|
Size: |
8192
|
|
8AE4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000006.00000003.2044461291.0000000008AE4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
6
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8AE4000
|
Size: |
20480
|
|
2D4F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.2250081540.0000000002D4F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2D4F000
|
Size: |
8192
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
|