400000
|
remote allocation
|
page execute and read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000004.00000002.2388266536.0000000000400000.00000040.00000400.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
remote allocation
|
Protect: |
page execute and read and write
|
Base address: |
400000
|
Size: |
126976
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found malware configuration |
AV Detection |
|
Malicious sample detected (through community Yara rule) |
System Summary |
|
Yara detected Vidar stealer |
Stealing of Sensitive Information, Remote Access Functionality |
|
Yara signature match |
System Summary |
|
URLs found in memory or binary data |
Networking |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
6A30000
|
trusted library section
|
page read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000000.00000002.2022449034.0000000006A30000.00000004.08000000.00040000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page read and write
|
Base address: |
6A30000
|
Size: |
389120
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected Costura Assembly Loader |
Data Obfuscation |
|
|
32B1000
|
trusted library allocation
|
page read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000000.00000002.1991482086.00000000032B1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
32B1000
|
Size: |
1372160
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) |
Malware Analysis System Evasion |
Security Software Discovery
|
Yara detected Costura Assembly Loader |
Data Obfuscation |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
URLs found in memory or binary data |
Networking |
|
|
43EB000
|
trusted library allocation
|
page read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000000.00000002.2011205715.00000000043EB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
43EB000
|
Size: |
544768
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected Vidar stealer |
Stealing of Sensitive Information, Remote Access Functionality |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
URLs found in memory or binary data |
Networking |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
46BA000
|
trusted library allocation
|
page read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000000.00000003.1977249191.00000000046BA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
46BA000
|
Size: |
7602176
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found many strings related to Crypto-Wallets (likely being stolen) |
Stealing of Sensitive Information |
|
Yara detected Costura Assembly Loader |
Data Obfuscation |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
|
4E1A000
|
trusted library allocation
|
page read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000000.00000003.1977249191.0000000004E1A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4E1A000
|
Size: |
393216
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected Costura Assembly Loader |
Data Obfuscation |
|
|
29520E35000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096346400.0000029520E35000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520E35000
|
Size: |
24576
|
|
3805000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003805000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3805000
|
Size: |
4096
|
|
108F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2391624975.000000000108F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
108F000
|
Size: |
4096
|
|
69E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1952991601.00000000069E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69E0000
|
Size: |
65536
|
|
3988000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003988000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3988000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1963907990.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
36864
|
|
3884000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003884000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3884000
|
Size: |
4096
|
|
3560000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392294221.0000000003560000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3560000
|
Size: |
4096
|
|
34B7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000034B7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34B7000
|
Size: |
4096
|
|
2952090C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104809816.000002952090C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2952090C000
|
Size: |
20480
|
|
3615000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003615000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3615000
|
Size: |
4096
|
|
6E1801520000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2133806476.00006E1801520000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801520000
|
Size: |
208896
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6A90000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1971507266.0000000006A90000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A90000
|
Size: |
65536
|
|
6E1801314000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2121051229.00006E1801314000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801314000
|
Size: |
32768
|
|
69E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1960374324.00000000069E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69E0000
|
Size: |
65536
|
|
33C00684000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090975300.0000033C00684000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00684000
|
Size: |
159744
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
67E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1956013317.00000000067E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67E0000
|
Size: |
12288
|
|
3A01000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1983778072.0000000003A01000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3A01000
|
Size: |
49152
|
|
69E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1969954441.00000000069E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69E0000
|
Size: |
65536
|
|
3584000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003584000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3584000
|
Size: |
4096
|
|
4BBC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2399125840.0000000004BBC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4BBC000
|
Size: |
4096
|
|
295208E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100288751.00000295208E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E7000
|
Size: |
16384
|
|
6930000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943269021.0000000006930000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6930000
|
Size: |
65536
|
|
295208F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100475253.00000295208F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F3000
|
Size: |
8192
|
|
6E1802D18000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2154857446.00006E1802D18000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1802D18000
|
Size: |
12288
|
|
68FC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943402721.00000000068FC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
68FC000
|
Size: |
16384
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1962484921.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
3A10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1983778072.0000000003A10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3A10000
|
Size: |
4096
|
|
6867000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943651854.0000000006867000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6867000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1960948750.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
20480
|
|
6E1801964000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2132252725.00006E1801964000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801964000
|
Size: |
49152
|
|
2D7E000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2482337960.0000000002D7E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2D7E000
|
Size: |
8192
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961400586.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
20480
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1959312024.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
49152
|
|
29520E26000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096346400.0000029520E26000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520E26000
|
Size: |
4096
|
|
2951D494000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2095454310.000002951D494000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2951D494000
|
Size: |
45056
|
|
2952092A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104911491.000002952092A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2952092A000
|
Size: |
4096
|
|
6980000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1957682161.0000000006980000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6980000
|
Size: |
65536
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1964288896.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
4F18002D8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2087160675.00004F18002D8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F18002D8000
|
Size: |
4096
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
69E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1957308137.00000000069E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69E0000
|
Size: |
65536
|
|
300E000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2482556391.000000000300E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
300E000
|
Size: |
8192
|
|
67C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1955586630.00000000067C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67C0000
|
Size: |
65536
|
|
2C92000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000003.2482852617.0000000002C92000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2C92000
|
Size: |
4096
|
|
6C50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1951396543.0000000006C50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6C50000
|
Size: |
65536
|
|
382F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000382F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
382F000
|
Size: |
4096
|
|
6A1B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1971572642.0000000006A1B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A1B000
|
Size: |
20480
|
|
39BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39BC000
|
Size: |
12288
|
|
36BB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.00000000036BB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
36BB000
|
Size: |
12288
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1970024221.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
295208EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100951462.00000295208EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208EE000
|
Size: |
16384
|
|
295208E6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096864765.00000295208E6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E6000
|
Size: |
8192
|
|
6E1800C78000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2101602385.00006E1800C78000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800C78000
|
Size: |
12288
|
|
6E18016F4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2136234491.00006E18016F4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18016F4000
|
Size: |
61440
|
|
295208EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100558942.00000295208EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208EE000
|
Size: |
16384
|
|
4C7C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2399125840.0000000004C7C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4C7C000
|
Size: |
4096
|
|
389D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000389D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
389D000
|
Size: |
4096
|
|
6B80000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1952086599.0000000006B80000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6B80000
|
Size: |
65536
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1967782921.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
6853000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1954338584.0000000006853000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6853000
|
Size: |
53248
|
|
69C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1960455338.00000000069C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69C0000
|
Size: |
65536
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1959446600.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
65536
|
|
39F7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039F7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39F7000
|
Size: |
4096
|
|
38CA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.00000000038CA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
38CA000
|
Size: |
8192
|
|
3A0A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.0000000003A0A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3A0A000
|
Size: |
4096
|
|
352C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000352C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
352C000
|
Size: |
65536
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961492838.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
67C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1949978377.00000000067C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67C0000
|
Size: |
4096
|
|
6E1800380000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2101523198.00006E1800380000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800380000
|
Size: |
69632
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
33C00704000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091406408.0000033C00704000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00704000
|
Size: |
61440
|
|
4B67000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2399125840.0000000004B67000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4B67000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1972371189.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
45056
|
|
6BD0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1951865732.0000000006BD0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6BD0000
|
Size: |
65536
|
|
6E1800F9C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2106025528.00006E1800F9C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800F9C000
|
Size: |
45056
|
|
36C4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.00000000036C4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
36C4000
|
Size: |
4096
|
|
295208ED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2097230219.00000295208ED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208ED000
|
Size: |
16384
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943890083.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
8192
|
|
33C00750000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091630622.0000033C00750000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00750000
|
Size: |
16384
|
|
37CB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037CB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37CB000
|
Size: |
4096
|
|
6E18014D8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2133629218.00006E18014D8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18014D8000
|
Size: |
208896
|
|
F8E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2391580014.0000000000F8E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
F8E000
|
Size: |
8192
|
|
6E18016A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135749244.00006E18016A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18016A0000
|
Size: |
16384
|
|
3A1A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1983778072.0000000003A1A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3A1A000
|
Size: |
4096
|
|
376B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000376B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
376B000
|
Size: |
4096
|
|
6E1801370000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2120538128.00006E1801370000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801370000
|
Size: |
53248
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2952090A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104977624.000002952090A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2952090A000
|
Size: |
4096
|
|
347F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000347F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
347F000
|
Size: |
4096
|
|
2951D486000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2095454310.000002951D486000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2951D486000
|
Size: |
53248
|
|
33C00248000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090227563.0000033C00248000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00248000
|
Size: |
4096
|
|
34CC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000034CC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34CC000
|
Size: |
4096
|
|
67D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1954837909.00000000067D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67D0000
|
Size: |
65536
|
|
AFC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2389090492.0000000000AFC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
AFC000
|
Size: |
8192
|
|
6E1801904000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2141195279.00006E1801904000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801904000
|
Size: |
16384
|
|
67F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1958166673.00000000067F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67F0000
|
Size: |
65536
|
|
1D4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1939192050.00000000001D4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D4000
|
Size: |
4096
|
|
33C00654000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090863755.0000033C00654000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00654000
|
Size: |
143360
|
|
6E18001AC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2092525591.00006E18001AC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18001AC000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961305504.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
6816000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1958061862.0000000006816000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6816000
|
Size: |
40960
|
|
2952092A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104552286.000002952092A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2952092A000
|
Size: |
4096
|
|
6E1802CE4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2141161383.00006E1802CE4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1802CE4000
|
Size: |
4096
|
|
6E18017E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2137221087.00006E18017E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18017E0000
|
Size: |
94208
|
|
6C20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1951610877.0000000006C20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6C20000
|
Size: |
65536
|
|
6E1800F8C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2107198138.00006E1800F8C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800F8C000
|
Size: |
16384
|
|
3A14000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1983778072.0000000003A14000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3A14000
|
Size: |
4096
|
|
AFF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2389090492.0000000000AFF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
AFF000
|
Size: |
4096
|
|
33C00320000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090251144.0000033C00320000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00320000
|
Size: |
4096
|
|
6B00000
|
trusted library section
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2023367902.0000000006B00000.00000004.08000000.00040000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page read and write
|
Base address: |
6B00000
|
Size: |
323584
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
CBC000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2482260105.0000000000CBC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
CBC000
|
Size: |
16384
|
|
39C9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039C9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39C9000
|
Size: |
4096
|
|
6E18001E8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2093090237.00006E18001E8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18001E8000
|
Size: |
16384
|
|
2EA0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1990990598.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2EA0000
|
Size: |
12288
|
|
295208EC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096473459.00000295208EC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208EC000
|
Size: |
12288
|
|
6E180140C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2125564863.00006E180140C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180140C000
|
Size: |
798720
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6E1800454000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2101352074.00006E1800454000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800454000
|
Size: |
212992
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
67F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2020641513.00000000067F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67F0000
|
Size: |
57344
|
|
4930000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2482614867.0000000004930000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4930000
|
Size: |
16384
|
|
69F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1942641123.00000000069F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69F0000
|
Size: |
40960
|
|
6850000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1954338584.0000000006850000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6850000
|
Size: |
4096
|
|
4F18002C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2086581891.00004F18002C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F18002C0000
|
Size: |
4096
|
|
6E1801558000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134615174.00006E1801558000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801558000
|
Size: |
49152
|
|
39D7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039D7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39D7000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1969400178.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
12288
|
|
2CFF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000003.2482775028.0000000002CFF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2CFF000
|
Size: |
4096
|
|
6E1800F70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2139551265.00006E1800F70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800F70000
|
Size: |
4096
|
|
67F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1948342453.00000000067F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67F0000
|
Size: |
65536
|
|
33C00788000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090724396.0000033C00788000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00788000
|
Size: |
4096
|
|
6805000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1963597160.0000000006805000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6805000
|
Size: |
12288
|
|
6970000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1953380284.0000000006970000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6970000
|
Size: |
65536
|
|
67D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1950209595.00000000067D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67D0000
|
Size: |
12288
|
|
6E18012C4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2125526810.00006E18012C4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18012C4000
|
Size: |
110592
|
|
6E18014FC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2133907755.00006E18014FC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18014FC000
|
Size: |
61440
|
|
3646000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003646000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3646000
|
Size: |
4096
|
|
3522000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003522000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3522000
|
Size: |
4096
|
|
67D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1949920567.00000000067D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67D0000
|
Size: |
24576
|
|
6E18017AC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2136937302.00006E18017AC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18017AC000
|
Size: |
16384
|
|
36E9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000036E9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
36E9000
|
Size: |
118784
|
|
39FF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.00000000039FF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
39FF000
|
Size: |
4096
|
|
3475000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003475000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3475000
|
Size: |
4096
|
|
6E1800F10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2106760205.00006E1800F10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800F10000
|
Size: |
159744
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
3831000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003831000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3831000
|
Size: |
4096
|
|
67E7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1949711736.00000000067E7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67E7000
|
Size: |
36864
|
|
37AE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037AE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37AE000
|
Size: |
4096
|
|
6E1801909000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2141195279.00006E1801909000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801909000
|
Size: |
4096
|
|
50B000
|
unkown
|
page write copy
|
|
|
|
Name: |
00000000.00000000.1706714533.000000000050B000.00000008.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page write copy
|
Base address: |
50B000
|
Size: |
12288
|
|
3833000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003833000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3833000
|
Size: |
4096
|
|
4058000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2398175552.0000000004058000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4058000
|
Size: |
4096
|
|
341A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000341A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
341A000
|
Size: |
4096
|
|
38F3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000038F3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38F3000
|
Size: |
4096
|
|
69F2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1973331829.00000000069F2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69F2000
|
Size: |
57344
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1960987385.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
34EE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000034EE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34EE000
|
Size: |
4096
|
|
295208E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2097471803.00000295208E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E7000
|
Size: |
8192
|
|
6E1801AC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2133285201.00006E1801AC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801AC0000
|
Size: |
40960
|
|
6E1800CB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104469479.00006E1800CB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800CB0000
|
Size: |
16384
|
|
6E1800CA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2107154400.00006E1800CA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800CA0000
|
Size: |
16384
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6E1801684000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135406608.00006E1801684000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801684000
|
Size: |
208896
|
|
6E1801370000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2139788125.00006E1801370000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801370000
|
Size: |
53248
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1962279055.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
20480
|
|
295208ED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2098724332.00000295208ED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208ED000
|
Size: |
24576
|
|
6E1802CE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2140481275.00006E1802CE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1802CE0000
|
Size: |
4096
|
|
6BB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1951971395.0000000006BB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6BB0000
|
Size: |
65536
|
|
36F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.00000000036F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
36F0000
|
Size: |
4096
|
|
360E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000360E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
360E000
|
Size: |
4096
|
|
2952090A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104587786.000002952090A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2952090A000
|
Size: |
4096
|
|
35AE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035AE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35AE000
|
Size: |
4096
|
|
6E1800A2C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2105338773.00006E1800A2C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800A2C000
|
Size: |
4096
|
|
6E18019F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2128447423.00006E18019F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18019F0000
|
Size: |
16384
|
|
6AA0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2022912688.0000000006AA0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
6AA0000
|
Size: |
65536
|
|
6E180198C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2127687189.00006E180198C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180198C000
|
Size: |
94208
|
|
6E1800344000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2108292292.00006E1800344000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800344000
|
Size: |
36864
|
|
376D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000376D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
376D000
|
Size: |
20480
|
|
6E18002AC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2102000143.00006E18002AC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18002AC000
|
Size: |
12288
|
|
37FB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037FB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37FB000
|
Size: |
4096
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1963651164.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
20480
|
|
295208E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2097787590.00000295208E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E7000
|
Size: |
8192
|
|
6E18001B4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2092548620.00006E18001B4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18001B4000
|
Size: |
8192
|
|
6E1801900000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2125703270.00006E1801900000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801900000
|
Size: |
65536
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1955151686.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
36864
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1973705995.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
12288
|
|
6E1802CF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2141101754.00006E1802CF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1802CF0000
|
Size: |
8192
|
|
37ED000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037ED000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37ED000
|
Size: |
4096
|
|
6E1800C25000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2123621084.00006E1800C25000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800C25000
|
Size: |
12288
|
|
681E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943890083.000000000681E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
681E000
|
Size: |
8192
|
|
398B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.000000000398B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
398B000
|
Size: |
12288
|
|
6E180105C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2106722277.00006E180105C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180105C000
|
Size: |
28672
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2830000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1988692748.0000000002830000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2830000
|
Size: |
45056
|
|
2FDD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2391989183.0000000002FDD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2FDD000
|
Size: |
12288
|
|
6E1801AD8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2125865472.00006E1801AD8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801AD8000
|
Size: |
49152
|
|
6950000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1953491781.0000000006950000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6950000
|
Size: |
65536
|
|
37C7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037C7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37C7000
|
Size: |
4096
|
|
67B0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2020325196.00000000067B0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
67B0000
|
Size: |
28672
|
|
34F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000034F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34F0000
|
Size: |
4096
|
|
6CC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1951073412.0000000006CC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6CC0000
|
Size: |
45056
|
|
396F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000396F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
396F000
|
Size: |
4096
|
|
6818000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1964830657.0000000006818000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6818000
|
Size: |
32768
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961751194.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
39A3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039A3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39A3000
|
Size: |
4096
|
|
33C0033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090345147.0000033C0033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C0033C000
|
Size: |
8192
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1964378543.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
16384
|
|
2CD7000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1990689899.0000000002CD7000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
2CD7000
|
Size: |
4096
|
|
A9E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1986732483.0000000000A9E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
A9E000
|
Size: |
8192
|
|
6E1800CB8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104667359.00006E1800CB8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800CB8000
|
Size: |
61440
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2D3E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1990764782.0000000002D3E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2D3E000
|
Size: |
8192
|
|
6E18019F4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2128399734.00006E18019F4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18019F4000
|
Size: |
16384
|
|
B50000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2389461933.0000000000B50000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
B50000
|
Size: |
4096
|
|
6E1801A30000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2129086075.00006E1801A30000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801A30000
|
Size: |
77824
|
|
3715000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003715000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3715000
|
Size: |
4096
|
|
2560000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1987082823.0000000002560000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2560000
|
Size: |
4096
|
|
6E1800F70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2108002327.00006E1800F70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800F70000
|
Size: |
4096
|
|
6E1800350000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2125266350.00006E1800350000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800350000
|
Size: |
12288
|
|
6805000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1963444811.0000000006805000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6805000
|
Size: |
12288
|
|
379A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000379A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
379A000
|
Size: |
4096
|
|
6C90000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2023930046.0000000006C90000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
6C90000
|
Size: |
131072
|
|
386D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000386D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
386D000
|
Size: |
4096
|
|
256D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1987163718.000000000256D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
256D000
|
Size: |
4096
|
|
35A1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035A1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35A1000
|
Size: |
4096
|
|
57F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2014917907.00000000057F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
57F0000
|
Size: |
61440
|
|
6E1800304000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2138163751.00006E1800304000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800304000
|
Size: |
8192
|
|
3974000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.0000000003974000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3974000
|
Size: |
16384
|
|
6E1800CA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2103863478.00006E1800CA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800CA0000
|
Size: |
16384
|
|
295208F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2099352872.00000295208F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F3000
|
Size: |
8192
|
|
6E1801360000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2133039584.00006E1801360000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801360000
|
Size: |
65536
|
|
295208EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100781807.00000295208EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208EE000
|
Size: |
16384
|
|
384E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000384E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
384E000
|
Size: |
4096
|
|
2952090A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2105120671.000002952090A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2952090A000
|
Size: |
24576
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961716565.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
32C0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392158683.00000000032C0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
32C0000
|
Size: |
36864
|
|
3669000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.0000000003669000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3669000
|
Size: |
4096
|
|
39A1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039A1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39A1000
|
Size: |
4096
|
|
3418000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003418000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3418000
|
Size: |
4096
|
|
3562000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003562000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3562000
|
Size: |
57344
|
|
67C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1954883708.00000000067C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67C0000
|
Size: |
65536
|
|
69D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1967140728.00000000069D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69D0000
|
Size: |
65536
|
|
36DE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000036DE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
36DE000
|
Size: |
12288
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1962179642.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
24576
|
|
C70000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2391442493.0000000000C70000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
C70000
|
Size: |
16384
|
|
6E18014E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134070445.00006E18014E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18014E4000
|
Size: |
98304
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1965457902.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
45056
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1963238166.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
28672
|
|
6E18016F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135960091.00006E18016F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18016F0000
|
Size: |
77824
|
|
6E18024A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2139354141.00006E18024A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18024A0000
|
Size: |
20480
|
|
6E18017C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2136970303.00006E18017C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18017C0000
|
Size: |
225280
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1962244957.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
29520910000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104911491.0000029520910000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520910000
|
Size: |
4096
|
|
6E180033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2105502142.00006E180033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180033C000
|
Size: |
8192
|
|
4F18002C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2086876447.00004F18002C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F18002C0000
|
Size: |
4096
|
|
295208ED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2097039618.00000295208ED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208ED000
|
Size: |
20480
|
|
3290000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991392801.0000000003290000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3290000
|
Size: |
65536
|
|
6E1801B98000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2139296874.00006E1801B98000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801B98000
|
Size: |
110592
|
|
6E18002A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2107365497.00006E18002A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18002A4000
|
Size: |
8192
|
|
295208E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2098483750.00000295208E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E7000
|
Size: |
8192
|
|
3C6A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2396559058.0000000003C6A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3C6A000
|
Size: |
4096
|
|
67F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1959259839.00000000067F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67F0000
|
Size: |
40960
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1969743556.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
8192
|
|
6990000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943071389.0000000006990000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6990000
|
Size: |
65536
|
|
295208F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096473459.00000295208F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F0000
|
Size: |
8192
|
|
6E1801578000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134322842.00006E1801578000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801578000
|
Size: |
16384
|
|
365D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000365D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
365D000
|
Size: |
4096
|
|
3556000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003556000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3556000
|
Size: |
4096
|
|
379C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000379C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
379C000
|
Size: |
45056
|
|
6E1801234000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2125300772.00006E1801234000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801234000
|
Size: |
4096
|
|
365B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000365B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
365B000
|
Size: |
4096
|
|
67E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1950399351.00000000067E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67E0000
|
Size: |
61440
|
|
6E1801594000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134289789.00006E1801594000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801594000
|
Size: |
155648
|
|
6E1801028000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2139868835.00006E1801028000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801028000
|
Size: |
204800
|
|
6A10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1983265168.0000000006A10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A10000
|
Size: |
65536
|
|
6E18010A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2107754428.00006E18010A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18010A0000
|
Size: |
356352
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
347D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000347D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
347D000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1966996547.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
6E1800CB8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2155248585.00006E1800CB8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800CB8000
|
Size: |
20480
|
|
2CDB000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1990716248.0000000002CDB000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
2CDB000
|
Size: |
4096
|
|
6980000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1953202221.0000000006980000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6980000
|
Size: |
12288
|
|
67D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1949124243.00000000067D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67D0000
|
Size: |
8192
|
|
392B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.000000000392B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
392B000
|
Size: |
8192
|
|
6E1800380000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2098125889.00006E1800380000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800380000
|
Size: |
69632
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
295208EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2101032561.00000295208EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208EE000
|
Size: |
16384
|
|
3993000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.0000000003993000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3993000
|
Size: |
16384
|
|
6A10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1984689494.0000000006A10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A10000
|
Size: |
28672
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1962820088.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
8192
|
|
374B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000374B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
374B000
|
Size: |
4096
|
|
67E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1957045003.00000000067E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67E0000
|
Size: |
8192
|
|
3839000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003839000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3839000
|
Size: |
4096
|
|
6811000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1969185812.0000000006811000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6811000
|
Size: |
61440
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1971280674.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
40960
|
|
6E1800CB8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134586395.00006E1800CB8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800CB8000
|
Size: |
20480
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1968954377.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1964406501.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
63EE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2019875143.00000000063EE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
63EE000
|
Size: |
8192
|
|
3764000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003764000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3764000
|
Size: |
4096
|
|
B3D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2389415090.0000000000B3D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
B3D000
|
Size: |
12288
|
|
69A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943038519.00000000069A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69A0000
|
Size: |
65536
|
|
295208EC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096864765.00000295208EC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208EC000
|
Size: |
24576
|
|
4F18002A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2086386125.00004F18002A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F18002A0000
|
Size: |
4096
|
|
39A1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.00000000039A1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
39A1000
|
Size: |
20480
|
|
AFA000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2389090492.0000000000AFA000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
AFA000
|
Size: |
4096
|
|
6E18017F8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2137424481.00006E18017F8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18017F8000
|
Size: |
16384
|
|
3661000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003661000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3661000
|
Size: |
4096
|
|
69D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1966788151.00000000069D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69D0000
|
Size: |
65536
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1947812222.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
65536
|
|
370B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000370B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
370B000
|
Size: |
4096
|
|
398A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000398A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
398A000
|
Size: |
4096
|
|
3663000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003663000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3663000
|
Size: |
4096
|
|
42B1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2011205715.00000000042B1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
42B1000
|
Size: |
466944
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
URLs found in memory or binary data |
Networking |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
391D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000391D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
391D000
|
Size: |
290816
|
|
40F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2398175552.00000000040F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
40F0000
|
Size: |
4096
|
|
4508000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2398562514.0000000004508000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4508000
|
Size: |
4096
|
|
35AC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035AC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35AC000
|
Size: |
4096
|
|
1D4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1939035077.00000000001D4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D4000
|
Size: |
4096
|
|
6970000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1956277623.0000000006970000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6970000
|
Size: |
65536
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961128038.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
6E180033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2154550722.00006E180033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180033C000
|
Size: |
8192
|
|
6920000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943309590.0000000006920000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6920000
|
Size: |
65536
|
|
6E1800350000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2108775666.00006E1800350000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800350000
|
Size: |
32768
|
|
5A90000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2015415730.0000000005A90000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5A90000
|
Size: |
57344
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1963160872.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
16384
|
|
6E180132C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2120929899.00006E180132C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180132C000
|
Size: |
45056
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1971190019.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
49152
|
|
6E1801C04000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2140100232.00006E1801C04000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801C04000
|
Size: |
2342912
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1962001426.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
20480
|
|
67F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1956686301.00000000067F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67F0000
|
Size: |
65536
|
|
67F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1956901747.00000000067F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67F0000
|
Size: |
61440
|
|
3541000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003541000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3541000
|
Size: |
4096
|
|
3462000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003462000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3462000
|
Size: |
4096
|
|
BB7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2389518056.0000000000BB7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
BB7000
|
Size: |
126976
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
401000
|
unkown
|
page execute read
|
|
|
|
Name: |
00000000.00000000.1706626019.0000000000401000.00000020.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page execute read
|
Base address: |
401000
|
Size: |
1089536
|
|
6AB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1952514193.0000000006AB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6AB0000
|
Size: |
65536
|
|
3687000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003687000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3687000
|
Size: |
4096
|
|
6860000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1954258212.0000000006860000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6860000
|
Size: |
65536
|
|
6910000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943343703.0000000006910000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6910000
|
Size: |
65536
|
|
2952090B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104265951.000002952090B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2952090B000
|
Size: |
24576
|
|
6E180169C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135646267.00006E180169C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180169C000
|
Size: |
110592
|
|
3728000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.0000000003728000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3728000
|
Size: |
65536
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
3571000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003571000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3571000
|
Size: |
4096
|
|
327E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991303806.000000000327E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
327E000
|
Size: |
8192
|
|
686C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943651854.000000000686C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
686C000
|
Size: |
4096
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1965714478.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
16384
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1963112961.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
20480
|
|
396D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000396D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
396D000
|
Size: |
4096
|
|
6E1801734000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2137511529.00006E1801734000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801734000
|
Size: |
49152
|
|
29520907000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104809816.0000029520907000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520907000
|
Size: |
16384
|
|
3429000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003429000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3429000
|
Size: |
4096
|
|
6E1801554000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2133997126.00006E1801554000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801554000
|
Size: |
258048
|
|
6A60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1952718681.0000000006A60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A60000
|
Size: |
65536
|
|
3507000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003507000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3507000
|
Size: |
4096
|
|
6E1801AB4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2132723012.00006E1801AB4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801AB4000
|
Size: |
4096
|
|
3801000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003801000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3801000
|
Size: |
4096
|
|
295208E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2098651547.00000295208E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E7000
|
Size: |
4096
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1960569103.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
65536
|
|
295208F7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2105161794.00000295208F7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F7000
|
Size: |
4096
|
|
3869000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003869000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3869000
|
Size: |
4096
|
|
3707000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003707000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3707000
|
Size: |
4096
|
|
6E18001AC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2095482481.00006E18001AC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18001AC000
|
Size: |
4096
|
|
295208F9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2105161794.00000295208F9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F9000
|
Size: |
4096
|
|
399B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000399B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
399B000
|
Size: |
4096
|
|
44C8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2398562514.00000000044C8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
44C8000
|
Size: |
4096
|
|
4F18002A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2086814853.00004F18002A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F18002A0000
|
Size: |
4096
|
|
6E1800A2C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104552935.00006E1800A2C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800A2C000
|
Size: |
36864
|
|
375A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000375A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
375A000
|
Size: |
4096
|
|
6E1800F4C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2107312415.00006E1800F4C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800F4C000
|
Size: |
139264
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
295208F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100677614.00000295208F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F3000
|
Size: |
8192
|
|
29520916000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2103063157.0000029520916000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520916000
|
Size: |
4096
|
|
6E1801260000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2137668288.00006E1801260000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801260000
|
Size: |
143360
|
|
345C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000345C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
345C000
|
Size: |
4096
|
|
39E5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.00000000039E5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
39E5000
|
Size: |
4096
|
|
34AB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000034AB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34AB000
|
Size: |
4096
|
|
6E1800A2C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2107229406.00006E1800A2C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800A2C000
|
Size: |
36864
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
3617000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003617000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3617000
|
Size: |
45056
|
|
295208ED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2097558351.00000295208ED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208ED000
|
Size: |
24576
|
|
29520927000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2103921298.0000029520927000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520927000
|
Size: |
16384
|
|
10D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2391692307.00000000010D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
10D0000
|
Size: |
53248
|
|
295208E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2097649883.00000295208E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E7000
|
Size: |
8192
|
|
358E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000358E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
358E000
|
Size: |
4096
|
|
6E18013A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134495146.00006E18013A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18013A4000
|
Size: |
4096
|
|
6E1800220000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2092840354.00006E1800220000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800220000
|
Size: |
16384
|
|
6E1801944000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2126656536.00006E1801944000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801944000
|
Size: |
94208
|
|
6851000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1954972538.0000000006851000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6851000
|
Size: |
16384
|
|
364B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000364B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
364B000
|
Size: |
45056
|
|
6E180156C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134557424.00006E180156C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180156C000
|
Size: |
49152
|
|
360C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000360C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
360C000
|
Size: |
4096
|
|
2CFF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000003.2482676387.0000000002CFF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2CFF000
|
Size: |
4096
|
|
6E1800FD4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2106236591.00006E1800FD4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800FD4000
|
Size: |
53248
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
295208E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2098582504.00000295208E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E7000
|
Size: |
8192
|
|
3723000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.0000000003723000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3723000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1965748809.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
6E1801708000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2136063073.00006E1801708000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801708000
|
Size: |
147456
|
|
321E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991139076.000000000321E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
321E000
|
Size: |
8192
|
|
2554000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1987046597.0000000002554000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2554000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1971132610.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
40960
|
|
6869000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943651854.0000000006869000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6869000
|
Size: |
8192
|
|
6900000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943374383.0000000006900000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6900000
|
Size: |
65536
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1960822100.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
3108000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991069632.0000000003108000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3108000
|
Size: |
8192
|
|
6E1801A80000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2131813608.00006E1801A80000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801A80000
|
Size: |
16384
|
|
295208ED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2098651547.00000295208ED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208ED000
|
Size: |
24576
|
|
6E1802CF4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2141101754.00006E1802CF4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1802CF4000
|
Size: |
12288
|
|
F4E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2391549391.0000000000F4E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
F4E000
|
Size: |
8192
|
|
37D6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037D6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37D6000
|
Size: |
36864
|
|
35A3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035A3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35A3000
|
Size: |
4096
|
|
67F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1958523884.00000000067F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67F0000
|
Size: |
16384
|
|
3BD5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2396559058.0000000003BD5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3BD5000
|
Size: |
4096
|
|
295208E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2097137950.00000295208E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E7000
|
Size: |
4096
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1960677830.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
65536
|
|
67C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2020409469.00000000067C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67C0000
|
Size: |
65536
|
|
6E1800C25000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2122085398.00006E1800C25000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800C25000
|
Size: |
12288
|
|
3494000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003494000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3494000
|
Size: |
4096
|
|
6840000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943821619.0000000006840000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6840000
|
Size: |
65536
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1967727269.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
36864
|
|
6E1800350000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2103764704.00006E1800350000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800350000
|
Size: |
45056
|
|
6990000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1957583663.0000000006990000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6990000
|
Size: |
49152
|
|
68B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943515408.00000000068B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
68B0000
|
Size: |
65536
|
|
3762000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003762000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3762000
|
Size: |
4096
|
|
33C00658000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091368737.0000033C00658000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00658000
|
Size: |
49152
|
|
6E1801A0C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2132370994.00006E1801A0C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801A0C000
|
Size: |
49152
|
|
68BD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1953951642.00000000068BD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
68BD000
|
Size: |
12288
|
|
1D4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1939289058.00000000001D4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D4000
|
Size: |
4096
|
|
5835000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2015002531.0000000005835000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5835000
|
Size: |
36864
|
|
295208DB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096608208.00000295208DB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208DB000
|
Size: |
16384
|
|
6E1802B58000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2139915801.00006E1802B58000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1802B58000
|
Size: |
409600
|
|
53AE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2014840716.00000000053AE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
53AE000
|
Size: |
8192
|
|
6E1800ED8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2103809859.00006E1800ED8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800ED8000
|
Size: |
53248
|
|
39FD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039FD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39FD000
|
Size: |
4096
|
|
9D7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1940442927.00000000009D7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
9D7000
|
Size: |
86016
|
|
67C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1955762447.00000000067C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67C0000
|
Size: |
65536
|
|
6E1801A1C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2128575328.00006E1801A1C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801A1C000
|
Size: |
159744
|
|
33C006B8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091154227.0000033C006B8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C006B8000
|
Size: |
65536
|
|
6E18007E8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2105832740.00006E18007E8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18007E8000
|
Size: |
69632
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1969250131.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
8192
|
|
6E1801948000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2126764867.00006E1801948000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801948000
|
Size: |
77824
|
|
698D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1953202221.000000000698D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
698D000
|
Size: |
16384
|
|
6E1801678000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2136390089.00006E1801678000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801678000
|
Size: |
49152
|
|
391B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000391B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
391B000
|
Size: |
4096
|
|
6E1801240000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2114536664.00006E1801240000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801240000
|
Size: |
77824
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943942853.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
65536
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961374351.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
4C52000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2399125840.0000000004C52000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4C52000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1968633023.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
28672
|
|
6B50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1970754256.0000000006B50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6B50000
|
Size: |
40960
|
|
2952090A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104031110.000002952090A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2952090A000
|
Size: |
28672
|
|
35BE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035BE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35BE000
|
Size: |
4096
|
|
6E1800328000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2093733222.00006E1800328000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800328000
|
Size: |
4096
|
|
67E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1955677785.00000000067E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67E0000
|
Size: |
45056
|
|
29520900000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2101950174.0000029520900000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520900000
|
Size: |
12288
|
|
45BD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2398562514.00000000045BD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
45BD000
|
Size: |
4096
|
|
34BA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000034BA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34BA000
|
Size: |
12288
|
|
295208E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2098388090.00000295208E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E7000
|
Size: |
8192
|
|
38CE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000038CE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38CE000
|
Size: |
4096
|
|
68D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943464907.00000000068D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
68D0000
|
Size: |
8192
|
|
9A0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1985156577.00000000009A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
9A0000
|
Size: |
49152
|
|
3483000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003483000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3483000
|
Size: |
4096
|
|
358C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000358C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
358C000
|
Size: |
4096
|
|
6834000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1957908975.0000000006834000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6834000
|
Size: |
49152
|
|
6E180033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2105196619.00006E180033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180033C000
|
Size: |
16384
|
|
3524000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003524000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3524000
|
Size: |
4096
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1960057525.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
65536
|
|
6E180031C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2093708681.00006E180031C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180031C000
|
Size: |
4096
|
|
36A5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.00000000036A5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
36A5000
|
Size: |
4096
|
|
6830000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1957908975.0000000006830000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6830000
|
Size: |
12288
|
|
3895000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003895000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3895000
|
Size: |
4096
|
|
3671000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.0000000003671000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3671000
|
Size: |
4096
|
|
295208E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100781807.00000295208E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E7000
|
Size: |
16384
|
|
6E1801A34000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2130658364.00006E1801A34000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801A34000
|
Size: |
61440
|
|
6E1802A88000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2141318749.00006E1802A88000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1802A88000
|
Size: |
405504
|
|
6E1801788000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2136727322.00006E1801788000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801788000
|
Size: |
16384
|
|
3867000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003867000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3867000
|
Size: |
4096
|
|
37BD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037BD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37BD000
|
Size: |
4096
|
|
388E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000388E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
388E000
|
Size: |
24576
|
|
A25000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1985156577.0000000000A25000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A25000
|
Size: |
61440
|
|
367F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000367F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
367F000
|
Size: |
28672
|
|
326F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392103305.000000000326F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
326F000
|
Size: |
4096
|
|
10DE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2391692307.00000000010DE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
10DE000
|
Size: |
4096
|
|
6E18002E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2093657743.00006E18002E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18002E0000
|
Size: |
4096
|
|
39EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.00000000039EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
39EE000
|
Size: |
8192
|
|
33C00330000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090362896.0000033C00330000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00330000
|
Size: |
4096
|
|
33C00320000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090399164.0000033C00320000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00320000
|
Size: |
4096
|
|
67F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943970441.00000000067F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67F0000
|
Size: |
65536
|
|
6E18016D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2136201428.00006E18016D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18016D0000
|
Size: |
49152
|
|
6E1801B28000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2125865472.00006E1801B28000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801B28000
|
Size: |
163840
|
|
6E18015F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134730129.00006E18015F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18015F0000
|
Size: |
16384
|
|
3623000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003623000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3623000
|
Size: |
4096
|
|
34F6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000034F6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34F6000
|
Size: |
57344
|
|
6E1801AA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2132757281.00006E1801AA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801AA0000
|
Size: |
77824
|
|
3558000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003558000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3558000
|
Size: |
4096
|
|
3773000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003773000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3773000
|
Size: |
12288
|
|
3766000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003766000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3766000
|
Size: |
4096
|
|
6A10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1973279674.0000000006A10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A10000
|
Size: |
40960
|
|
29520907000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104413054.0000029520907000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520907000
|
Size: |
40960
|
|
29520E09000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2095009273.0000029520E09000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520E09000
|
Size: |
16384
|
|
6969000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1956333171.0000000006969000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6969000
|
Size: |
28672
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1964549884.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
65536
|
|
6E18014D4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2133587848.00006E18014D4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18014D4000
|
Size: |
225280
|
|
67F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1959688475.00000000067F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67F0000
|
Size: |
65536
|
|
33C00320000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090537482.0000033C00320000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00320000
|
Size: |
4096
|
|
6E1801920000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2126722149.00006E1801920000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801920000
|
Size: |
61440
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
67F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1958609512.00000000067F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67F0000
|
Size: |
24576
|
|
29520927000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2103820718.0000029520927000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520927000
|
Size: |
16384
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1955840297.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
36864
|
|
A1C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1985156577.0000000000A1C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A1C000
|
Size: |
8192
|
|
6780000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1944177705.0000000006780000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6780000
|
Size: |
65536
|
|
39AE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.00000000039AE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
39AE000
|
Size: |
4096
|
|
295208F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2099562755.00000295208F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F3000
|
Size: |
8192
|
|
6984000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1953202221.0000000006984000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6984000
|
Size: |
12288
|
|
6BA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1952014662.0000000006BA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6BA0000
|
Size: |
65536
|
|
6E1800454000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2105079917.00006E1800454000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800454000
|
Size: |
225280
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
3220000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991160777.0000000003220000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3220000
|
Size: |
65536
|
|
295208EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100288751.00000295208EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208EE000
|
Size: |
16384
|
|
27B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2483054460.00000000027B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
27B0000
|
Size: |
20480
|
|
6E1801938000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2127999014.00006E1801938000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801938000
|
Size: |
49152
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1960624598.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
69D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1964024933.00000000069D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69D0000
|
Size: |
65536
|
|
3983000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.0000000003983000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3983000
|
Size: |
16384
|
|
33C0060C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090957598.0000033C0060C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C0060C000
|
Size: |
16384
|
|
38F5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000038F5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38F5000
|
Size: |
49152
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1965240434.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
6E1801B28000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2125959307.00006E1801B28000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801B28000
|
Size: |
163840
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1959498852.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
29520927000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2103063157.0000029520927000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520927000
|
Size: |
12288
|
|
3412000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003412000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3412000
|
Size: |
4096
|
|
295208EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2099699896.00000295208EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208EE000
|
Size: |
16384
|
|
6E1801960000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2127467399.00006E1801960000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801960000
|
Size: |
65536
|
|
6E180191C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2126207182.00006E180191C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180191C000
|
Size: |
77824
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
295208F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100874313.00000295208F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F3000
|
Size: |
8192
|
|
33C006E8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091260940.0000033C006E8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C006E8000
|
Size: |
176128
|
|
AF0000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2389090492.0000000000AF0000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
AF0000
|
Size: |
32768
|
|
6E18015E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134884769.00006E18015E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18015E4000
|
Size: |
49152
|
|
29520900000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2102053086.0000029520900000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520900000
|
Size: |
24576
|
|
6E18002A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2102754431.00006E18002A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18002A4000
|
Size: |
45056
|
|
3644000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003644000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3644000
|
Size: |
4096
|
|
3977000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003977000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3977000
|
Size: |
57344
|
|
377D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000377D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
377D000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1969677035.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
12288
|
|
69C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1957424465.00000000069C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69C0000
|
Size: |
65536
|
|
2B9F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2483408135.0000000002B9F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2B9F000
|
Size: |
4096
|
|
4060000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2398175552.0000000004060000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4060000
|
Size: |
4096
|
|
3871000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003871000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3871000
|
Size: |
4096
|
|
3678000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003678000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3678000
|
Size: |
24576
|
|
4F18002E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2087183646.00004F18002E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F18002E4000
|
Size: |
4096
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
390B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000390B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
390B000
|
Size: |
53248
|
|
6E18014D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2133543696.00006E18014D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18014D0000
|
Size: |
241664
|
|
E4E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2391522241.0000000000E4E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
E4E000
|
Size: |
8192
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961155910.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1966209479.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
33C006B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091037991.0000033C006B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C006B0000
|
Size: |
208896
|
|
67F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1958833459.00000000067F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67F0000
|
Size: |
45056
|
|
3835000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003835000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3835000
|
Size: |
4096
|
|
34F2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000034F2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34F2000
|
Size: |
4096
|
|
2590000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1987328586.0000000002590000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
2590000
|
Size: |
4096
|
|
2CF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1990748423.0000000002CF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2CF0000
|
Size: |
4096
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1963444811.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
16384
|
|
366C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000366C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
366C000
|
Size: |
45056
|
|
5A9F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2015415730.0000000005A9F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5A9F000
|
Size: |
4096
|
|
38A3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000038A3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38A3000
|
Size: |
4096
|
|
345E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000345E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
345E000
|
Size: |
4096
|
|
6CB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1951112666.0000000006CB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6CB0000
|
Size: |
65536
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1968002644.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
36864
|
|
6E18017D8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2137137676.00006E18017D8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18017D8000
|
Size: |
126976
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961551724.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
8192
|
|
3485000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003485000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3485000
|
Size: |
57344
|
|
6E180178C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2136686856.00006E180178C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180178C000
|
Size: |
196608
|
|
6E18001B4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2094046248.00006E18001B4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18001B4000
|
Size: |
16384
|
|
33C00320000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091782224.0000033C00320000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00320000
|
Size: |
4096
|
|
2570000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1987201571.0000000002570000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2570000
|
Size: |
4096
|
|
35C4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035C4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35C4000
|
Size: |
4096
|
|
36A7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.00000000036A7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
36A7000
|
Size: |
12288
|
|
37E2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037E2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37E2000
|
Size: |
20480
|
|
2572000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1987223085.0000000002572000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2572000
|
Size: |
4096
|
|
6E1800F70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2105268348.00006E1800F70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800F70000
|
Size: |
4096
|
|
36E8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.00000000036E8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
36E8000
|
Size: |
8192
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961890948.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
5A80000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2015315543.0000000005A80000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5A80000
|
Size: |
65536
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1954486493.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
36864
|
|
10CE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2391649910.00000000010CE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
10CE000
|
Size: |
8192
|
|
39D9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.00000000039D9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
39D9000
|
Size: |
8192
|
|
6870000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1954211220.0000000006870000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6870000
|
Size: |
65536
|
|
9D4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1940503880.00000000009D4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
9D4000
|
Size: |
12288
|
|
4F18002C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2086532927.00004F18002C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F18002C0000
|
Size: |
4096
|
|
6E1801568000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134130340.00006E1801568000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801568000
|
Size: |
176128
|
|
3608000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003608000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3608000
|
Size: |
4096
|
|
29520E0E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2095009273.0000029520E0E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520E0E000
|
Size: |
65536
|
|
3897000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003897000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3897000
|
Size: |
20480
|
|
449E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2398562514.000000000449E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
449E000
|
Size: |
4096
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1959668813.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
8192
|
|
350B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000350B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
350B000
|
Size: |
4096
|
|
3280000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991330655.0000000003280000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3280000
|
Size: |
53248
|
|
3745000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003745000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3745000
|
Size: |
4096
|
|
38ED000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000038ED000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38ED000
|
Size: |
4096
|
|
68E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1953841655.00000000068E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
68E0000
|
Size: |
65536
|
|
6E1801A64000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2133390284.00006E1801A64000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801A64000
|
Size: |
28672
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1962897782.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
65536
|
|
295208E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096608208.00000295208E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E0000
|
Size: |
16384
|
|
2952090B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104503081.000002952090B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2952090B000
|
Size: |
24576
|
|
39A5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039A5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39A5000
|
Size: |
4096
|
|
3814000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003814000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3814000
|
Size: |
4096
|
|
4F18002C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2087205533.00004F18002C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F18002C0000
|
Size: |
4096
|
|
383C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394558626.000000000383C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
383C000
|
Size: |
16384
|
|
69F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1952931976.00000000069F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69F0000
|
Size: |
65536
|
|
6E1801688000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135453511.00006E1801688000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801688000
|
Size: |
192512
|
|
33C0069C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091307666.0000033C0069C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C0069C000
|
Size: |
61440
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1959542659.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
65536
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1971376623.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
36864
|
|
33C00664000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090921634.0000033C00664000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00664000
|
Size: |
77824
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1962845083.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
33C00610000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090774399.0000033C00610000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00610000
|
Size: |
192512
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1956611222.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
4096
|
|
6E1801A9C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2132495564.00006E1801A9C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801A9C000
|
Size: |
94208
|
|
295208DB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096945560.00000295208DB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208DB000
|
Size: |
4096
|
|
35BA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035BA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35BA000
|
Size: |
12288
|
|
39F3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039F3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39F3000
|
Size: |
4096
|
|
295208ED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2097611782.00000295208ED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208ED000
|
Size: |
24576
|
|
399F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000399F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
399F000
|
Size: |
4096
|
|
398C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000398C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
398C000
|
Size: |
4096
|
|
6E180247D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2139354141.00006E180247D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180247D000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1963955191.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
4096
|
|
6A70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1952665903.0000000006A70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A70000
|
Size: |
61440
|
|
3FB8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2398175552.0000000003FB8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3FB8000
|
Size: |
4096
|
|
32A0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991459586.00000000032A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
32A0000
|
Size: |
4096
|
|
6E1800DEC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2103455538.00006E1800DEC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800DEC000
|
Size: |
12288
|
|
316E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392070426.000000000316E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
316E000
|
Size: |
8192
|
|
3625000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003625000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3625000
|
Size: |
4096
|
|
3749000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003749000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3749000
|
Size: |
4096
|
|
2DBF000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2482361294.0000000002DBF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2DBF000
|
Size: |
4096
|
|
355A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000355A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
355A000
|
Size: |
4096
|
|
3A16000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1983778072.0000000003A16000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3A16000
|
Size: |
4096
|
|
6E1800C20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2102872529.00006E1800C20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800C20000
|
Size: |
8192
|
|
2720000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2482945444.0000000002720000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2720000
|
Size: |
4096
|
|
35AC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392335921.00000000035AC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
35AC000
|
Size: |
16384
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1962759949.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
33C0040C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091602905.0000033C0040C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C0040C000
|
Size: |
4096
|
|
950000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1985132753.0000000000950000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
950000
|
Size: |
8192
|
|
6A10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1976560908.0000000006A10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A10000
|
Size: |
57344
|
|
9AD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1985156577.00000000009AD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
9AD000
|
Size: |
442368
|
|
6E1800310000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2093677231.00006E1800310000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800310000
|
Size: |
4096
|
|
35A5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035A5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35A5000
|
Size: |
4096
|
|
6E180162C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135893310.00006E180162C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180162C000
|
Size: |
49152
|
|
365E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.000000000365E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
365E000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961921677.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1962092655.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
39C4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039C4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39C4000
|
Size: |
4096
|
|
377B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000377B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
377B000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1966329799.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
67D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1949767320.00000000067D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67D0000
|
Size: |
65536
|
|
6E1800F70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2105741886.00006E1800F70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800F70000
|
Size: |
4096
|
|
4B5A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2399125840.0000000004B5A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4B5A000
|
Size: |
12288
|
|
2831000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1937428356.0000000002831000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2831000
|
Size: |
65536
|
|
36AA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000036AA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
36AA000
|
Size: |
4096
|
|
6AE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1952392835.0000000006AE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6AE0000
|
Size: |
65536
|
|
33C00368000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090414677.0000033C00368000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00368000
|
Size: |
4096
|
|
6E1801284000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2120090994.00006E1801284000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801284000
|
Size: |
135168
|
|
6E1800D88000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2121318964.00006E1800D88000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800D88000
|
Size: |
45056
|
|
6E18015C4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134704643.00006E18015C4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18015C4000
|
Size: |
61440
|
|
34CE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000034CE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34CE000
|
Size: |
4096
|
|
69E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1942807536.00000000069E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69E0000
|
Size: |
65536
|
|
37D1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037D1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37D1000
|
Size: |
4096
|
|
36A2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.00000000036A2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
36A2000
|
Size: |
8192
|
|
6B74000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1952123191.0000000006B74000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6B74000
|
Size: |
49152
|
|
6E18015F4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134676635.00006E18015F4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18015F4000
|
Size: |
32768
|
|
69D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1966086010.00000000069D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69D0000
|
Size: |
20480
|
|
37AA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037AA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37AA000
|
Size: |
4096
|
|
3713000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003713000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3713000
|
Size: |
4096
|
|
6E1801A18000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2128516279.00006E1801A18000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801A18000
|
Size: |
176128
|
|
6E18019C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2128153327.00006E18019C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18019C8000
|
Size: |
49152
|
|
6900000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1953758251.0000000006900000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6900000
|
Size: |
4096
|
|
6CD0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2024159116.0000000006CD0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6CD0000
|
Size: |
65536
|
|
3690000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.0000000003690000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3690000
|
Size: |
4096
|
|
68C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943484080.00000000068C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
68C0000
|
Size: |
65536
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1964972318.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
32768
|
|
38D2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000038D2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38D2000
|
Size: |
4096
|
|
6E18015F8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134757728.00006E18015F8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18015F8000
|
Size: |
16384
|
|
35E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35E4000
|
Size: |
36864
|
|
682B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1955151686.000000000682B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
682B000
|
Size: |
20480
|
|
6E1800C1C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2122085398.00006E1800C1C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800C1C000
|
Size: |
12288
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1974937114.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
6E1800CB8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2112985271.00006E1800CB8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800CB8000
|
Size: |
16384
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1971971041.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
39FB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039FB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39FB000
|
Size: |
4096
|
|
5840000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2015074066.0000000005840000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
5840000
|
Size: |
20480
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1969071346.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
676F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2020230520.000000000676F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
676F000
|
Size: |
4096
|
|
68D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1953884659.00000000068D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
68D0000
|
Size: |
65536
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1969785712.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
40960
|
|
35EE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035EE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35EE000
|
Size: |
16384
|
|
38D6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000038D6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38D6000
|
Size: |
4096
|
|
6E1800C1C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2123621084.00006E1800C1C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800C1C000
|
Size: |
32768
|
|
2D70000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1990928822.0000000002D70000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
2D70000
|
Size: |
4096
|
|
67C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1955461975.00000000067C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67C0000
|
Size: |
65536
|
|
BDE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1986784882.0000000000BDE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
BDE000
|
Size: |
8192
|
|
3A80000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2396434281.0000000003A80000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3A80000
|
Size: |
12288
|
|
2840000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1938738723.0000000002840000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2840000
|
Size: |
172032
|
|
3986000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003986000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3986000
|
Size: |
4096
|
|
67D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1955712180.00000000067D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67D0000
|
Size: |
65536
|
|
6E1801984000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2127638602.00006E1801984000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801984000
|
Size: |
16384
|
|
3743000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003743000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3743000
|
Size: |
4096
|
|
6E1801740000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2136299495.00006E1801740000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801740000
|
Size: |
77824
|
|
3A87000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2396434281.0000000003A87000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3A87000
|
Size: |
4096
|
|
6988000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1953202221.0000000006988000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6988000
|
Size: |
16384
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1962311749.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1947835506.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
2690000
|
direct allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1987357651.0000000002690000.00000040.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page execute and read and write
|
Base address: |
2690000
|
Size: |
1691648
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Malicious sample detected (through community Yara rule) |
System Summary |
|
Yara signature match |
System Summary |
|
URLs found in memory or binary data |
Networking |
|
|
67B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1948910263.00000000067B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67B0000
|
Size: |
65536
|
|
6E1800228000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2092581057.00006E1800228000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800228000
|
Size: |
274432
|
|
6E18012A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2121570528.00006E18012A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18012A8000
|
Size: |
229376
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
295208D6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096249808.00000295208D6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208D6000
|
Size: |
8192
|
|
6E1800C25000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2154898161.00006E1800C25000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800C25000
|
Size: |
12288
|
|
6E1802473000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2139354141.00006E1802473000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1802473000
|
Size: |
4096
|
|
295208F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100087949.00000295208F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F3000
|
Size: |
8192
|
|
394B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.000000000394B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
394B000
|
Size: |
16384
|
|
345A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000345A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
345A000
|
Size: |
4096
|
|
6E1802D00000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2149917408.00006E1802D00000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1802D00000
|
Size: |
12288
|
|
6940000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943236217.0000000006940000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6940000
|
Size: |
65536
|
|
6E18019B8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2127801865.00006E18019B8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18019B8000
|
Size: |
4096
|
|
6E1801340000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2120839508.00006E1801340000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801340000
|
Size: |
53248
|
|
39B5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.00000000039B5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
39B5000
|
Size: |
4096
|
|
3902000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003902000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3902000
|
Size: |
4096
|
|
6AD0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1952434218.0000000006AD0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6AD0000
|
Size: |
65536
|
|
295208ED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2097072495.00000295208ED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208ED000
|
Size: |
24576
|
|
6E18017E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2137281841.00006E18017E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18017E4000
|
Size: |
77824
|
|
B70000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2389518056.0000000000B70000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
B70000
|
Size: |
24576
|
|
373D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000373D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
373D000
|
Size: |
4096
|
|
3642000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003642000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3642000
|
Size: |
4096
|
|
6E1801360000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2120640922.00006E1801360000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801360000
|
Size: |
61440
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6E18001F8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2092997596.00006E18001F8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18001F8000
|
Size: |
16384
|
|
3BE0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2396559058.0000000003BE0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3BE0000
|
Size: |
4096
|
|
3956000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.0000000003956000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3956000
|
Size: |
4096
|
|
29A0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2483199316.00000000029A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29A0000
|
Size: |
36864
|
|
6E1800C54000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2101827094.00006E1800C54000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800C54000
|
Size: |
16384
|
|
6B60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1970632921.0000000006B60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6B60000
|
Size: |
65536
|
|
6E1801610000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134992742.00006E1801610000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801610000
|
Size: |
61440
|
|
4F18002BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2086505850.00004F18002BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F18002BC000
|
Size: |
4096
|
|
6E1800CA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2102798190.00006E1800CA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800CA0000
|
Size: |
16384
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6E1801900000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2141195279.00006E1801900000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801900000
|
Size: |
8192
|
|
67E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1958646808.00000000067E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67E0000
|
Size: |
65536
|
|
67F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1959779895.00000000067F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67F0000
|
Size: |
65536
|
|
29520907000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104233712.0000029520907000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520907000
|
Size: |
40960
|
|
3A02000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.0000000003A02000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3A02000
|
Size: |
4096
|
|
6B00000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1952306962.0000000006B00000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6B00000
|
Size: |
65536
|
|
510000
|
unkown
|
page write copy
|
|
|
|
Name: |
00000000.00000000.1706714533.0000000000510000.00000008.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page write copy
|
Base address: |
510000
|
Size: |
16384
|
|
69D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1967836501.00000000069D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69D0000
|
Size: |
61440
|
|
6790000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1944155210.0000000006790000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6790000
|
Size: |
65536
|
|
3923000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.0000000003923000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3923000
|
Size: |
12288
|
|
37AC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037AC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37AC000
|
Size: |
4096
|
|
3969000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003969000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3969000
|
Size: |
4096
|
|
399B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.000000000399B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
399B000
|
Size: |
8192
|
|
6E1801900000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2125341637.00006E1801900000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801900000
|
Size: |
65536
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1975400781.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
61440
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1968268664.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
3856000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003856000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3856000
|
Size: |
4096
|
|
6E1801914000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2126101265.00006E1801914000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801914000
|
Size: |
110592
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
39B6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039B6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39B6000
|
Size: |
4096
|
|
304F000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2482583777.000000000304F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
304F000
|
Size: |
4096
|
|
3405000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003405000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3405000
|
Size: |
49152
|
|
6E1801A88000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2132422027.00006E1801A88000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801A88000
|
Size: |
45056
|
|
295208F6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104413054.00000295208F6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F6000
|
Size: |
45056
|
|
295208EC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096730547.00000295208EC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208EC000
|
Size: |
4096
|
|
3965000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003965000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3965000
|
Size: |
12288
|
|
6E1800C3C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2101491092.00006E1800C3C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800C3C000
|
Size: |
28672
|
|
2832000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1938738723.0000000002832000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2832000
|
Size: |
8192
|
|
50B000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1984999398.000000000050B000.00000004.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
50B000
|
Size: |
4096
|
|
366E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.000000000366E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
366E000
|
Size: |
4096
|
|
6967000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1957785508.0000000006967000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6967000
|
Size: |
36864
|
|
6A1B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1970915489.0000000006A1B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A1B000
|
Size: |
20480
|
|
2CA0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2483502482.0000000002CA0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2CA0000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1965917874.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
28672
|
|
39BF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.00000000039BF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
39BF000
|
Size: |
24576
|
|
6E1801370000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2120640922.00006E1801370000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801370000
|
Size: |
53248
|
|
69E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1966756854.00000000069E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69E0000
|
Size: |
12288
|
|
37EF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037EF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37EF000
|
Size: |
45056
|
|
6E1800F70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2120050962.00006E1800F70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800F70000
|
Size: |
40960
|
|
33C00698000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091017101.0000033C00698000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00698000
|
Size: |
77824
|
|
6E180033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2123512404.00006E180033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180033C000
|
Size: |
8192
|
|
682A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1954486493.000000000682A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
682A000
|
Size: |
24576
|
|
6890000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943581034.0000000006890000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6890000
|
Size: |
65536
|
|
6E18019DC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2128349146.00006E18019DC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18019DC000
|
Size: |
16384
|
|
295208E4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096864765.00000295208E4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E4000
|
Size: |
4096
|
|
6805000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1963500759.0000000006805000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6805000
|
Size: |
12288
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1962561660.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
32768
|
|
67E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943994600.00000000067E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67E0000
|
Size: |
16384
|
|
6E180033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2103396071.00006E180033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180033C000
|
Size: |
8192
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
33C003EC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090552730.0000033C003EC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C003EC000
|
Size: |
8192
|
|
38D1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.00000000038D1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
38D1000
|
Size: |
8192
|
|
39F6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.00000000039F6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
39F6000
|
Size: |
4096
|
|
3693000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003693000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3693000
|
Size: |
4096
|
|
67D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1955419651.00000000067D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67D0000
|
Size: |
65536
|
|
2B30000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1989117459.0000000002B30000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
2B30000
|
Size: |
1658880
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6E180033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2093810638.00006E180033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180033C000
|
Size: |
8192
|
|
6E1800C20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2122085398.00006E1800C20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800C20000
|
Size: |
16384
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1965325593.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1969348584.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
12288
|
|
295208DC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096813435.00000295208DC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208DC000
|
Size: |
12288
|
|
29520905000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2102596022.0000029520905000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520905000
|
Size: |
8192
|
|
6E18016A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135930188.00006E18016A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18016A8000
|
Size: |
61440
|
|
295208E4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096730547.00000295208E4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E4000
|
Size: |
16384
|
|
968000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1985156577.0000000000968000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
968000
|
Size: |
16384
|
|
39D1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039D1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39D1000
|
Size: |
20480
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961038693.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
4096
|
|
1D4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1939302395.00000000001D4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D4000
|
Size: |
4096
|
|
6E1800ED8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2106206410.00006E1800ED8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800ED8000
|
Size: |
53248
|
|
3FA0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2398175552.0000000003FA0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3FA0000
|
Size: |
4096
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6E1800344000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2155645031.00006E1800344000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800344000
|
Size: |
12288
|
|
33C00620000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090802089.0000033C00620000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00620000
|
Size: |
126976
|
|
67F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1949676996.00000000067F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67F0000
|
Size: |
65536
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1969840664.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
36864
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1968874279.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
368B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000368B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
368B000
|
Size: |
4096
|
|
34AD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000034AD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34AD000
|
Size: |
4096
|
|
3469000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003469000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3469000
|
Size: |
45056
|
|
3D20000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2396559058.0000000003D20000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3D20000
|
Size: |
40960
|
|
38D4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000038D4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38D4000
|
Size: |
4096
|
|
3D1A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2396559058.0000000003D1A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3D1A000
|
Size: |
20480
|
|
33C00730000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091457032.0000033C00730000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00730000
|
Size: |
77824
|
|
67E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1956773960.00000000067E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67E0000
|
Size: |
65536
|
|
29520904000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2102101608.0000029520904000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520904000
|
Size: |
8192
|
|
33C00614000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090903719.0000033C00614000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00614000
|
Size: |
49152
|
|
295208E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2097558351.00000295208E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E7000
|
Size: |
8192
|
|
37E8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037E8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37E8000
|
Size: |
12288
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1968175723.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
20480
|
|
4F18002C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2087134178.00004F18002C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F18002C8000
|
Size: |
4096
|
|
2DC0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2482415398.0000000002DC0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2DC0000
|
Size: |
4096
|
|
33C00630000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090824727.0000033C00630000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00630000
|
Size: |
61440
|
|
6E1800C29000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2123621084.00006E1800C29000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800C29000
|
Size: |
16384
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6E1801564000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134194207.00006E1801564000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801564000
|
Size: |
16384
|
|
6E1800C25000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2137860334.00006E1800C25000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800C25000
|
Size: |
12288
|
|
57EF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2014880060.00000000057EF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
57EF000
|
Size: |
4096
|
|
2563000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1987082823.0000000002563000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2563000
|
Size: |
40960
|
|
67E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1955371637.00000000067E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67E0000
|
Size: |
65536
|
|
295208E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2098724332.00000295208E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E7000
|
Size: |
8192
|
|
69F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1957257650.00000000069F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69F0000
|
Size: |
65536
|
|
3907000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.0000000003907000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3907000
|
Size: |
12288
|
|
2952092A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104314782.000002952092A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2952092A000
|
Size: |
4096
|
|
26FC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2482902193.00000000026FC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
26FC000
|
Size: |
16384
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1955256970.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
65536
|
|
67E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1956057667.00000000067E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67E0000
|
Size: |
65536
|
|
6E18002A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2102000143.00006E18002A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18002A4000
|
Size: |
28672
|
|
295208ED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2097509744.00000295208ED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208ED000
|
Size: |
24576
|
|
6E1801544000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134223020.00006E1801544000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801544000
|
Size: |
61440
|
|
295208ED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2097432847.00000295208ED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208ED000
|
Size: |
24576
|
|
3588000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003588000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3588000
|
Size: |
4096
|
|
6E1801B40000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2126063202.00006E1801B40000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801B40000
|
Size: |
65536
|
|
6E1800F10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2137771024.00006E1800F10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800F10000
|
Size: |
110592
|
|
6E180194C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2127353812.00006E180194C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180194C000
|
Size: |
61440
|
|
6890000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1954113063.0000000006890000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6890000
|
Size: |
65536
|
|
4F18002BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2086434033.00004F18002BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F18002BC000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961181248.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
68B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1953951642.00000000068B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
68B0000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961778065.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1967885742.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
59BF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2015118518.00000000059BF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
59BF000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961277253.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
295208E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096945560.00000295208E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E0000
|
Size: |
16384
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961340774.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
3A42000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.0000000003A42000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3A42000
|
Size: |
4096
|
|
2CFC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2391858342.0000000002CFC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2CFC000
|
Size: |
16384
|
|
4B72000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2399125840.0000000004B72000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4B72000
|
Size: |
4096
|
|
68C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1953917560.00000000068C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
68C0000
|
Size: |
65536
|
|
295208EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100169971.00000295208EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208EE000
|
Size: |
16384
|
|
342D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000342D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
342D000
|
Size: |
4096
|
|
6A20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1952867265.0000000006A20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A20000
|
Size: |
8192
|
|
34C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000034C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34C0000
|
Size: |
28672
|
|
3BEA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2396559058.0000000003BEA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3BEA000
|
Size: |
4096
|
|
36E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000036E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
36E4000
|
Size: |
16384
|
|
29520916000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2102759825.0000029520916000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520916000
|
Size: |
4096
|
|
349C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000349C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
349C000
|
Size: |
4096
|
|
3230000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991232099.0000000003230000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3230000
|
Size: |
65536
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1966911733.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
65536
|
|
3657000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003657000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3657000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1969288753.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
45056
|
|
6E1800C1C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2137860334.00006E1800C1C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800C1C000
|
Size: |
8192
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
5AA0000
|
trusted library section
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2015534955.0000000005AA0000.00000004.08000000.00040000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page read and write
|
Base address: |
5AA0000
|
Size: |
2367488
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
URLs found in memory or binary data |
Networking |
|
|
276E000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2482965743.000000000276E000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
276E000
|
Size: |
8192
|
|
6E1801850000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2125341637.00006E1801850000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801850000
|
Size: |
110592
|
|
6E1801648000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135083425.00006E1801648000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801648000
|
Size: |
77824
|
|
295208ED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2097746253.00000295208ED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208ED000
|
Size: |
24576
|
|
35F8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035F8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35F8000
|
Size: |
53248
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961091299.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
6E180247F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2139354141.00006E180247F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180247F000
|
Size: |
4096
|
|
37BF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037BF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37BF000
|
Size: |
20480
|
|
295208F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2099843890.00000295208F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F3000
|
Size: |
8192
|
|
6E1800C20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2137860334.00006E1800C20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800C20000
|
Size: |
16384
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
6E1801A54000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2130923220.00006E1801A54000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801A54000
|
Size: |
45056
|
|
4F18002BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2086559599.00004F18002BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F18002BC000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1962029216.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
20480
|
|
33C00688000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091063708.0000033C00688000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00688000
|
Size: |
65536
|
|
3A62000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.0000000003A62000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3A62000
|
Size: |
57344
|
|
39D9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039D9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39D9000
|
Size: |
4096
|
|
6E1800350000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2107602266.00006E1800350000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800350000
|
Size: |
12288
|
|
39E9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.00000000039E9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
39E9000
|
Size: |
4096
|
|
5F7000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000000.1706753950.00000000005F7000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
5F7000
|
Size: |
2510848
|
|
67B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1949857210.00000000067B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67B0000
|
Size: |
65536
|
|
3420000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003420000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3420000
|
Size: |
32768
|
|
36B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000036B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
36B0000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1970314817.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
28672
|
|
353F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000353F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
353F000
|
Size: |
4096
|
|
37CF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037CF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37CF000
|
Size: |
4096
|
|
342B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000342B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
342B000
|
Size: |
4096
|
|
6E1800F70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2139206501.00006E1800F70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800F70000
|
Size: |
4096
|
|
295208EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100874313.00000295208EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208EE000
|
Size: |
16384
|
|
39C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39C0000
|
Size: |
4096
|
|
397B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.000000000397B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
397B000
|
Size: |
12288
|
|
67E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1954717220.00000000067E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67E0000
|
Size: |
65536
|
|
6E18007E8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2107261985.00006E18007E8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18007E8000
|
Size: |
73728
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6E1800350000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2144392107.00006E1800350000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800350000
|
Size: |
12288
|
|
67B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1949268787.00000000067B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67B0000
|
Size: |
65536
|
|
68A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1954049073.00000000068A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
68A0000
|
Size: |
40960
|
|
3509000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003509000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3509000
|
Size: |
4096
|
|
4477000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2011205715.0000000004477000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4477000
|
Size: |
176128
|
|
67E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1957101205.00000000067E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67E0000
|
Size: |
16384
|
|
295208EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2099843890.00000295208EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208EE000
|
Size: |
16384
|
|
6A90000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1960209902.0000000006A90000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A90000
|
Size: |
65536
|
|
6B20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1952245049.0000000006B20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6B20000
|
Size: |
12288
|
|
39E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.00000000039E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
39E7000
|
Size: |
4096
|
|
33C00754000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091589147.0000033C00754000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00754000
|
Size: |
110592
|
|
29520911000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2103820718.0000029520911000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520911000
|
Size: |
40960
|
|
6E1801674000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135320141.00006E1801674000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801674000
|
Size: |
274432
|
|
6E1801584000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134457986.00006E1801584000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801584000
|
Size: |
61440
|
|
6E1801AA4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2132794909.00006E1801AA4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801AA4000
|
Size: |
61440
|
|
36FC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.00000000036FC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
36FC000
|
Size: |
81920
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6E1800ED8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2121364121.00006E1800ED8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800ED8000
|
Size: |
53248
|
|
6E1800350000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2107122450.00006E1800350000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800350000
|
Size: |
12288
|
|
67D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1955539363.00000000067D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67D0000
|
Size: |
65536
|
|
295208E6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096473459.00000295208E6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E6000
|
Size: |
8192
|
|
33C00310000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090267477.0000033C00310000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00310000
|
Size: |
65536
|
|
4CF2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2399125840.0000000004CF2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4CF2000
|
Size: |
4096
|
|
35A7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035A7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35A7000
|
Size: |
4096
|
|
67F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1959351709.00000000067F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67F0000
|
Size: |
61440
|
|
6E180122C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2110775579.00006E180122C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180122C000
|
Size: |
4096
|
|
4050000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2398175552.0000000004050000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4050000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1962214170.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
6E18002B8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2094138447.00006E18002B8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18002B8000
|
Size: |
4096
|
|
6E1801970000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2127410641.00006E1801970000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801970000
|
Size: |
77824
|
|
67E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1958209655.00000000067E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67E0000
|
Size: |
65536
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961575038.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
295208E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2097694133.00000295208E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E7000
|
Size: |
4096
|
|
69C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1964102114.00000000069C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69C0000
|
Size: |
65536
|
|
6E180195C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2127215716.00006E180195C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180195C000
|
Size: |
159744
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1963564438.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
20480
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1959970298.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
49152
|
|
6E18013A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2138004518.00006E18013A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18013A0000
|
Size: |
4096
|
|
6E18001F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2093049668.00006E18001F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18001F0000
|
Size: |
16384
|
|
67E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1956842407.00000000067E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67E0000
|
Size: |
16384
|
|
6E18015AC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134427339.00006E18015AC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18015AC000
|
Size: |
57344
|
|
2500000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1986938098.0000000002500000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2500000
|
Size: |
16384
|
|
372A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000372A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
372A000
|
Size: |
4096
|
|
6E1801580000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134251124.00006E1801580000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801580000
|
Size: |
77824
|
|
38FF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.00000000038FF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
38FF000
|
Size: |
8192
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961210266.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
255D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1987065055.000000000255D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
255D000
|
Size: |
4096
|
|
33C00330000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090429298.0000033C00330000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00330000
|
Size: |
4096
|
|
662F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2020165464.000000000662F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
662F000
|
Size: |
4096
|
|
295208E8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100087949.00000295208E8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E8000
|
Size: |
8192
|
|
36E1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.00000000036E1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
36E1000
|
Size: |
12288
|
|
50D000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1985022253.000000000050D000.00000004.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
50D000
|
Size: |
8192
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2020885835.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
35D3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035D3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35D3000
|
Size: |
4096
|
|
67C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1949822708.00000000067C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67C0000
|
Size: |
65536
|
|
3648000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.0000000003648000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3648000
|
Size: |
12288
|
|
6E1801338000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2120882513.00006E1801338000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801338000
|
Size: |
32768
|
|
35DB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035DB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35DB000
|
Size: |
4096
|
|
67D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1948808862.00000000067D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67D0000
|
Size: |
65536
|
|
4513000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2398562514.0000000004513000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4513000
|
Size: |
4096
|
|
6E180163C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135782019.00006E180163C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180163C000
|
Size: |
49152
|
|
3520000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003520000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3520000
|
Size: |
4096
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1964234968.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
65536
|
|
389F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000389F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
389F000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1966035931.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
6E1801A50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2131183518.00006E1801A50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801A50000
|
Size: |
16384
|
|
3627000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003627000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3627000
|
Size: |
4096
|
|
37C5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037C5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37C5000
|
Size: |
4096
|
|
295208FB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2105057424.00000295208FB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208FB000
|
Size: |
40960
|
|
3854000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003854000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3854000
|
Size: |
4096
|
|
1D4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1938805113.00000000001D4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D4000
|
Size: |
4096
|
|
39B7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.00000000039B7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
39B7000
|
Size: |
4096
|
|
3A0E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1983778072.0000000003A0E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3A0E000
|
Size: |
4096
|
|
6E18001D4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2093225004.00006E18001D4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18001D4000
|
Size: |
16384
|
|
295208F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100781807.00000295208F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F3000
|
Size: |
8192
|
|
6E1801AB4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2152827154.00006E1801AB4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801AB4000
|
Size: |
4096
|
|
39DD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.00000000039DD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
39DD000
|
Size: |
12288
|
|
6E1801990000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2127944532.00006E1801990000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801990000
|
Size: |
77824
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1962396330.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
36864
|
|
6960000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1956333171.0000000006960000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6960000
|
Size: |
28672
|
|
36CC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000036CC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
36CC000
|
Size: |
53248
|
|
38F1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000038F1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38F1000
|
Size: |
4096
|
|
295208E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2099843890.00000295208E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E7000
|
Size: |
12288
|
|
295208E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2097611782.00000295208E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E7000
|
Size: |
8192
|
|
33C00354000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090378952.0000033C00354000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00354000
|
Size: |
16384
|
|
69F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1960328864.00000000069F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69F0000
|
Size: |
65536
|
|
6830000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1949523188.0000000006830000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6830000
|
Size: |
28672
|
|
36A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000036A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
36A4000
|
Size: |
4096
|
|
33C00640000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090842303.0000033C00640000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00640000
|
Size: |
77824
|
|
67F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1955325933.00000000067F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67F0000
|
Size: |
65536
|
|
69D0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2021960120.00000000069D0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
69D0000
|
Size: |
65536
|
|
6E180181C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2137554309.00006E180181C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180181C000
|
Size: |
126976
|
|
69C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2021929148.00000000069C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69C0000
|
Size: |
4096
|
|
3496000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003496000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3496000
|
Size: |
4096
|
|
2A2F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1989004154.0000000002A2F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2A2F000
|
Size: |
4096
|
|
34CA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000034CA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34CA000
|
Size: |
4096
|
|
2952090C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2103767503.000002952090C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2952090C000
|
Size: |
16384
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1965567327.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
12288
|
|
6E1800DF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2103455538.00006E1800DF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800DF0000
|
Size: |
36864
|
|
3730000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003730000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3730000
|
Size: |
4096
|
|
6E18017A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2136827533.00006E18017A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18017A0000
|
Size: |
16384
|
|
3873000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003873000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3873000
|
Size: |
57344
|
|
33C006B4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091083498.0000033C006B4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C006B4000
|
Size: |
192512
|
|
3586000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003586000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3586000
|
Size: |
4096
|
|
33C0033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091753583.0000033C0033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C0033C000
|
Size: |
8192
|
|
6E1801660000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135221568.00006E1801660000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801660000
|
Size: |
16384
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1969463944.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
2952090C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2102759825.000002952090C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2952090C000
|
Size: |
8192
|
|
39C2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039C2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39C2000
|
Size: |
4096
|
|
6E18003A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2094221712.00006E18003A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18003A4000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1966434105.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
12288
|
|
69F0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2022168938.00000000069F0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
69F0000
|
Size: |
40960
|
|
6C60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1951333437.0000000006C60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6C60000
|
Size: |
65536
|
|
6E1801710000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2136157643.00006E1801710000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801710000
|
Size: |
114688
|
|
6E18002A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2109145705.00006E18002A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18002A4000
|
Size: |
8192
|
|
6830000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1964515856.0000000006830000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6830000
|
Size: |
36864
|
|
6E1801370000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2120449077.00006E1801370000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801370000
|
Size: |
53248
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1956557715.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
3691000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003691000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3691000
|
Size: |
4096
|
|
6E18011DC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2107844139.00006E18011DC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18011DC000
|
Size: |
16384
|
|
68F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1953816826.00000000068F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
68F0000
|
Size: |
12288
|
|
2951D47C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2095454310.000002951D47C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2951D47C000
|
Size: |
36864
|
|
4F1800248000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2086323250.00004F1800248000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F1800248000
|
Size: |
4096
|
|
33C006E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091708280.0000033C006E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C006E0000
|
Size: |
12288
|
|
3460000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003460000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3460000
|
Size: |
4096
|
|
295208EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100087949.00000295208EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208EE000
|
Size: |
16384
|
|
69D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1969435888.00000000069D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69D0000
|
Size: |
8192
|
|
69B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1953119943.00000000069B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69B0000
|
Size: |
65536
|
|
6E18002C4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2093608094.00006E18002C4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18002C4000
|
Size: |
4096
|
|
6950000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1956399114.0000000006950000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6950000
|
Size: |
65536
|
|
6E1801670000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135370273.00006E1801670000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801670000
|
Size: |
16384
|
|
2842000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1988692748.0000000002842000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2842000
|
Size: |
237568
|
|
295208E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100169971.00000295208E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E7000
|
Size: |
12288
|
|
38EF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.00000000038EF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
38EF000
|
Size: |
8192
|
|
6E1801A48000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2129222092.00006E1801A48000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801A48000
|
Size: |
94208
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1966129405.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
65536
|
|
3718000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003718000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3718000
|
Size: |
53248
|
|
365F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000365F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
365F000
|
Size: |
4096
|
|
257A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1987272451.000000000257A000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
257A000
|
Size: |
4096
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1963304470.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
20480
|
|
6830000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2021016871.0000000006830000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
6830000
|
Size: |
65536
|
|
6E180151C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2133846077.00006E180151C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180151C000
|
Size: |
16384
|
|
2CBE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2391824626.0000000002CBE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2CBE000
|
Size: |
8192
|
|
6E1801638000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135049104.00006E1801638000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801638000
|
Size: |
143360
|
|
383D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000383D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
383D000
|
Size: |
57344
|
|
67E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1958894091.00000000067E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67E0000
|
Size: |
53248
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1968725597.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
32768
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1964602428.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
3777000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003777000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3777000
|
Size: |
4096
|
|
295208E6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2098437914.00000295208E6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E6000
|
Size: |
12288
|
|
3512000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003512000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3512000
|
Size: |
53248
|
|
3973000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003973000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3973000
|
Size: |
4096
|
|
3673000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.0000000003673000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3673000
|
Size: |
12288
|
|
3886000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003886000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3886000
|
Size: |
4096
|
|
6B50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1971462851.0000000006B50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6B50000
|
Size: |
28672
|
|
355E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000355E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
355E000
|
Size: |
4096
|
|
3908000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003908000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3908000
|
Size: |
4096
|
|
33C00678000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091348260.0000033C00678000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00678000
|
Size: |
49152
|
|
3687000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.0000000003687000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3687000
|
Size: |
12288
|
|
29520919000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104744693.0000029520919000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520919000
|
Size: |
4096
|
|
35DD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035DD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35DD000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1974222823.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
53248
|
|
6E1800F70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2106965556.00006E1800F70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800F70000
|
Size: |
4096
|
|
3732000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003732000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3732000
|
Size: |
4096
|
|
2990000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2483132862.0000000002990000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2990000
|
Size: |
4096
|
|
69D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1942856759.00000000069D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69D0000
|
Size: |
65536
|
|
2E7F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1990948244.0000000002E7F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E7F000
|
Size: |
4096
|
|
295208E8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2099699896.00000295208E8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E8000
|
Size: |
4096
|
|
6E18014AC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2133739576.00006E18014AC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18014AC000
|
Size: |
49152
|
|
39A9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039A9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39A9000
|
Size: |
4096
|
|
3904000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003904000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3904000
|
Size: |
4096
|
|
6E18015E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134524802.00006E18015E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18015E0000
|
Size: |
114688
|
|
1D4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1939264753.00000000001D4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D4000
|
Size: |
4096
|
|
398E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000398E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
398E000
|
Size: |
4096
|
|
4695000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2011205715.0000000004695000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4695000
|
Size: |
4096
|
|
67E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1948682123.00000000067E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67E0000
|
Size: |
65536
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1971837400.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
6E180040C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2105079917.00006E180040C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180040C000
|
Size: |
151552
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found strings which match to known social media urls |
Networking |
|
|
33C00354000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090444406.0000033C00354000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00354000
|
Size: |
16384
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1967682463.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
4096
|
|
2CD2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1990667034.0000000002CD2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2CD2000
|
Size: |
4096
|
|
6E18002A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2120412042.00006E18002A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18002A8000
|
Size: |
36864
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6E1800C94000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2101911180.00006E1800C94000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800C94000
|
Size: |
32768
|
|
6E180175C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2136501109.00006E180175C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180175C000
|
Size: |
159744
|
|
6E1801704000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2136025564.00006E1801704000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801704000
|
Size: |
163840
|
|
3666000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.0000000003666000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3666000
|
Size: |
8192
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6E180114C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2107844139.00006E180114C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180114C000
|
Size: |
356352
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
33C002FC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090267477.0000033C002FC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C002FC000
|
Size: |
69632
|
|
6E1800CA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2106450695.00006E1800CA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800CA0000
|
Size: |
12288
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1967939252.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
4096
|
|
39DD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039DD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39DD000
|
Size: |
4096
|
|
6E1800380000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104433101.00006E1800380000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800380000
|
Size: |
61440
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found strings which match to known social media urls |
Networking |
|
|
2D30000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2482284002.0000000002D30000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2D30000
|
Size: |
4096
|
|
6E1800214000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2092891123.00006E1800214000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800214000
|
Size: |
16384
|
|
6A10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1974863325.0000000006A10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A10000
|
Size: |
8192
|
|
33C006D4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091243559.0000033C006D4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C006D4000
|
Size: |
61440
|
|
6E1801A44000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2129527011.00006E1801A44000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801A44000
|
Size: |
16384
|
|
69F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1971794519.00000000069F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69F0000
|
Size: |
36864
|
|
295208EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2099445532.00000295208EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208EE000
|
Size: |
16384
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1963828107.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
20480
|
|
6814000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1965567327.0000000006814000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6814000
|
Size: |
49152
|
|
33C0075C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091684658.0000033C0075C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C0075C000
|
Size: |
77824
|
|
24F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1986917403.00000000024F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
24F0000
|
Size: |
8192
|
|
6E180153C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2133966610.00006E180153C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180153C000
|
Size: |
94208
|
|
4C72000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2399125840.0000000004C72000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4C72000
|
Size: |
4096
|
|
6950000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1957861151.0000000006950000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6950000
|
Size: |
65536
|
|
59D1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2015230499.00000000059D1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59D1000
|
Size: |
61440
|
|
6E1802D28000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2155214593.00006E1802D28000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1802D28000
|
Size: |
24576
|
|
67F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1959585526.00000000067F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67F0000
|
Size: |
65536
|
|
3A12000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1983778072.0000000003A12000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3A12000
|
Size: |
4096
|
|
3A1C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1983778072.0000000003A1C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3A1C000
|
Size: |
16384
|
|
362D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000362D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
362D000
|
Size: |
4096
|
|
6E18002A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2103907351.00006E18002A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18002A4000
|
Size: |
8192
|
|
6970000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1957729378.0000000006970000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6970000
|
Size: |
65536
|
|
C7C000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2482204589.0000000000C7C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
C7C000
|
Size: |
16384
|
|
295208ED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2098582504.00000295208ED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208ED000
|
Size: |
24576
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1968413584.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
39C6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039C6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39C6000
|
Size: |
4096
|
|
3479000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003479000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3479000
|
Size: |
4096
|
|
6E18002A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2094105516.00006E18002A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18002A4000
|
Size: |
8192
|
|
6E1800234000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2092730374.00006E1800234000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800234000
|
Size: |
225280
|
|
29520927000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2102759825.0000029520927000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520927000
|
Size: |
12288
|
|
39DB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039DB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39DB000
|
Size: |
4096
|
|
3464000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003464000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3464000
|
Size: |
4096
|
|
3716000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.0000000003716000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3716000
|
Size: |
8192
|
|
6A10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1971572642.0000000006A10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A10000
|
Size: |
40960
|
|
2B26000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1989028343.0000000002B26000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2B26000
|
Size: |
40960
|
|
6E1801B88000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2139747046.00006E1801B88000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801B88000
|
Size: |
12288
|
|
295208D4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096249808.00000295208D4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208D4000
|
Size: |
4096
|
|
295208D8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096608208.00000295208D8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208D8000
|
Size: |
8192
|
|
67D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1950443607.00000000067D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67D0000
|
Size: |
65536
|
|
6E1800218000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2092812151.00006E1800218000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800218000
|
Size: |
49152
|
|
6E1801790000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2136755294.00006E1801790000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801790000
|
Size: |
180224
|
|
3610000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003610000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3610000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1967509886.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
12288
|
|
6E18004A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2094532501.00006E18004A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18004A0000
|
Size: |
20480
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
369D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.000000000369D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
369D000
|
Size: |
4096
|
|
6E1800CA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2108098602.00006E1800CA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800CA0000
|
Size: |
40960
|
|
6880000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943617152.0000000006880000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6880000
|
Size: |
65536
|
|
6E180033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2107669291.00006E180033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180033C000
|
Size: |
8192
|
|
3769000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003769000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3769000
|
Size: |
4096
|
|
295208E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096813435.00000295208E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E0000
|
Size: |
16384
|
|
295208E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2101032561.00000295208E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E7000
|
Size: |
16384
|
|
295208E8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2099562755.00000295208E8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E8000
|
Size: |
8192
|
|
35D9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035D9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35D9000
|
Size: |
4096
|
|
7E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2388997516.00000000007E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7E0000
|
Size: |
8192
|
|
4F18002B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2086901485.00004F18002B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F18002B0000
|
Size: |
4096
|
|
4C5C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2399125840.0000000004C5C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4C5C000
|
Size: |
4096
|
|
6E18001EC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2093071302.00006E18001EC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18001EC000
|
Size: |
16384
|
|
69D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1960421214.00000000069D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69D0000
|
Size: |
36864
|
|
295208ED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2097471803.00000295208ED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208ED000
|
Size: |
24576
|
|
34A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000034A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34A0000
|
Size: |
40960
|
|
2CD0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1990644822.0000000002CD0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2CD0000
|
Size: |
4096
|
|
96E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1985156577.000000000096E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
96E000
|
Size: |
200704
|
|
2952090C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104977624.000002952090C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2952090C000
|
Size: |
16384
|
|
295208EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2099211779.00000295208EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208EE000
|
Size: |
16384
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961948808.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
6A10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1983380431.0000000006A10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A10000
|
Size: |
65536
|
|
6E180159C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134354051.00006E180159C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180159C000
|
Size: |
122880
|
|
69F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1971919870.00000000069F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69F0000
|
Size: |
12288
|
|
67C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1949942538.00000000067C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67C0000
|
Size: |
65536
|
|
6E1800330000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2093789458.00006E1800330000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800330000
|
Size: |
8192
|
|
3D49000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2396559058.0000000003D49000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3D49000
|
Size: |
176128
|
|
295208ED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2098483750.00000295208ED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208ED000
|
Size: |
24576
|
|
69E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1968469912.00000000069E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69E0000
|
Size: |
12288
|
|
34D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000034D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34D0000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1960015509.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
57344
|
|
39C9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.00000000039C9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
39C9000
|
Size: |
4096
|
|
6E1801284000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2137668288.00006E1801284000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801284000
|
Size: |
143360
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961804695.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
295208E8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100400663.00000295208E8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E8000
|
Size: |
8192
|
|
67A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1944133577.00000000067A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67A0000
|
Size: |
65536
|
|
295208E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100951462.00000295208E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E7000
|
Size: |
16384
|
|
6E180100C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2106478803.00006E180100C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180100C000
|
Size: |
98304
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
3582000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003582000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3582000
|
Size: |
4096
|
|
295208E8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100677614.00000295208E8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E8000
|
Size: |
8192
|
|
3435000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003435000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3435000
|
Size: |
4096
|
|
372E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000372E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
372E000
|
Size: |
4096
|
|
A43000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1954927906.0000000000A43000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A43000
|
Size: |
81920
|
|
6E1801690000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135532674.00006E1801690000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801690000
|
Size: |
159744
|
|
6A10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1960251273.0000000006A10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A10000
|
Size: |
65536
|
|
6E180168C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135495773.00006E180168C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180168C000
|
Size: |
176128
|
|
33C00380000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090666191.0000033C00380000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00380000
|
Size: |
65536
|
|
6994000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1953202221.0000000006994000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6994000
|
Size: |
36864
|
|
6E18017DC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2137467044.00006E18017DC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18017DC000
|
Size: |
16384
|
|
6E1800C58000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2101761112.00006E1800C58000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800C58000
|
Size: |
61440
|
|
6E18019A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2131482145.00006E18019A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18019A8000
|
Size: |
49152
|
|
6E1800454000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2103193593.00006E1800454000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800454000
|
Size: |
221184
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
29520907000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2105057424.0000029520907000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520907000
|
Size: |
36864
|
|
3906000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003906000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3906000
|
Size: |
4096
|
|
29C1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2483199316.00000000029C1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29C1000
|
Size: |
24576
|
|
372C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000372C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
372C000
|
Size: |
4096
|
|
32B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392131440.00000000032B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
32B0000
|
Size: |
4096
|
|
295208F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104663495.00000295208F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F0000
|
Size: |
8192
|
|
3C60000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2396559058.0000000003C60000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3C60000
|
Size: |
4096
|
|
6E1801668000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135292421.00006E1801668000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801668000
|
Size: |
16384
|
|
CDF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1986812273.0000000000CDF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
CDF000
|
Size: |
4096
|
|
6E1801A2C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2128931366.00006E1801A2C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801A2C000
|
Size: |
94208
|
|
960000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1985156577.0000000000960000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
960000
|
Size: |
24576
|
|
6E1800C29000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2137860334.00006E1800C29000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800C29000
|
Size: |
16384
|
|
6A90000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1970842640.0000000006A90000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A90000
|
Size: |
65536
|
|
6E18002A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2122764747.00006E18002A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18002A4000
|
Size: |
28672
|
|
6E1801A28000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2128795794.00006E1801A28000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801A28000
|
Size: |
110592
|
|
2576000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1987246040.0000000002576000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
2576000
|
Size: |
8192
|
|
6E1801358000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2120538128.00006E1801358000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801358000
|
Size: |
94208
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6C30000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1951500626.0000000006C30000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6C30000
|
Size: |
65536
|
|
36F6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.00000000036F6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
36F6000
|
Size: |
8192
|
|
6E180100C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2139818394.00006E180100C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180100C000
|
Size: |
102400
|
|
295208F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2099445532.00000295208F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F3000
|
Size: |
8192
|
|
4688000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2398562514.0000000004688000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4688000
|
Size: |
4096
|
|
6C80000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1951154625.0000000006C80000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6C80000
|
Size: |
65536
|
|
6C40000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1951448125.0000000006C40000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6C40000
|
Size: |
65536
|
|
36AC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000036AC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
36AC000
|
Size: |
4096
|
|
399D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000399D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
399D000
|
Size: |
4096
|
|
38D9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000038D9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38D9000
|
Size: |
53248
|
|
366B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.000000000366B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
366B000
|
Size: |
8192
|
|
6E18019C4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2128234763.00006E18019C4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18019C4000
|
Size: |
16384
|
|
67D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1944025966.00000000067D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67D0000
|
Size: |
65536
|
|
36C5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000036C5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
36C5000
|
Size: |
4096
|
|
349A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000349A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
349A000
|
Size: |
4096
|
|
69F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1971660198.00000000069F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69F0000
|
Size: |
65536
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961835438.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
3648000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003648000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3648000
|
Size: |
4096
|
|
3728000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003728000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3728000
|
Size: |
4096
|
|
6E1801260000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2120090994.00006E1801260000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801260000
|
Size: |
135168
|
|
6E18019A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2127855511.00006E18019A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18019A4000
|
Size: |
81920
|
|
3401000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003401000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3401000
|
Size: |
4096
|
|
6E18014E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2133703625.00006E18014E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18014E0000
|
Size: |
176128
|
|
400000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000000.1706610173.0000000000400000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
400000
|
Size: |
4096
|
|
9C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1984874178.000000000009C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
9C000
|
Size: |
16384
|
|
6E1801598000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134384626.00006E1801598000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801598000
|
Size: |
16384
|
|
34C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000034C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34C8000
|
Size: |
4096
|
|
3640000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.0000000003640000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3640000
|
Size: |
4096
|
|
6960000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1955046904.0000000006960000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6960000
|
Size: |
12288
|
|
6E1801A24000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2128729196.00006E1801A24000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801A24000
|
Size: |
126976
|
|
790000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2388858718.0000000000790000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
790000
|
Size: |
4096
|
|
24CE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1986844894.00000000024CE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
24CE000
|
Size: |
8192
|
|
3560000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003560000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3560000
|
Size: |
4096
|
|
37A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37A8000
|
Size: |
4096
|
|
6E18016DC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135991225.00006E18016DC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18016DC000
|
Size: |
16384
|
|
35C7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035C7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35C7000
|
Size: |
45056
|
|
6E18017B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2136883952.00006E18017B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18017B0000
|
Size: |
49152
|
|
33C006FC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091286530.0000033C006FC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C006FC000
|
Size: |
94208
|
|
44E8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2398562514.00000000044E8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
44E8000
|
Size: |
4096
|
|
6E18016E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135857512.00006E18016E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18016E0000
|
Size: |
143360
|
|
36A6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000036A6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
36A6000
|
Size: |
4096
|
|
3781000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003781000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3781000
|
Size: |
94208
|
|
38E2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.00000000038E2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
38E2000
|
Size: |
32768
|
|
6E1800CA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2109103961.00006E1800CA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800CA0000
|
Size: |
16384
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6E1801930000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2126556329.00006E1801930000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801930000
|
Size: |
16384
|
|
6E180170C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2136106409.00006E180170C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180170C000
|
Size: |
131072
|
|
38A9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000038A9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38A9000
|
Size: |
139264
|
|
6E1800304000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096207435.00006E1800304000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800304000
|
Size: |
12288
|
|
4028000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2398175552.0000000004028000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4028000
|
Size: |
4096
|
|
6E1801784000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2136550581.00006E1801784000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801784000
|
Size: |
229376
|
|
69C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1953081742.00000000069C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69C0000
|
Size: |
65536
|
|
2831000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1939460064.0000000002831000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2831000
|
Size: |
4096
|
|
295208DC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096249808.00000295208DC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208DC000
|
Size: |
16384
|
|
3B80000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2396559058.0000000003B80000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3B80000
|
Size: |
4096
|
|
343C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000343C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
343C000
|
Size: |
118784
|
|
3550000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003550000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3550000
|
Size: |
20480
|
|
6E1801918000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2126271809.00006E1801918000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801918000
|
Size: |
16384
|
|
67F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1955877048.00000000067F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67F0000
|
Size: |
65536
|
|
29520919000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104072382.0000029520919000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520919000
|
Size: |
4096
|
|
6B10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1952271398.0000000006B10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6B10000
|
Size: |
65536
|
|
6E1800F38000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2106760205.00006E1800F38000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800F38000
|
Size: |
16384
|
|
6E1800C1C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2102872529.00006E1800C1C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800C1C000
|
Size: |
12288
|
|
33C00644000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090885889.0000033C00644000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00644000
|
Size: |
61440
|
|
45B3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2398562514.00000000045B3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
45B3000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1969136830.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
20480
|
|
6992000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1953202221.0000000006992000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6992000
|
Size: |
4096
|
|
6A00000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2022248028.0000000006A00000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
6A00000
|
Size: |
65536
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1959743333.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
49152
|
|
6E18001E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2093117573.00006E18001E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18001E4000
|
Size: |
16384
|
|
420000
|
remote allocation
|
page execute and read and write
|
|
|
|
Name: |
00000004.00000002.2388266536.0000000000420000.00000040.00000400.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
remote allocation
|
Protect: |
page execute and read and write
|
Base address: |
420000
|
Size: |
8192
|
|
6A20000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2022359245.0000000006A20000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
6A20000
|
Size: |
65536
|
|
368D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000368D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
368D000
|
Size: |
4096
|
|
295208ED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2097137950.00000295208ED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208ED000
|
Size: |
24576
|
|
2952090B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2102596022.000002952090B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2952090B000
|
Size: |
12288
|
|
6E18001C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2093501358.00006E18001C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18001C8000
|
Size: |
49152
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6E1800FD4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2121130556.00006E1800FD4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800FD4000
|
Size: |
53248
|
|
3850000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003850000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3850000
|
Size: |
4096
|
|
6A10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1970915489.0000000006A10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A10000
|
Size: |
40960
|
|
3971000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003971000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3971000
|
Size: |
4096
|
|
359F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000359F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
359F000
|
Size: |
4096
|
|
6E1800F38000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2137771024.00006E1800F38000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800F38000
|
Size: |
36864
|
|
6E18002F3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2093849128.00006E18002F3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18002F3000
|
Size: |
8192
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1958707366.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
20480
|
|
3816000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003816000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3816000
|
Size: |
98304
|
|
27AE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2483025261.00000000027AE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
27AE000
|
Size: |
8192
|
|
6E180002C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091599547.00006E180002C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180002C000
|
Size: |
4096
|
|
295208EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100475253.00000295208EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208EE000
|
Size: |
16384
|
|
6E18017E8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2137606517.00006E18017E8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18017E8000
|
Size: |
61440
|
|
69F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1970995622.00000000069F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69F0000
|
Size: |
65536
|
|
AEC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2389090492.0000000000AEC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
AEC000
|
Size: |
4096
|
|
69D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1957372703.00000000069D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69D0000
|
Size: |
65536
|
|
6B5B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1970754256.0000000006B5B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6B5B000
|
Size: |
20480
|
|
67E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1956943712.00000000067E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67E0000
|
Size: |
65536
|
|
2C90000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2483476596.0000000002C90000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2C90000
|
Size: |
8192
|
|
A35000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1985156577.0000000000A35000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A35000
|
Size: |
172032
|
|
33C00714000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091387595.0000033C00714000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00714000
|
Size: |
53248
|
|
3F81000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2398175552.0000000003F81000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3F81000
|
Size: |
4096
|
|
6E1801628000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134919015.00006E1801628000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801628000
|
Size: |
208896
|
|
4F18002BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2086839511.00004F18002BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F18002BC000
|
Size: |
4096
|
|
6E18014B8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2133471724.00006E18014B8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18014B8000
|
Size: |
94208
|
|
32D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392158683.00000000032D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
32D0000
|
Size: |
32768
|
|
38A1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000038A1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38A1000
|
Size: |
4096
|
|
37E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37E0000
|
Size: |
4096
|
|
254C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1986969307.000000000254C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
254C000
|
Size: |
16384
|
|
6830000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1964147961.0000000006830000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6830000
|
Size: |
65536
|
|
6E18017A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2136855616.00006E18017A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18017A8000
|
Size: |
81920
|
|
6830000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1955111861.0000000006830000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6830000
|
Size: |
65536
|
|
6E18016CC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135810805.00006E18016CC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18016CC000
|
Size: |
225280
|
|
36DC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000036DC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
36DC000
|
Size: |
4096
|
|
6E1800F4C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2125653891.00006E1800F4C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800F4C000
|
Size: |
143360
|
|
6B30000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1952123191.0000000006B30000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6B30000
|
Size: |
225280
|
|
6E1800224000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2092783997.00006E1800224000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800224000
|
Size: |
16384
|
|
6E18014C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2133671729.00006E18014C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18014C0000
|
Size: |
61440
|
|
6AB0000
|
trusted library section
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2023009276.0000000006AB0000.00000004.08000000.00040000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page read and write
|
Base address: |
6AB0000
|
Size: |
286720
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
URLs found in memory or binary data |
Networking |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
7DE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2388932922.00000000007DE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
7DE000
|
Size: |
8192
|
|
6E1800C29000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2122085398.00006E1800C29000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800C29000
|
Size: |
16384
|
|
6E18002F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2093849128.00006E18002F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18002F0000
|
Size: |
4096
|
|
6E180190B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2141195279.00006E180190B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180190B000
|
Size: |
4096
|
|
B9F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1986759109.0000000000B9F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
B9F000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1969588259.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
12288
|
|
6E1801218000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2108165024.00006E1801218000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801218000
|
Size: |
53248
|
|
36C1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000036C1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
36C1000
|
Size: |
4096
|
|
38CC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000038CC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38CC000
|
Size: |
4096
|
|
67FC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1958833459.00000000067FC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67FC000
|
Size: |
16384
|
|
3FD8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2398175552.0000000003FD8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3FD8000
|
Size: |
4096
|
|
6E18014BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2133507938.00006E18014BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18014BC000
|
Size: |
77824
|
|
3AED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2396434281.0000000003AED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3AED000
|
Size: |
12288
|
|
6E180131C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2120976777.00006E180131C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180131C000
|
Size: |
53248
|
|
36DA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000036DA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
36DA000
|
Size: |
4096
|
|
39DF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039DF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39DF000
|
Size: |
77824
|
|
6E1801370000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2120795066.00006E1801370000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801370000
|
Size: |
53248
|
|
3990000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003990000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3990000
|
Size: |
4096
|
|
6830000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1960500414.0000000006830000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6830000
|
Size: |
57344
|
|
4F18002A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2086455640.00004F18002A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F18002A0000
|
Size: |
4096
|
|
37C9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037C9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37C9000
|
Size: |
4096
|
|
6E1800210000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2092937069.00006E1800210000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800210000
|
Size: |
16384
|
|
37B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37B0000
|
Size: |
4096
|
|
295208F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2099211779.00000295208F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F3000
|
Size: |
8192
|
|
6E18007E8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2125825580.00006E18007E8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18007E8000
|
Size: |
65536
|
|
6940000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1953557802.0000000006940000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6940000
|
Size: |
65536
|
|
33C00390000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090568168.0000033C00390000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00390000
|
Size: |
372736
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
3689000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003689000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3689000
|
Size: |
4096
|
|
6E18001AC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2094016395.00006E18001AC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18001AC000
|
Size: |
4096
|
|
33C0080C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2130156682.0000033C0080C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C0080C000
|
Size: |
323584
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6BC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1951908118.0000000006BC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6BC0000
|
Size: |
65536
|
|
373F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000373F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
373F000
|
Size: |
4096
|
|
38C2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.00000000038C2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
38C2000
|
Size: |
12288
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1962358860.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
20480
|
|
9EC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1940409076.00000000009EC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
9EC000
|
Size: |
98304
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
|
6E180020C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2092968891.00006E180020C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180020C000
|
Size: |
16384
|
|
347B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000347B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
347B000
|
Size: |
4096
|
|
6E1800304000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2125218277.00006E1800304000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800304000
|
Size: |
24576
|
|
6E18019B4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2128109027.00006E18019B4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18019B4000
|
Size: |
16384
|
|
3C35000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2396559058.0000000003C35000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3C35000
|
Size: |
4096
|
|
6E1800EA8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2103540691.00006E1800EA8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800EA8000
|
Size: |
4096
|
|
4F18002C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2086645653.00004F18002C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F18002C0000
|
Size: |
4096
|
|
59C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2015166413.00000000059C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
59C0000
|
Size: |
36864
|
|
6E1801284000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2120299521.00006E1801284000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801284000
|
Size: |
135168
|
|
6E1800F7C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2105778462.00006E1800F7C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800F7C000
|
Size: |
20480
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1963020332.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
65536
|
|
3734000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003734000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3734000
|
Size: |
32768
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1965150730.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
49152
|
|
33C006D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091174683.0000033C006D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C006D0000
|
Size: |
77824
|
|
3A00000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003A00000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3A00000
|
Size: |
4096
|
|
3414000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003414000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3414000
|
Size: |
4096
|
|
6840000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2021103315.0000000006840000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
6840000
|
Size: |
65536
|
|
4698000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2011205715.0000000004698000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4698000
|
Size: |
139264
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1947875326.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
65536
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1963758114.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
16384
|
|
33C00424000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2095373885.0000033C00424000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00424000
|
Size: |
4096
|
|
6E180022C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2092616958.00006E180022C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180022C000
|
Size: |
258048
|
|
350D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000350D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
350D000
|
Size: |
4096
|
|
370D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000370D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
370D000
|
Size: |
4096
|
|
67EE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1958894091.00000000067EE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67EE000
|
Size: |
8192
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1971060439.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
6770000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1944200064.0000000006770000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6770000
|
Size: |
65536
|
|
39AB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039AB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39AB000
|
Size: |
8192
|
|
6E1801240000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2139250421.00006E1801240000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801240000
|
Size: |
77824
|
|
295208F6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2103959526.00000295208F6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F6000
|
Size: |
4096
|
|
2835000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1938738723.0000000002835000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2835000
|
Size: |
8192
|
|
6E18007E8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2101564269.00006E18007E8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18007E8000
|
Size: |
69632
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
36CE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.00000000036CE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
36CE000
|
Size: |
36864
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1969527161.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
20480
|
|
36EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.00000000036EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
36EE000
|
Size: |
4096
|
|
6A80000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1952629269.0000000006A80000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A80000
|
Size: |
65536
|
|
6E1801744000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2137182063.00006E1801744000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801744000
|
Size: |
61440
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1970247854.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
6E1801624000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134957914.00006E1801624000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801624000
|
Size: |
16384
|
|
5CF0000
|
trusted library section
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2018724674.0000000005CF0000.00000004.08000000.00040000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page read and write
|
Base address: |
5CF0000
|
Size: |
1077248
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
|
295208E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2097072495.00000295208E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E7000
|
Size: |
8192
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1967250659.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
45056
|
|
6E1801774000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2137253861.00006E1801774000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801774000
|
Size: |
61440
|
|
33C00694000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091226889.0000033C00694000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00694000
|
Size: |
16384
|
|
38D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000038D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38D0000
|
Size: |
4096
|
|
34AF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000034AF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34AF000
|
Size: |
4096
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1949557992.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
65536
|
|
69D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1967465460.00000000069D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69D0000
|
Size: |
40960
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1970117539.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
61440
|
|
6858000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1954972538.0000000006858000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6858000
|
Size: |
4096
|
|
6950000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943208033.0000000006950000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6950000
|
Size: |
65536
|
|
2E07000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2482496591.0000000002E07000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E07000
|
Size: |
49152
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1965407962.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
6E180033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2158455948.00006E180033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180033C000
|
Size: |
8192
|
|
6E18015C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134643470.00006E18015C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18015C0000
|
Size: |
77824
|
|
353D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000353D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
353D000
|
Size: |
4096
|
|
295208F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2105161794.00000295208F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F0000
|
Size: |
8192
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1960871988.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
57344
|
|
37FD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037FD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37FD000
|
Size: |
4096
|
|
6E18017D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2137098817.00006E18017D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18017D0000
|
Size: |
16384
|
|
6E18001E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2093138193.00006E18001E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18001E0000
|
Size: |
16384
|
|
3437000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003437000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3437000
|
Size: |
4096
|
|
69D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1969025703.00000000069D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69D0000
|
Size: |
32768
|
|
36E2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000036E2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
36E2000
|
Size: |
4096
|
|
6E18016E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2137058951.00006E18016E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18016E4000
|
Size: |
49152
|
|
45C8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2398562514.00000000045C8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
45C8000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1968134141.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
12288
|
|
6C10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1951648792.0000000006C10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6C10000
|
Size: |
65536
|
|
6AF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1952355205.0000000006AF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6AF0000
|
Size: |
65536
|
|
6770000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2020253881.0000000006770000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6770000
|
Size: |
49152
|
|
3852000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003852000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3852000
|
Size: |
4096
|
|
6E18014F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134103290.00006E18014F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18014F0000
|
Size: |
49152
|
|
67C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1950483667.00000000067C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67C0000
|
Size: |
65536
|
|
38DB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.00000000038DB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
38DB000
|
Size: |
4096
|
|
374F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000374F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
374F000
|
Size: |
32768
|
|
B78000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2389518056.0000000000B78000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
B78000
|
Size: |
241664
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found many strings related to Crypto-Wallets (likely being stolen) |
Stealing of Sensitive Information |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
URLs found in memory or binary data |
Networking |
|
|
6E1800380000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2105861136.00006E1800380000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800380000
|
Size: |
69632
|
|
6E1801B7D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2139171665.00006E1801B7D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801B7D000
|
Size: |
8192
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1964751368.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
65536
|
|
295208DD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096945560.00000295208DD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208DD000
|
Size: |
8192
|
|
1D4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1938890290.00000000001D4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D4000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1971718666.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
6E180160C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134842085.00006E180160C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180160C000
|
Size: |
77824
|
|
6E1800EA8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2105672055.00006E1800EA8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800EA8000
|
Size: |
8192
|
|
6E1801934000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2126493444.00006E1801934000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801934000
|
Size: |
159744
|
|
6819000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943890083.0000000006819000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6819000
|
Size: |
16384
|
|
6E1800CB8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2102212488.00006E1800CB8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800CB8000
|
Size: |
61440
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
3709000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003709000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3709000
|
Size: |
4096
|
|
2831000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1939334061.0000000002831000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2831000
|
Size: |
4096
|
|
6980000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943109561.0000000006980000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6980000
|
Size: |
65536
|
|
35F3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035F3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35F3000
|
Size: |
4096
|
|
6E1800F38000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2105004295.00006E1800F38000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800F38000
|
Size: |
12288
|
|
6A90000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1983197109.0000000006A90000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A90000
|
Size: |
40960
|
|
69A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1957529397.00000000069A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69A0000
|
Size: |
65536
|
|
6E1801730000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2136263647.00006E1801730000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801730000
|
Size: |
143360
|
|
4B92000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2399125840.0000000004B92000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4B92000
|
Size: |
4096
|
|
39F5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039F5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39F5000
|
Size: |
4096
|
|
3758000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003758000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3758000
|
Size: |
4096
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1959924390.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
45056
|
|
6E1801538000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2133933941.00006E1801538000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801538000
|
Size: |
110592
|
|
374D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000374D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
374D000
|
Size: |
4096
|
|
6E1800BE4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2101460665.00006E1800BE4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800BE4000
|
Size: |
4096
|
|
6E180165C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135120795.00006E180165C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180165C000
|
Size: |
372736
|
|
3741000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003741000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3741000
|
Size: |
4096
|
|
295208F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100951462.00000295208F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F3000
|
Size: |
8192
|
|
6E1800E58000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2103707472.00006E1800E58000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800E58000
|
Size: |
4096
|
|
3466000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003466000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3466000
|
Size: |
4096
|
|
4F18002B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2086412371.00004F18002B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F18002B0000
|
Size: |
4096
|
|
1D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1984949925.00000000001D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D0000
|
Size: |
16384
|
|
3543000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003543000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3543000
|
Size: |
12288
|
|
369A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.000000000369A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
369A000
|
Size: |
8192
|
|
6E180157C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134161266.00006E180157C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180157C000
|
Size: |
94208
|
|
3A18000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1983778072.0000000003A18000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3A18000
|
Size: |
4096
|
|
2550000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1987005808.0000000002550000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2550000
|
Size: |
12288
|
|
69D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1953034635.00000000069D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69D0000
|
Size: |
65536
|
|
38EF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000038EF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38EF000
|
Size: |
4096
|
|
2952092A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104744693.000002952092A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2952092A000
|
Size: |
4096
|
|
34BE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000034BE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34BE000
|
Size: |
4096
|
|
68E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943402721.00000000068E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
68E0000
|
Size: |
102400
|
|
6E1801758000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2136422618.00006E1801758000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801758000
|
Size: |
176128
|
|
355C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000355C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
355C000
|
Size: |
4096
|
|
6E1801A8C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2133317609.00006E1801A8C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801A8C000
|
Size: |
28672
|
|
4C31000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2399125840.0000000004C31000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4C31000
|
Size: |
8192
|
|
67E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1955517082.00000000067E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67E0000
|
Size: |
12288
|
|
6E1800D88000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2103311966.00006E1800D88000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800D88000
|
Size: |
24576
|
|
33C0035C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090520728.0000033C0035C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C0035C000
|
Size: |
24576
|
|
377F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000377F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
377F000
|
Size: |
4096
|
|
6E18019E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2128282394.00006E18019E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18019E0000
|
Size: |
36864
|
|
6E18010F8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2107754428.00006E18010F8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18010F8000
|
Size: |
36864
|
|
6E18001F4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2093020881.00006E18001F4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18001F4000
|
Size: |
16384
|
|
6E1800CB8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2138453251.00006E1800CB8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800CB8000
|
Size: |
20480
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1963208675.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
6815000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943890083.0000000006815000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6815000
|
Size: |
12288
|
|
652E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2020117133.000000000652E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
652E000
|
Size: |
8192
|
|
6E1800FC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2105895779.00006E1800FC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800FC0000
|
Size: |
69632
|
|
3B8A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2396559058.0000000003B8A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3B8A000
|
Size: |
4096
|
|
6E1801350000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2120449077.00006E1801350000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801350000
|
Size: |
126976
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
34B5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000034B5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34B5000
|
Size: |
4096
|
|
9D9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1940503880.00000000009D9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
9D9000
|
Size: |
77824
|
|
33C00408000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091550768.0000033C00408000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00408000
|
Size: |
4096
|
|
6A90000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1952596618.0000000006A90000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A90000
|
Size: |
65536
|
|
666E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2020197521.000000000666E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
666E000
|
Size: |
8192
|
|
33C00624000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090941314.0000033C00624000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00624000
|
Size: |
49152
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961246900.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1963372917.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
49152
|
|
C75000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2391442493.0000000000C75000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
C75000
|
Size: |
16384
|
|
2D40000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1990786602.0000000002D40000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
2D40000
|
Size: |
65536
|
|
3498000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003498000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3498000
|
Size: |
4096
|
|
6806000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1963651164.0000000006806000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6806000
|
Size: |
16384
|
|
6E18015D4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135021246.00006E18015D4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18015D4000
|
Size: |
49152
|
|
6C00000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1951702454.0000000006C00000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6C00000
|
Size: |
65536
|
|
6914000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1953758251.0000000006914000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6914000
|
Size: |
49152
|
|
3658000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.0000000003658000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3658000
|
Size: |
12288
|
|
6E1800454000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2102605329.00006E1800454000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800454000
|
Size: |
221184
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
35D5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035D5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35D5000
|
Size: |
4096
|
|
3993000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003993000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3993000
|
Size: |
28672
|
|
3505000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003505000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3505000
|
Size: |
4096
|
|
5D4000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000000.1706753950.00000000005D4000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
5D4000
|
Size: |
139264
|
|
3A52000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.0000000003A52000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3A52000
|
Size: |
4096
|
|
3629000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003629000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3629000
|
Size: |
4096
|
|
6E1801234000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2113761869.00006E1801234000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801234000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961456576.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
20480
|
|
33C00758000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091647583.0000033C00758000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00758000
|
Size: |
94208
|
|
6E18012A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2120090994.00006E18012A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18012A8000
|
Size: |
339968
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
AEE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2389090492.0000000000AEE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
AEE000
|
Size: |
4096
|
|
295208E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2097509744.00000295208E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E7000
|
Size: |
8192
|
|
358A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000358A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
358A000
|
Size: |
4096
|
|
3952000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.0000000003952000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3952000
|
Size: |
4096
|
|
516000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000000.1706753950.0000000000516000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
516000
|
Size: |
716800
|
|
2952090C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2103476784.000002952090C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2952090C000
|
Size: |
16384
|
|
295208E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100475253.00000295208E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E7000
|
Size: |
16384
|
|
2E7E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2391939401.0000000002E7E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E7E000
|
Size: |
8192
|
|
6E1800CB8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2103048821.00006E1800CB8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800CB8000
|
Size: |
61440
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6AB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1960149582.0000000006AB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6AB0000
|
Size: |
24576
|
|
6830000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1947791497.0000000006830000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6830000
|
Size: |
32768
|
|
A41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1944225977.0000000000A41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A41000
|
Size: |
20480
|
|
67E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1956131858.00000000067E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67E0000
|
Size: |
20480
|
|
2D50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1990857288.0000000002D50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2D50000
|
Size: |
65536
|
|
6E1801974000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2127575716.00006E1801974000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801974000
|
Size: |
61440
|
|
6E18012C4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2125439496.00006E18012C4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18012C4000
|
Size: |
110592
|
|
3882000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003882000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3882000
|
Size: |
4096
|
|
6AC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1952472091.0000000006AC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6AC0000
|
Size: |
65536
|
|
6E1801994000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2129008093.00006E1801994000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801994000
|
Size: |
61440
|
|
67E7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943994600.00000000067E7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67E7000
|
Size: |
36864
|
|
295208ED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2097694133.00000295208ED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208ED000
|
Size: |
24576
|
|
352A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000352A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
352A000
|
Size: |
4096
|
|
699D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1957583663.000000000699D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
699D000
|
Size: |
12288
|
|
6880000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1954165390.0000000006880000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6880000
|
Size: |
65536
|
|
37CD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037CD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37CD000
|
Size: |
4096
|
|
3547000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003547000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3547000
|
Size: |
32768
|
|
38E7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000038E7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E7000
|
Size: |
4096
|
|
510000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1985022253.0000000000510000.00000004.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
510000
|
Size: |
4096
|
|
295208E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2097432847.00000295208E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E7000
|
Size: |
8192
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1959839251.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
53248
|
|
6830000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1954433899.0000000006830000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6830000
|
Size: |
65536
|
|
3431000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003431000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3431000
|
Size: |
12288
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1958005023.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
65536
|
|
6806000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1963304470.0000000006806000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6806000
|
Size: |
20480
|
|
3526000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003526000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3526000
|
Size: |
4096
|
|
295208E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100558942.00000295208E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E7000
|
Size: |
12288
|
|
6E1801794000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2136909839.00006E1801794000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801794000
|
Size: |
49152
|
|
295208F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100400663.00000295208F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F3000
|
Size: |
8192
|
|
67F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1954664925.00000000067F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67F0000
|
Size: |
65536
|
|
6E1800A2C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2119245539.00006E1800A2C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800A2C000
|
Size: |
36864
|
|
29520911000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104314782.0000029520911000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520911000
|
Size: |
32768
|
|
6E18001D8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2093196862.00006E18001D8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18001D8000
|
Size: |
16384
|
|
139800234000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2086768312.0000139800234000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
139800234000
|
Size: |
4096
|
|
3954000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.0000000003954000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3954000
|
Size: |
4096
|
|
6BE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1951809633.0000000006BE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6BE0000
|
Size: |
65536
|
|
360A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000360A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
360A000
|
Size: |
4096
|
|
6E1801028000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2106848768.00006E1801028000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801028000
|
Size: |
159744
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
396B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000396B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
396B000
|
Size: |
4096
|
|
6E1800FC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2125744098.00006E1800FC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800FC0000
|
Size: |
65536
|
|
350F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000350F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
350F000
|
Size: |
4096
|
|
681C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1967250659.000000000681C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
681C000
|
Size: |
16384
|
|
3696000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003696000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3696000
|
Size: |
53248
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1963710413.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
16384
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1966372275.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
45056
|
|
38A5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000038A5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38A5000
|
Size: |
4096
|
|
34EA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000034EA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34EA000
|
Size: |
4096
|
|
3612000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003612000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3612000
|
Size: |
4096
|
|
295208EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100677614.00000295208EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208EE000
|
Size: |
16384
|
|
3481000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003481000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3481000
|
Size: |
4096
|
|
29520927000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2103713921.0000029520927000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520927000
|
Size: |
16384
|
|
3477000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003477000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3477000
|
Size: |
4096
|
|
6E1800350000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2105242268.00006E1800350000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800350000
|
Size: |
12288
|
|
4F18002BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2086614376.00004F18002BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F18002BC000
|
Size: |
4096
|
|
3595000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003595000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3595000
|
Size: |
36864
|
|
3640000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003640000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3640000
|
Size: |
4096
|
|
6E1801100000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2122041945.00006E1801100000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801100000
|
Size: |
4096
|
|
342F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000342F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
342F000
|
Size: |
4096
|
|
37D3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037D3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37D3000
|
Size: |
8192
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1966590746.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
40960
|
|
4BC7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2399125840.0000000004BC7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4BC7000
|
Size: |
4096
|
|
23BD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2482881398.00000000023BD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
23BD000
|
Size: |
12288
|
|
4D3C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2399125840.0000000004D3C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4D3C000
|
Size: |
4096
|
|
3803000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003803000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3803000
|
Size: |
4096
|
|
29520907000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2103959526.0000029520907000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520907000
|
Size: |
40960
|
|
29520902000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2102596022.0000029520902000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520902000
|
Size: |
8192
|
|
3C40000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2396559058.0000000003C40000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3C40000
|
Size: |
4096
|
|
3439000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003439000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3439000
|
Size: |
8192
|
|
6E1801AC4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2133356410.00006E1801AC4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801AC4000
|
Size: |
24576
|
|
39A7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039A7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39A7000
|
Size: |
4096
|
|
37B4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037B4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37B4000
|
Size: |
4096
|
|
36C7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000036C7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
36C7000
|
Size: |
4096
|
|
67C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1948856132.00000000067C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67C0000
|
Size: |
4096
|
|
6A30000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1952759110.0000000006A30000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A30000
|
Size: |
196608
|
|
2E80000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1990968639.0000000002E80000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E80000
|
Size: |
4096
|
|
6863000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943651854.0000000006863000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6863000
|
Size: |
12288
|
|
6B90000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1952044068.0000000006B90000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6B90000
|
Size: |
65536
|
|
39AE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039AE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39AE000
|
Size: |
28672
|
|
6E18012E8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2121174647.00006E18012E8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18012E8000
|
Size: |
77824
|
|
295208F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100288751.00000295208F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F3000
|
Size: |
8192
|
|
69C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1942920960.00000000069C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69C0000
|
Size: |
65536
|
|
463D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2398562514.000000000463D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
463D000
|
Size: |
4096
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1958124087.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
65536
|
|
6830000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1964720249.0000000006830000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6830000
|
Size: |
12288
|
|
37B7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037B7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37B7000
|
Size: |
20480
|
|
699E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1953202221.000000000699E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
699E000
|
Size: |
8192
|
|
3642000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.0000000003642000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3642000
|
Size: |
16384
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
33C00760000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091726118.0000033C00760000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00760000
|
Size: |
61440
|
|
6E18002C4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2094181384.00006E18002C4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18002C4000
|
Size: |
4096
|
|
38A7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000038A7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38A7000
|
Size: |
4096
|
|
6970000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943139831.0000000006970000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6970000
|
Size: |
65536
|
|
33C006F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091433160.0000033C006F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C006F0000
|
Size: |
49152
|
|
457D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2398562514.000000000457D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
457D000
|
Size: |
4096
|
|
6E18002A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2111885374.00006E18002A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18002A4000
|
Size: |
8192
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
39A8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.00000000039A8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
39A8000
|
Size: |
8192
|
|
6E1800F10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2105004295.00006E1800F10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800F10000
|
Size: |
151552
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found strings which match to known social media urls |
Networking |
|
|
35E1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035E1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35E1000
|
Size: |
8192
|
|
33C00418000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2093442614.0000033C00418000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00418000
|
Size: |
4096
|
|
295208E4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096473459.00000295208E4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E4000
|
Size: |
4096
|
|
6E1800C74000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2101639913.00006E1800C74000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800C74000
|
Size: |
12288
|
|
6830000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943845373.0000000006830000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6830000
|
Size: |
65536
|
|
39B9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.00000000039B9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
39B9000
|
Size: |
4096
|
|
6E1800FA8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2105935841.00006E1800FA8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800FA8000
|
Size: |
94208
|
|
6E1800350000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2119858295.00006E1800350000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800350000
|
Size: |
12288
|
|
6E1800C29000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2154898161.00006E1800C29000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800C29000
|
Size: |
16384
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1959885676.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
28672
|
|
295208E1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096249808.00000295208E1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E1000
|
Size: |
8192
|
|
6E1801B34000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2126022820.00006E1801B34000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801B34000
|
Size: |
114688
|
|
2DF0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2482436599.0000000002DF0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2DF0000
|
Size: |
20480
|
|
35D7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035D7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35D7000
|
Size: |
4096
|
|
3858000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003858000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3858000
|
Size: |
57344
|
|
6E1801540000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134035501.00006E1801540000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801540000
|
Size: |
77824
|
|
2952090C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104587786.000002952090C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2952090C000
|
Size: |
20480
|
|
6E1801534000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2133877561.00006E1801534000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801534000
|
Size: |
126976
|
|
298F000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2483079453.000000000298F000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
298F000
|
Size: |
4096
|
|
1D4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1937457118.00000000001D4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D4000
|
Size: |
4096
|
|
686E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943651854.000000000686E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
686E000
|
Size: |
73728
|
|
35DF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035DF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35DF000
|
Size: |
4096
|
|
3880000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394613104.0000000003880000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3880000
|
Size: |
151552
|
|
6E1801754000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2136339879.00006E1801754000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801754000
|
Size: |
192512
|
|
33C006CC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091132587.0000033C006CC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C006CC000
|
Size: |
94208
|
|
37B2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037B2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37B2000
|
Size: |
4096
|
|
6E1800230000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2092680384.00006E1800230000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800230000
|
Size: |
241664
|
|
67FF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2020641513.00000000067FF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67FF000
|
Size: |
4096
|
|
36A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000036A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
36A8000
|
Size: |
4096
|
|
6BF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1951748923.0000000006BF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6BF0000
|
Size: |
65536
|
|
67E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1949711736.00000000067E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67E0000
|
Size: |
24576
|
|
6E180164C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135678112.00006E180164C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180164C000
|
Size: |
61440
|
|
6E1800F4C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104582478.00006E1800F4C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800F4C000
|
Size: |
131072
|
|
67C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1949206298.00000000067C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67C0000
|
Size: |
65536
|
|
6E1801A20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2128671706.00006E1801A20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801A20000
|
Size: |
143360
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943867932.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
65536
|
|
2952092A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104196587.000002952092A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2952092A000
|
Size: |
4096
|
|
6E18012E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2121269430.00006E18012E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18012E0000
|
Size: |
32768
|
|
6818000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1968633023.0000000006818000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6818000
|
Size: |
32768
|
|
BE8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2389518056.0000000000BE8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
BE8000
|
Size: |
552960
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found many strings related to Crypto-Wallets (likely being stolen) |
Stealing of Sensitive Information |
|
Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
URLs found in memory or binary data |
Networking |
|
|
35A9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035A9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35A9000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961972982.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
6E1801988000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2127525666.00006E1801988000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801988000
|
Size: |
110592
|
|
38EB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000038EB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38EB000
|
Size: |
4096
|
|
69A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1953156646.00000000069A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69A0000
|
Size: |
65536
|
|
36C3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000036C3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
36C3000
|
Size: |
4096
|
|
34F4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000034F4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34F4000
|
Size: |
4096
|
|
24E0000
|
trusted library section
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1986891172.00000000024E0000.00000004.08000000.00040000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page read and write
|
Base address: |
24E0000
|
Size: |
4096
|
|
3606000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003606000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3606000
|
Size: |
4096
|
|
36BF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000036BF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
36BF000
|
Size: |
4096
|
|
6E18017A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2136792559.00006E18017A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18017A4000
|
Size: |
98304
|
|
3591000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003591000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3591000
|
Size: |
12288
|
|
44A6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2398562514.00000000044A6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
44A6000
|
Size: |
12288
|
|
39F9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039F9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39F9000
|
Size: |
4096
|
|
33C006C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091109572.0000033C006C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C006C8000
|
Size: |
110592
|
|
3F87000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2398175552.0000000003F87000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3F87000
|
Size: |
8192
|
|
6E1800CB8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2106416730.00006E1800CB8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800CB8000
|
Size: |
20480
|
|
6E18002A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2093552148.00006E18002A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18002A8000
|
Size: |
8192
|
|
295208E8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100874313.00000295208E8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E8000
|
Size: |
8192
|
|
BD7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2389518056.0000000000BD7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
BD7000
|
Size: |
40960
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
3747000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003747000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3747000
|
Size: |
4096
|
|
295208ED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2098388090.00000295208ED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208ED000
|
Size: |
24576
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1962128671.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
6960000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1957785508.0000000006960000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6960000
|
Size: |
24576
|
|
6E18017B4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2137319393.00006E18017B4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18017B4000
|
Size: |
32768
|
|
3528000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003528000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3528000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1962060030.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
6E1800C1C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2154898161.00006E1800C1C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800C1C000
|
Size: |
32768
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1962535360.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1964830657.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
28672
|
|
295208F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2099699896.00000295208F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F3000
|
Size: |
8192
|
|
67E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1955920665.00000000067E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67E0000
|
Size: |
65536
|
|
295208EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2099980902.00000295208EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208EE000
|
Size: |
16384
|
|
6E18016A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135713844.00006E18016A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18016A4000
|
Size: |
77824
|
|
3837000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003837000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3837000
|
Size: |
4096
|
|
341C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000341C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
341C000
|
Size: |
12288
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1969910701.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
20480
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961427928.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
6AA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1952555344.0000000006AA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6AA0000
|
Size: |
65536
|
|
6E180033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2109061219.00006E180033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180033C000
|
Size: |
8192
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
31DC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991109122.00000000031DC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
31DC000
|
Size: |
16384
|
|
6E1800350000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2105710561.00006E1800350000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800350000
|
Size: |
12288
|
|
3711000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003711000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3711000
|
Size: |
4096
|
|
295208E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2097230219.00000295208E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E7000
|
Size: |
8192
|
|
386F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000386F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
386F000
|
Size: |
4096
|
|
2952092A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104072382.000002952092A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2952092A000
|
Size: |
4096
|
|
4B7C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2399125840.0000000004B7C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4B7C000
|
Size: |
4096
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2020957116.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
36864
|
|
3975000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003975000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3975000
|
Size: |
4096
|
|
295208F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2099980902.00000295208F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F3000
|
Size: |
8192
|
|
67F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1959639401.00000000067F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67F0000
|
Size: |
16384
|
|
6E1800344000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2093829719.00006E1800344000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800344000
|
Size: |
12288
|
|
6814000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1973705995.0000000006814000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6814000
|
Size: |
49152
|
|
6E1800C1C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2107416334.00006E1800C1C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800C1C000
|
Size: |
28672
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
388C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000388C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
388C000
|
Size: |
4096
|
|
3416000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003416000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3416000
|
Size: |
4096
|
|
6E18012A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2120299521.00006E18012A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18012A8000
|
Size: |
339968
|
|
295208ED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2097787590.00000295208ED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208ED000
|
Size: |
24576
|
|
39D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.00000000039D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
39D0000
|
Size: |
8192
|
|
33C00734000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091667119.0000033C00734000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00734000
|
Size: |
61440
|
|
33C00668000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090998639.0000033C00668000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00668000
|
Size: |
61440
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1962700771.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
6E18012A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2125439496.00006E18012A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18012A8000
|
Size: |
110592
|
|
3665000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003665000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3665000
|
Size: |
24576
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1960924337.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
6E1800454000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2107463556.00006E1800454000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800454000
|
Size: |
229376
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
A37000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1944244370.0000000000A37000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A37000
|
Size: |
40960
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1969627932.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
6E180040C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2101352074.00006E180040C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180040C000
|
Size: |
249856
|
|
6850000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2021198483.0000000006850000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6850000
|
Size: |
212992
|
|
4B52000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2399125840.0000000004B52000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4B52000
|
Size: |
4096
|
|
295208D6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096608208.00000295208D6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208D6000
|
Size: |
4096
|
|
295208F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2101032561.00000295208F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F3000
|
Size: |
8192
|
|
33C006E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091200058.0000033C006E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C006E4000
|
Size: |
192512
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6E1801A4C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2130351919.00006E1801A4C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801A4C000
|
Size: |
77824
|
|
6E1801694000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135574388.00006E1801694000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801694000
|
Size: |
143360
|
|
69B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1957480407.00000000069B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69B0000
|
Size: |
65536
|
|
3659000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003659000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3659000
|
Size: |
4096
|
|
6C70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1951207333.0000000006C70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6C70000
|
Size: |
65536
|
|
38E9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000038E9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
38E9000
|
Size: |
4096
|
|
6E1801698000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135610147.00006E1801698000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801698000
|
Size: |
126976
|
|
6A10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1957216978.0000000006A10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A10000
|
Size: |
53248
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1963500759.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
16384
|
|
6E1801E4F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2140100232.00006E1801E4F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801E4F000
|
Size: |
335872
|
|
6A10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1984649841.0000000006A10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A10000
|
Size: |
4096
|
|
33C00700000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2091326011.0000033C00700000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C00700000
|
Size: |
77824
|
|
34D4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000034D4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34D4000
|
Size: |
86016
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961861708.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
9D3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1940484067.00000000009D3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
9D3000
|
Size: |
16384
|
|
295208E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2097746253.00000295208E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E7000
|
Size: |
8192
|
|
6830000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1956456327.0000000006830000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6830000
|
Size: |
65536
|
|
6850000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943792909.0000000006850000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6850000
|
Size: |
57344
|
|
3632000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003632000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3632000
|
Size: |
53248
|
|
69D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1968789703.00000000069D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69D0000
|
Size: |
49152
|
|
295208EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2099352872.00000295208EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208EE000
|
Size: |
16384
|
|
295208ED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2098437914.00000295208ED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208ED000
|
Size: |
24576
|
|
9E1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1940548586.00000000009E1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
9E1000
|
Size: |
4096
|
|
6E180033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2149853567.00006E180033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180033C000
|
Size: |
8192
|
|
6E18012C4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2121642267.00006E18012C4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18012C4000
|
Size: |
114688
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
35F5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035F5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35F5000
|
Size: |
4096
|
|
870000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1985110463.0000000000870000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
870000
|
Size: |
4096
|
|
6820000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1956501997.0000000006820000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6820000
|
Size: |
65536
|
|
6950000
|
trusted library section
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2021457678.0000000006950000.00000004.08000000.00040000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page read and write
|
Base address: |
6950000
|
Size: |
401408
|
|
1D4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1938960778.00000000001D4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1D4000
|
Size: |
4096
|
|
295208E8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2099980902.00000295208E8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208E8000
|
Size: |
8192
|
|
6950000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1955074780.0000000006950000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6950000
|
Size: |
65536
|
|
295208F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100558942.00000295208F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F3000
|
Size: |
8192
|
|
6920000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1953709582.0000000006920000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6920000
|
Size: |
65536
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1964675885.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1958061862.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
20480
|
|
369F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.000000000369F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
369F000
|
Size: |
8192
|
|
390B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.000000000390B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
390B000
|
Size: |
8192
|
|
39B8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039B8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39B8000
|
Size: |
12288
|
|
6E180033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096154418.00006E180033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180033C000
|
Size: |
8192
|
|
34D2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000034D2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34D2000
|
Size: |
4096
|
|
2490000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1937491851.0000000002490000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2490000
|
Size: |
172032
|
|
384C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000384C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
384C000
|
Size: |
4096
|
|
6E180040C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2107463556.00006E180040C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180040C000
|
Size: |
290816
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
69D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1968571647.00000000069D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69D0000
|
Size: |
65536
|
|
39CB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000039CB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39CB000
|
Size: |
20480
|
|
371C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.000000000371C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
371C000
|
Size: |
4096
|
|
6814000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1967509886.0000000006814000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6814000
|
Size: |
49152
|
|
6A10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1952887518.0000000006A10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A10000
|
Size: |
65536
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1963597160.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
16384
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1961670862.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
16384
|
|
64EF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2020075150.00000000064EF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
64EF000
|
Size: |
4096
|
|
295208F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104663495.00000295208F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F3000
|
Size: |
12288
|
|
6E1801664000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135175910.00006E1801664000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801664000
|
Size: |
339968
|
|
36B3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000036B3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
36B3000
|
Size: |
45056
|
|
6B70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1970596088.0000000006B70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6B70000
|
Size: |
20480
|
|
67C2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1948856132.00000000067C2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67C2000
|
Size: |
45056
|
|
3711000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392387647.0000000003711000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3711000
|
Size: |
4096
|
|
34B1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000034B1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34B1000
|
Size: |
12288
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1955216251.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
2F7F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2391966895.0000000002F7F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2F7F000
|
Size: |
4096
|
|
3C80000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2396559058.0000000003C80000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3C80000
|
Size: |
626688
|
|
6960000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943177142.0000000006960000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6960000
|
Size: |
65536
|
|
6883000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1982983495.0000000006883000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6883000
|
Size: |
172032
|
|
6960000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1953440908.0000000006960000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6960000
|
Size: |
65536
|
|
3403000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003403000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3403000
|
Size: |
4096
|
|
6802000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1956611222.0000000006802000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6802000
|
Size: |
53248
|
|
45A8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2398562514.00000000045A8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
45A8000
|
Size: |
4096
|
|
362B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000362B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
362B000
|
Size: |
4096
|
|
3726000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003726000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3726000
|
Size: |
4096
|
|
3C4A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2396559058.0000000003C4A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3C4A000
|
Size: |
4096
|
|
6830000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1959411838.0000000006830000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6830000
|
Size: |
45056
|
|
375C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000375C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
375C000
|
Size: |
4096
|
|
2E00000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2482496591.0000000002E00000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E00000
|
Size: |
20480
|
|
4B9C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2399125840.0000000004B9C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4B9C000
|
Size: |
4096
|
|
295208ED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2097649883.00000295208ED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208ED000
|
Size: |
24576
|
|
6E1800A2C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2101275701.00006E1800A2C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800A2C000
|
Size: |
32768
|
|
6E180021C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2092870136.00006E180021C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180021C000
|
Size: |
16384
|
|
6E1800380000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2125785152.00006E1800380000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800380000
|
Size: |
65536
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2020781225.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
65536
|
|
3919000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003919000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3919000
|
Size: |
4096
|
|
6E1801620000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2134795502.00006E1801620000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801620000
|
Size: |
241664
|
|
6A90000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1983352469.0000000006A90000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A90000
|
Size: |
12288
|
|
67B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1944111173.00000000067B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67B0000
|
Size: |
65536
|
|
35C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35C0000
|
Size: |
12288
|
|
6930000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1953641083.0000000006930000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6930000
|
Size: |
65536
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1949588279.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
36864
|
|
6E18013A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2151097443.00006E18013A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18013A0000
|
Size: |
4096
|
|
432D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2011205715.000000000432D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
432D000
|
Size: |
774144
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
URLs found in memory or binary data |
Networking |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
681C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1949588279.000000000681C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
681C000
|
Size: |
16384
|
|
67E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1958551553.00000000067E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67E0000
|
Size: |
65536
|
|
44B7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2011205715.00000000044B7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
44B7000
|
Size: |
937984
|
|
38F6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2394837173.00000000038F6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
38F6000
|
Size: |
8192
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1954584347.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
65536
|
|
6E1801A70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2132460472.00006E1801A70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801A70000
|
Size: |
61440
|
|
349E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000349E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
349E000
|
Size: |
4096
|
|
44B3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2398562514.00000000044B3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
44B3000
|
Size: |
4096
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1949648716.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
49152
|
|
4C67000
|
heap
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2399125840.0000000004C67000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4C67000
|
Size: |
4096
|
|
30DC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2392023364.00000000030DC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
30DC000
|
Size: |
16384
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1968374528.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
8192
|
|
6E18007E8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2119961899.00006E18007E8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18007E8000
|
Size: |
73728
|
|
2DFC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2391898975.0000000002DFC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2DFC000
|
Size: |
16384
|
|
68A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1943551517.00000000068A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
68A0000
|
Size: |
65536
|
|
19D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1984913402.000000000019D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
19D000
|
Size: |
12288
|
|
6E1800350000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2107968724.00006E1800350000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800350000
|
Size: |
12288
|
|
6E1800344000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104524591.00006E1800344000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800344000
|
Size: |
12288
|
|
36C9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000036C9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
36C9000
|
Size: |
4096
|
|
6E1800F70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104582478.00006E1800F70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800F70000
|
Size: |
4096
|
|
37FF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000037FF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
37FF000
|
Size: |
4096
|
|
4F18002BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2086478150.00004F18002BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F18002BC000
|
Size: |
4096
|
|
67E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1958971226.00000000067E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67E0000
|
Size: |
36864
|
|
6E1801380000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2121697355.00006E1801380000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801380000
|
Size: |
110592
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1958788659.0000000006800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6800000
|
Size: |
65536
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1954541877.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
72B000
|
stack
|
page read and write
|
|
|
|
Name: |
00000004.00000002.2388737281.000000000072B000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
4
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
72B000
|
Size: |
20480
|
|
2580000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1987296429.0000000002580000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2580000
|
Size: |
8192
|
|
6E18002B8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2093575933.00006E18002B8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18002B8000
|
Size: |
4096
|
|
6E18019C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2128044174.00006E18019C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18019C0000
|
Size: |
81920
|
|
6E1800F4C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2120245382.00006E1800F4C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800F4C000
|
Size: |
135168
|
|
375E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000375E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
375E000
|
Size: |
12288
|
|
69B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1942998266.00000000069B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69B0000
|
Size: |
65536
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1966506267.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
8192
|
|
29AC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2483199316.00000000029AC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29AC000
|
Size: |
24576
|
|
295208F1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2096730547.00000295208F1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F1000
|
Size: |
4096
|
|
6A10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1984731837.0000000006A10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A10000
|
Size: |
16384
|
|
69E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1970185001.00000000069E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69E0000
|
Size: |
12288
|
|
6E18001DC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2093165939.00006E18001DC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18001DC000
|
Size: |
16384
|
|
3807000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003807000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3807000
|
Size: |
49152
|
|
6E18002A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2093638692.00006E18002A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18002A4000
|
Size: |
8192
|
|
36AE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000036AE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
36AE000
|
Size: |
4096
|
|
6980000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1956235003.0000000006980000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6980000
|
Size: |
45056
|
|
362F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000362F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
362F000
|
Size: |
4096
|
|
2553000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1987029054.0000000002553000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
2553000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1958745889.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
370F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000370F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
370F000
|
Size: |
4096
|
|
3779000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003779000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3779000
|
Size: |
4096
|
|
3574000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003574000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3574000
|
Size: |
53248
|
|
3888000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.0000000003888000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3888000
|
Size: |
12288
|
|
295208EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2099562755.00000295208EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208EE000
|
Size: |
16384
|
|
6E180033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2111918888.00006E180033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180033C000
|
Size: |
8192
|
|
6E18017D4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2137020128.00006E18017D4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18017D4000
|
Size: |
143360
|
|
6E1801A84000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2131641068.00006E1801A84000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801A84000
|
Size: |
61440
|
|
6E1800CB8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2110478579.00006E1800CB8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800CB8000
|
Size: |
61440
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2952090C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104878168.000002952090C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2952090C000
|
Size: |
20480
|
|
69E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1967105242.00000000069E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69E0000
|
Size: |
12288
|
|
67C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1950261383.00000000067C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67C0000
|
Size: |
65536
|
|
6E1800F7C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2107024271.00006E1800F7C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800F7C000
|
Size: |
20480
|
|
35B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000035B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35B0000
|
Size: |
36864
|
|
6E1800F7C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2105299625.00006E1800F7C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800F7C000
|
Size: |
20480
|
|
33C0039C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2090740688.0000033C0039C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
33C0039C000
|
Size: |
323584
|
|
368F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000368F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
368F000
|
Size: |
4096
|
|
295208EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100400663.00000295208EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208EE000
|
Size: |
16384
|
|
69E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2022068052.00000000069E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
69E0000
|
Size: |
65536
|
|
29520907000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2104150493.0000029520907000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520907000
|
Size: |
40960
|
|
24D0000
|
trusted library section
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1986869699.00000000024D0000.00000004.08000000.00040000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page read and write
|
Base address: |
24D0000
|
Size: |
4096
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1966635343.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
65536
|
|
383B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000383B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
383B000
|
Size: |
4096
|
|
6E180166C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2135250698.00006E180166C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E180166C000
|
Size: |
307200
|
|
386B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.000000000386B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
386B000
|
Size: |
4096
|
|
295208F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2100169971.00000295208F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F3000
|
Size: |
8192
|
|
29520927000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2103476784.0000029520927000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29520927000
|
Size: |
16384
|
|
34EC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1991482086.00000000034EC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
34EC000
|
Size: |
4096
|
|
6E1801AB4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2139140981.00006E1801AB4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1801AB4000
|
Size: |
8192
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
67C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1944049342.00000000067C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67C0000
|
Size: |
65536
|
|
6810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1962990524.0000000006810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6810000
|
Size: |
12288
|
|
67D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2020521970.00000000067D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
67D0000
|
Size: |
65536
|
|
6E1800E3C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2153293111.00006E1800E3C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E1800E3C000
|
Size: |
114688
|
|
295208F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2105161794.00000295208F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
295208F3000
|
Size: |
12288
|
|
6E18014DC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.2133771890.00006E18014DC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6E18014DC000
|
Size: |
16384
|
|