1DD8F377000
|
trusted library allocation
|
page read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000000.00000002.2378338667.000001DD8F377000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD8F377000
|
Size: |
2260992
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Malicious sample detected (through community Yara rule) |
System Summary |
|
Yara detected XWorm |
Stealing of Sensitive Information, Remote Access Functionality |
|
Yara signature match |
System Summary |
|
URLs found in memory or binary data |
Networking |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
402000
|
remote allocation
|
page execute and read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000003.00000002.4338325548.0000000000402000.00000040.00000400.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
remote allocation
|
Protect: |
page execute and read and write
|
Base address: |
402000
|
Size: |
61440
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Malicious sample detected (through community Yara rule) |
System Summary |
|
Yara detected XWorm |
Stealing of Sensitive Information, Remote Access Functionality |
|
Yara signature match |
System Summary |
|
|
2ED1000
|
trusted library allocation
|
page read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000003.00000002.4340987484.0000000002ED1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2ED1000
|
Size: |
200704
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected XWorm |
Stealing of Sensitive Information, Remote Access Functionality |
|
URLs found in memory or binary data |
Networking |
|
|
1DD90339000
|
trusted library allocation
|
page read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000000.00000002.2378338667.000001DD90339000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD90339000
|
Size: |
860160
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Malicious sample detected (through community Yara rule) |
System Summary |
|
Yara detected XWorm |
Stealing of Sensitive Information, Remote Access Functionality |
|
Yara signature match |
System Summary |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
1DD8F5B1000
|
trusted library allocation
|
page read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000000.00000002.2378338667.000001DD8F5B1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD8F5B1000
|
Size: |
421888
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Malicious sample detected (through community Yara rule) |
System Summary |
|
Yara detected XWorm |
Stealing of Sensitive Information, Remote Access Functionality |
|
Yara signature match |
System Summary |
|
|
1310000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4340068352.0000000001310000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1310000
|
Size: |
4096
|
|
6755000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4349659331.0000000006755000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6755000
|
Size: |
36864
|
|
623D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4349165966.000000000623D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
623D000
|
Size: |
12288
|
|
1DD8EC87000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2378045501.000001DD8EC87000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
1DD8EC87000
|
Size: |
8192
|
|
65D6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4349547427.00000000065D6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
65D6000
|
Size: |
4096
|
|
1DDA73F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2404558789.000001DDA73F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DDA73F0000
|
Size: |
4096
|
|
7FF848E12000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2405519509.00007FF848E12000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF848E12000
|
Size: |
4096
|
|
2F03000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4340987484.0000000002F03000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F03000
|
Size: |
417792
|
|
1DD8EB70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377794373.000001DD8EB70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD8EB70000
|
Size: |
4096
|
|
2ECF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4340966321.0000000002ECF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2ECF000
|
Size: |
4096
|
|
1DD9F3DC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2397399939.000001DD9F3DC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD9F3DC000
|
Size: |
12288
|
|
1DD8D312000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377310008.000001DD8D312000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DD8D312000
|
Size: |
20480
|
|
1DD8F619000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2378338667.000001DD8F619000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD8F619000
|
Size: |
3231744
|
|
1DD8D4F5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377678404.000001DD8D4F5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DD8D4F5000
|
Size: |
40960
|
|
7FF848ED0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2405964242.00007FF848ED0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF848ED0000
|
Size: |
36864
|
|
7FF848ECC000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2405930716.00007FF848ECC000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF848ECC000
|
Size: |
12288
|
|
1DD8D1C0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377266079.000001DD8D1C0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DD8D1C0000
|
Size: |
4096
|
|
1DDA73EC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2404558789.000001DDA73EC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DDA73EC000
|
Size: |
12288
|
|
10E63F9000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2376788447.00000010E63F9000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
10E63F9000
|
Size: |
28672
|
|
105C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4338557949.000000000105C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
105C000
|
Size: |
12288
|
|
F50000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4338536606.0000000000F50000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F50000
|
Size: |
4096
|
|
1DD8EC80000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2378045501.000001DD8EC80000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
1DD8EC80000
|
Size: |
20480
|
|
1DD8EC90000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2378096563.000001DD8EC90000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DD8EC90000
|
Size: |
12288
|
|
5E7E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4348930815.0000000005E7E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5E7E000
|
Size: |
8192
|
|
5DBE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4348810981.0000000005DBE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5DBE000
|
Size: |
8192
|
|
1336000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000003.00000002.4340311311.0000000001336000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
1336000
|
Size: |
8192
|
|
1DD8F92F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2378338667.000001DD8F92F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD8F92F000
|
Size: |
36864
|
|
599E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4348468908.000000000599E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
599E000
|
Size: |
8192
|
|
1DD90437000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2378338667.000001DD90437000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD90437000
|
Size: |
974848
|
|
7FF849140000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2408446208.00007FF849140000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF849140000
|
Size: |
65536
|
|
10E6735000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377017642.00000010E6735000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
10E6735000
|
Size: |
45056
|
|
FCC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4338557949.0000000000FCC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FCC000
|
Size: |
208896
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
5AA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4348508771.0000000005AA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5AA0000
|
Size: |
61440
|
|
10E5D45000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2376563137.00000010E5D45000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
10E5D45000
|
Size: |
45056
|
|
7FF848F30000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2406111931.00007FF848F30000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF848F30000
|
Size: |
94208
|
|
1DD8EFE0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2378145416.000001DD8EFE0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DD8EFE0000
|
Size: |
987136
|
|
5E3E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4348888762.0000000005E3E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5E3E000
|
Size: |
8192
|
|
2F6B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4340987484.0000000002F6B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F6B000
|
Size: |
4939776
|
|
1DD8D2F1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377310008.000001DD8D2F1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DD8D2F1000
|
Size: |
24576
|
|
538C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4348064812.000000000538C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
538C000
|
Size: |
16384
|
|
1DDA7190000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2403139456.000001DDA7190000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DDA7190000
|
Size: |
282624
|
|
1DD8D4F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377678404.000001DD8D4F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DD8D4F0000
|
Size: |
16384
|
|
1DDA75F0000
|
trusted library section
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2405232656.000001DDA75F0000.00000004.08000000.00040000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page read and write
|
Base address: |
1DDA75F0000
|
Size: |
77824
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
7FF848E2B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2405755724.00007FF848E2B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF848E2B000
|
Size: |
4096
|
|
7DF470A30000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2405488199.00007DF470A30000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7DF470A30000
|
Size: |
4096
|
|
10E663E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2376940407.00000010E663E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
10E663E000
|
Size: |
8192
|
|
10E65B9000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2376894255.00000010E65B9000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
10E65B9000
|
Size: |
28672
|
|
1300000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4340041511.0000000001300000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1300000
|
Size: |
8192
|
|
7FF8490B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2407571215.00007FF8490B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF8490B0000
|
Size: |
65536
|
|
1DD90784000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2378338667.000001DD90784000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD90784000
|
Size: |
10485760
|
|
7FF8490C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2407662376.00007FF8490C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF8490C0000
|
Size: |
65536
|
|
1DD9F160000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2397399939.000001DD9F160000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD9F160000
|
Size: |
69632
|
|
4FCE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4347950095.0000000004FCE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4FCE000
|
Size: |
8192
|
|
624E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4349206095.000000000624E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
624E000
|
Size: |
32768
|
|
7FF849060000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2407094025.00007FF849060000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF849060000
|
Size: |
65536
|
|
1DD91184000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2378338667.000001DD91184000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD91184000
|
Size: |
647168
|
|
1DD90780000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2378338667.000001DD90780000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD90780000
|
Size: |
8192
|
|
1313000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000003.00000002.4340095183.0000000001313000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
1313000
|
Size: |
4096
|
|
1314000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4340122147.0000000001314000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1314000
|
Size: |
4096
|
|
F9F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4338557949.0000000000F9F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F9F000
|
Size: |
180224
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
1DD90410000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2378338667.000001DD90410000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD90410000
|
Size: |
151552
|
|
1DD8D340000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377310008.000001DD8D340000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DD8D340000
|
Size: |
61440
|
|
7FF849040000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2406912905.00007FF849040000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF849040000
|
Size: |
65536
|
|
10E5DCE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2376589618.00000010E5DCE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
10E5DCE000
|
Size: |
8192
|
|
1056000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4338557949.0000000001056000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1056000
|
Size: |
12288
|
|
569B000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4348321743.000000000569B000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
569B000
|
Size: |
20480
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
1DD8F939000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2378338667.000001DD8F939000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD8F939000
|
Size: |
10485760
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
400000
|
remote allocation
|
page execute and read and write
|
|
|
|
Name: |
00000003.00000002.4338325548.0000000000400000.00000040.00000400.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
remote allocation
|
Protect: |
page execute and read and write
|
Base address: |
400000
|
Size: |
4096
|
|
10E627F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2376713284.00000010E627F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
10E627F000
|
Size: |
4096
|
|
1024000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4338557949.0000000001024000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1024000
|
Size: |
4096
|
|
1DDA73F5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2404558789.000001DDA73F5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DDA73F5000
|
Size: |
303104
|
|
1DD8D33C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377310008.000001DD8D33C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DD8D33C000
|
Size: |
8192
|
|
1DD9F3EB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2397399939.000001DD9F3EB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD9F3EB000
|
Size: |
2342912
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1DD8D080000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377181097.000001DD8D080000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DD8D080000
|
Size: |
4096
|
|
1500000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000003.00000002.4340575754.0000000001500000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
1500000
|
Size: |
65536
|
|
1DD8D33A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377310008.000001DD8D33A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DD8D33A000
|
Size: |
4096
|
|
7FF849070000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2407184048.00007FF849070000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF849070000
|
Size: |
65536
|
|
637C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4349395520.000000000637C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
637C000
|
Size: |
16384
|
|
100C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4338557949.000000000100C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
100C000
|
Size: |
4096
|
|
7FF848E14000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2405618649.00007FF848E14000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF848E14000
|
Size: |
36864
|
|
7FF8490A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2407473400.00007FF8490A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF8490A0000
|
Size: |
65536
|
|
1DDA722D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2403139456.000001DDA722D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DDA722D000
|
Size: |
139264
|
|
2D60000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4340742043.0000000002D60000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2D60000
|
Size: |
4096
|
|
1DDA721F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2403139456.000001DDA721F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DDA721F000
|
Size: |
4096
|
|
5590000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000003.00000002.4348293058.0000000005590000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
5590000
|
Size: |
4096
|
|
1330000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4340265818.0000000001330000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1330000
|
Size: |
4096
|
|
7FF848FD0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2406477767.00007FF848FD0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF848FD0000
|
Size: |
20480
|
|
1090000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4339869557.0000000001090000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1090000
|
Size: |
16384
|
|
1DD8D300000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377310008.000001DD8D300000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DD8D300000
|
Size: |
4096
|
|
589F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4348431013.000000000589F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
589F000
|
Size: |
4096
|
|
7FF848E10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2405519509.00007FF848E10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF848E10000
|
Size: |
4096
|
|
1510000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4340652845.0000000001510000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1510000
|
Size: |
20480
|
|
1323000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4340173319.0000000001323000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1323000
|
Size: |
40960
|
|
1000000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4338557949.0000000001000000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1000000
|
Size: |
4096
|
|
1DD8D230000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377289241.000001DD8D230000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DD8D230000
|
Size: |
4096
|
|
534C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4347978558.000000000534C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
534C000
|
Size: |
16384
|
|
1060000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4339839032.0000000001060000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1060000
|
Size: |
8192
|
|
65D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4349547427.00000000065D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
65D0000
|
Size: |
16384
|
|
7FF848E13000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2405587492.00007FF848E13000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF848E13000
|
Size: |
4096
|
|
BEB000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4338455927.0000000000BEB000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
BEB000
|
Size: |
20480
|
|
1DD8F5A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2378338667.000001DD8F5A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD8F5A0000
|
Size: |
4096
|
|
10E607E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2376614326.00000010E607E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
10E607E000
|
Size: |
8192
|
|
1DDA7150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2403139456.000001DDA7150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DDA7150000
|
Size: |
225280
|
|
1DD8D160000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377215812.000001DD8D160000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DD8D160000
|
Size: |
16384
|
|
6760000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4349794311.0000000006760000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6760000
|
Size: |
4096
|
|
7FF848EF6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2406017718.00007FF848EF6000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF848EF6000
|
Size: |
69632
|
|
1DDA718B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2403139456.000001DDA718B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DDA718B000
|
Size: |
16384
|
|
1DD8EBE0000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2377942297.000001DD8EBE0000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
1DD8EBE0000
|
Size: |
4096
|
|
5550000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4348267105.0000000005550000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5550000
|
Size: |
4096
|
|
1DD8EB60000
|
heap
|
page readonly
|
|
|
|
Name: |
00000000.00000002.2377765176.000001DD8EB60000.00000002.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page readonly
|
Base address: |
1DD8EB60000
|
Size: |
4096
|
|
67A0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000003.00000002.4349873393.00000000067A0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
67A0000
|
Size: |
8192
|
|
6730000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4349659331.0000000006730000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6730000
|
Size: |
4096
|
|
1DDA71D6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2403139456.000001DDA71D6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DDA71D6000
|
Size: |
4096
|
|
1DD8EBF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377985342.000001DD8EBF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD8EBF0000
|
Size: |
65536
|
|
7F000000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000003.00000002.4349939517.000000007F000000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7F000000
|
Size: |
4096
|
|
1DDA73DC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2404558789.000001DDA73DC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DDA73DC000
|
Size: |
40960
|
|
1DD9F17A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2397399939.000001DD9F17A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD9F17A000
|
Size: |
274432
|
|
6240000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4349206095.0000000006240000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6240000
|
Size: |
53248
|
|
10E66BF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2376988652.00000010E66BF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
10E66BF000
|
Size: |
4096
|
|
14FC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4340545612.00000000014FC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
14FC000
|
Size: |
16384
|
|
1347000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000003.00000002.4340376308.0000000001347000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
1347000
|
Size: |
4096
|
|
F68000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4338557949.0000000000F68000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F68000
|
Size: |
139264
|
|
65D9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4349547427.00000000065D9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
65D9000
|
Size: |
16384
|
|
1DD8F110000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2378286858.000001DD8F110000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
1DD8F110000
|
Size: |
4096
|
|
7FF849000000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2406610196.00007FF849000000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF849000000
|
Size: |
12288
|
|
131D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000003.00000002.4340145125.000000000131D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
131D000
|
Size: |
4096
|
|
5DFE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4348849945.0000000005DFE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5DFE000
|
Size: |
8192
|
|
1DD8D2FC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377310008.000001DD8D2FC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DD8D2FC000
|
Size: |
4096
|
|
1DDA72C0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2404420384.000001DDA72C0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DDA72C0000
|
Size: |
4096
|
|
1DD8D180000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377244546.000001DD8D180000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DD8D180000
|
Size: |
4096
|
|
7FF849160000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2408713928.00007FF849160000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF849160000
|
Size: |
24576
|
|
7FF849050000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2407004672.00007FF849050000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF849050000
|
Size: |
65536
|
|
145F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4340473597.000000000145F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
145F000
|
Size: |
4096
|
|
1096000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4339869557.0000000001096000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1096000
|
Size: |
12288
|
|
1DD9F151000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2397399939.000001DD9F151000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD9F151000
|
Size: |
53248
|
|
1DDA7469000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2404558789.000001DDA7469000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DDA7469000
|
Size: |
4096
|
|
14BE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4340520848.00000000014BE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
14BE000
|
Size: |
8192
|
|
1DD8F5A6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2378338667.000001DD8F5A6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD8F5A6000
|
Size: |
32768
|
|
1DD8D250000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377310008.000001DD8D250000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DD8D250000
|
Size: |
28672
|
|
10E720E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377150959.00000010E720E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
10E720E000
|
Size: |
8192
|
|
7FF848E20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2405755724.00007FF848E20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF848E20000
|
Size: |
40960
|
|
101E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4338557949.000000000101E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
101E000
|
Size: |
8192
|
|
10E60FD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2376639181.00000010E60FD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
10E60FD000
|
Size: |
12288
|
|
5AEE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4348606081.0000000005AEE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5AEE000
|
Size: |
8192
|
|
2D80000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4340764362.0000000002D80000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2D80000
|
Size: |
65536
|
|
2DA0000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000003.00000002.4340916985.0000000002DA0000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
2DA0000
|
Size: |
4096
|
|
F96000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4338557949.0000000000F96000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F96000
|
Size: |
4096
|
|
1340000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4340353579.0000000001340000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1340000
|
Size: |
4096
|
|
12AD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4339978336.00000000012AD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
12AD000
|
Size: |
12288
|
|
10E643F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2376813723.00000010E643F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
10E643F000
|
Size: |
4096
|
|
10E64B7000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2376837484.00000010E64B7000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
10E64B7000
|
Size: |
36864
|
|
412000
|
remote allocation
|
page execute and read and write
|
|
|
|
Name: |
00000003.00000002.4338325548.0000000000412000.00000040.00000400.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
remote allocation
|
Protect: |
page execute and read and write
|
Base address: |
412000
|
Size: |
4096
|
|
F8B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4338557949.0000000000F8B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F8B000
|
Size: |
16384
|
|
1DD90526000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2378338667.000001DD90526000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD90526000
|
Size: |
1646592
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
105A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4338557949.000000000105A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
105A000
|
Size: |
4096
|
|
7FF849170000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2408769288.00007FF849170000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF849170000
|
Size: |
49152
|
|
1DDA7443000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2404558789.000001DDA7443000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DDA7443000
|
Size: |
4096
|
|
10E62FE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2376740189.00000010E62FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
10E62FE000
|
Size: |
8192
|
|
5393000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4348114305.0000000005393000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5393000
|
Size: |
8192
|
|
65C1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4349507737.00000000065C1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
65C1000
|
Size: |
16384
|
|
5EBE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4348971033.0000000005EBE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5EBE000
|
Size: |
8192
|
|
1DD8D4E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377653363.000001DD8D4E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD8D4E0000
|
Size: |
4096
|
|
2D90000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4340837506.0000000002D90000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2D90000
|
Size: |
65536
|
|
1DDA72E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2404420384.000001DDA72E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DDA72E0000
|
Size: |
20480
|
|
EF7000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4338487350.0000000000EF7000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
EF7000
|
Size: |
36864
|
|
1DD8F5A2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2378338667.000001DD8F5A2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD8F5A2000
|
Size: |
12288
|
|
3ED9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4347857576.0000000003ED9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3ED9000
|
Size: |
4096
|
|
7FF848FB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2406240762.00007FF848FB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF848FB0000
|
Size: |
65536
|
|
7FF849110000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2408157806.00007FF849110000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF849110000
|
Size: |
65536
|
|
7FF849030000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2406819926.00007FF849030000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF849030000
|
Size: |
65536
|
|
7FF848EC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2405848283.00007FF848EC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF848EC0000
|
Size: |
8192
|
|
7FF849120000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2408253933.00007FF849120000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF849120000
|
Size: |
65536
|
|
7FF849182000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2408883757.00007FF849182000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF849182000
|
Size: |
28672
|
|
541E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4348236607.000000000541E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
541E000
|
Size: |
8192
|
|
647E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4349459673.000000000647E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
647E000
|
Size: |
8192
|
|
1DD8D262000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377310008.000001DD8D262000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DD8D262000
|
Size: |
577536
|
|
7FF848EC6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2405887947.00007FF848EC6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF848EC6000
|
Size: |
24576
|
|
10E683B000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377106760.00000010E683B000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
10E683B000
|
Size: |
20480
|
|
102C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4338557949.000000000102C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
102C000
|
Size: |
167936
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
613C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4349119753.000000000613C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
613C000
|
Size: |
16384
|
|
1DD8D258000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377310008.000001DD8D258000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DD8D258000
|
Size: |
36864
|
|
7FF848FE0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2406520995.00007FF848FE0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF848FE0000
|
Size: |
4096
|
|
10E617E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2376665140.00000010E617E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
10E617E000
|
Size: |
8192
|
|
1DDA71D8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2403139456.000001DDA71D8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DDA71D8000
|
Size: |
286720
|
|
1DD8EB50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377734334.000001DD8EB50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD8EB50000
|
Size: |
16384
|
|
10E67BE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377060119.00000010E67BE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
10E67BE000
|
Size: |
8192
|
|
1026000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4338557949.0000000001026000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1026000
|
Size: |
20480
|
|
5799000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4348369738.0000000005799000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5799000
|
Size: |
28672
|
|
1DDA744E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2404558789.000001DDA744E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DDA744E000
|
Size: |
73728
|
|
7FF848FF2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2406549058.00007FF848FF2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF848FF2000
|
Size: |
49152
|
|
10E637D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2376765273.00000010E637D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
10E637D000
|
Size: |
12288
|
|
7FF8490D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2407761195.00007FF8490D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF8490D0000
|
Size: |
65536
|
|
1DD9F1C1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2397399939.000001DD9F1C1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD9F1C1000
|
Size: |
2166784
|
|
134B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000003.00000002.4340397614.000000000134B000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
134B000
|
Size: |
4096
|
|
7FF849150000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2408587079.00007FF849150000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF849150000
|
Size: |
57344
|
|
F60000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4338557949.0000000000F60000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F60000
|
Size: |
24576
|
|
1DD8F151000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2378338667.000001DD8F151000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD8F151000
|
Size: |
536576
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1332000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4340292351.0000000001332000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1332000
|
Size: |
4096
|
|
1DD8EC95000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2378096563.000001DD8EC95000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DD8EC95000
|
Size: |
20480
|
|
5390000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4348114305.0000000005390000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5390000
|
Size: |
4096
|
|
1320000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4340173319.0000000001320000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1320000
|
Size: |
8192
|
|
12EE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4340012605.00000000012EE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
12EE000
|
Size: |
8192
|
|
5FBD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4349009589.0000000005FBD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5FBD000
|
Size: |
12288
|
|
1DD8F140000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2378309067.000001DD8F140000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DD8F140000
|
Size: |
16384
|
|
7FF849010000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2406645631.00007FF849010000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF849010000
|
Size: |
65536
|
|
10E6538000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2376864738.00000010E6538000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
10E6538000
|
Size: |
32768
|
|
133A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000003.00000002.4340334571.000000000133A000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
133A000
|
Size: |
4096
|
|
7FF848FCA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2406361365.00007FF848FCA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF848FCA000
|
Size: |
24576
|
|
1DD8F1D7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2378338667.000001DD8F1D7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD8F1D7000
|
Size: |
1675264
|
|
1DDA7610000
|
trusted library section
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2405424394.000001DDA7610000.00000004.08000000.00040000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page read and write
|
Base address: |
1DDA7610000
|
Size: |
4096
|
|
5D7D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4348774712.0000000005D7D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5D7D000
|
Size: |
12288
|
|
1DDA7188000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2403139456.000001DDA7188000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DDA7188000
|
Size: |
8192
|
|
10E61FB000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2376689115.00000010E61FB000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
10E61FB000
|
Size: |
20480
|
|
F98000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4338557949.0000000000F98000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F98000
|
Size: |
16384
|
|
6770000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4349833965.0000000006770000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6770000
|
Size: |
4096
|
|
7FF849100000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2408058873.00007FF849100000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF849100000
|
Size: |
65536
|
|
7FF848E1D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.2405712654.00007FF848E1D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF848E1D000
|
Size: |
12288
|
|
1004000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4338557949.0000000001004000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1004000
|
Size: |
4096
|
|
2CC8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4340719087.0000000002CC8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2CC8000
|
Size: |
8192
|
|
1DDA73E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2404558789.000001DDA73E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1DDA73E7000
|
Size: |
12288
|
|
6724000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4349659331.0000000006724000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6724000
|
Size: |
4096
|
|
1350000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4340417180.0000000001350000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1350000
|
Size: |
16384
|
|
1517000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4340652845.0000000001517000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1517000
|
Size: |
12288
|
|
7FF848FC1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2406361365.00007FF848FC1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF848FC1000
|
Size: |
32768
|
|
60FE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4349087297.00000000060FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
60FE000
|
Size: |
8192
|
|
53DE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4348206365.00000000053DE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
53DE000
|
Size: |
8192
|
|
7FF849080000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2407279585.00007FF849080000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF849080000
|
Size: |
65536
|
|
7FF849090000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2407378567.00007FF849090000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF849090000
|
Size: |
65536
|
|
2DC0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4340937126.0000000002DC0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2DC0000
|
Size: |
12288
|
|
7FF849020000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2406726345.00007FF849020000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF849020000
|
Size: |
65536
|
|
5B00000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4348741248.0000000005B00000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5B00000
|
Size: |
8192
|
|
1DD8EBA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2377794373.000001DD8EBA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD8EBA0000
|
Size: |
20480
|
|
11AC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4339938209.00000000011AC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
11AC000
|
Size: |
16384
|
|
7FF849130000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2408399511.00007FF849130000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF849130000
|
Size: |
12288
|
|
3ED1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4347857576.0000000003ED1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3ED1000
|
Size: |
20480
|
|
1470000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4340496371.0000000001470000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1470000
|
Size: |
4096
|
|
7FF8490E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2407854294.00007FF8490E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF8490E0000
|
Size: |
65536
|
|
5AF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4348664350.0000000005AF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5AF0000
|
Size: |
32768
|
|
1DD906BB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2378338667.000001DD906BB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1DD906BB000
|
Size: |
798720
|
|
1357000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4340417180.0000000001357000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1357000
|
Size: |
8192
|
|
7FF8490F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.2407961642.00007FF8490F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF8490F0000
|
Size: |
65536
|
|
5FFC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.4349043880.0000000005FFC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5FFC000
|
Size: |
16384
|
|