5E2000
|
unkown
|
page readonly
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000000.00000000.1688110699.00000000005E2000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
5E2000
|
Size: |
217088
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected PureLog Stealer |
Stealing of Sensitive Information, Remote Access Functionality |
|
Found many strings related to Crypto-Wallets (likely being stolen) |
Stealing of Sensitive Information |
|
|
39A9000
|
trusted library allocation
|
page read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000000.00000002.1854832983.00000000039A9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39A9000
|
Size: |
487424
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found malware configuration |
AV Detection |
|
Yara detected PureLog Stealer |
Stealing of Sensitive Information, Remote Access Functionality |
|
Yara detected Vidar stealer |
Stealing of Sensitive Information, Remote Access Functionality |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
URLs found in memory or binary data |
Networking |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
400000
|
remote allocation
|
page execute and read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000001.00000002.2137621106.0000000000400000.00000040.00000400.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
remote allocation
|
Protect: |
page execute and read and write
|
Base address: |
400000
|
Size: |
126976
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Malicious sample detected (through community Yara rule) |
System Summary |
|
Yara detected Vidar stealer |
Stealing of Sensitive Information, Remote Access Functionality |
|
Yara signature match |
System Summary |
|
URLs found in memory or binary data |
Networking |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
46240040C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1828191893.000046240040C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
46240040C000
|
Size: |
4096
|
|
462400624000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1826700526.0000462400624000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400624000
|
Size: |
49152
|
|
6A5802EB4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1867091159.00006A5802EB4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802EB4000
|
Size: |
12288
|
|
25DD1424000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1846564336.0000025DD1424000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1424000
|
Size: |
8192
|
|
25DD141A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1864333765.0000025DD141A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141A000
|
Size: |
53248
|
|
3C7B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003C7B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3C7B000
|
Size: |
4096
|
|
9FE000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2234360828.00000000009FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
9FE000
|
Size: |
8192
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1846815399.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
6A58024A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1876739816.00006A58024A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58024A4000
|
Size: |
8192
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
A6F000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2234476791.0000000000A6F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
A6F000
|
Size: |
4096
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1855690687.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
16384
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1859386844.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
462400758000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1828393705.0000462400758000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400758000
|
Size: |
94208
|
|
F37000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1850898098.0000000000F37000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
F37000
|
Size: |
4096
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1848846882.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
20480
|
|
7C5800248000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1798409061.00007C5800248000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C5800248000
|
Size: |
4096
|
|
25DD141E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1864422420.0000025DD141E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141E000
|
Size: |
36864
|
|
6A5802EB4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1868948567.00006A5802EB4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802EB4000
|
Size: |
16384
|
|
25DD1976000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1847494813.0000025DD1976000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1976000
|
Size: |
81920
|
|
25DD140C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854630275.0000025DD140C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD140C000
|
Size: |
8192
|
|
4624006F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1827459082.00004624006F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4624006F0000
|
Size: |
49152
|
|
46240060C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1826721435.000046240060C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
46240060C000
|
Size: |
16384
|
|
2EAE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139010375.0000000002EAE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2EAE000
|
Size: |
8192
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1846760343.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
8192
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856210324.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
16384
|
|
6A58024A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1833291272.00006A58024A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58024A8000
|
Size: |
8192
|
|
3C98000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003C98000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3C98000
|
Size: |
8192
|
|
25DD142B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1865970202.0000025DD142B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD142B000
|
Size: |
32768
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1848910125.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
28672
|
|
3ED0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141203872.0000000003ED0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3ED0000
|
Size: |
4096
|
|
379B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.000000000379B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
379B000
|
Size: |
8192
|
|
55EC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2143362627.00000000055EC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55EC000
|
Size: |
16384
|
|
6A580256C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1869008924.00006A580256C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A580256C000
|
Size: |
12288
|
|
462400630000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1826511012.0000462400630000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400630000
|
Size: |
61440
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856831337.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
25DD1429000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1860556233.0000025DD1429000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1429000
|
Size: |
12288
|
|
EBF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1850615275.0000000000EBF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
EBF000
|
Size: |
4096
|
|
37A1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.00000000037A1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
37A1000
|
Size: |
24576
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found many strings related to Crypto-Wallets (likely being stolen) |
Stealing of Sensitive Information |
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1859791151.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
25DD1412000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854181377.0000025DD1412000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1412000
|
Size: |
16384
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854040494.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
25DD1429000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1858093808.0000025DD1429000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1429000
|
Size: |
12288
|
|
6A58023B4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1840079221.00006A58023B4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58023B4000
|
Size: |
8192
|
|
D7E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1850556488.0000000000D7E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
D7E000
|
Size: |
8192
|
|
3BD2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003BD2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3BD2000
|
Size: |
12288
|
|
49A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1856284501.00000000049A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49A8000
|
Size: |
8192
|
|
6A5802FE8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1862927913.00006A5802FE8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802FE8000
|
Size: |
12288
|
|
25DD140D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1848769471.0000025DD140D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD140D000
|
Size: |
4096
|
|
3F70000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141203872.0000000003F70000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3F70000
|
Size: |
761856
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6A5802E58000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1861808239.00006A5802E58000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802E58000
|
Size: |
61440
|
|
3BD6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003BD6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3BD6000
|
Size: |
4096
|
|
372D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.000000000372D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
372D000
|
Size: |
4096
|
|
462400354000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1825490293.0000462400354000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400354000
|
Size: |
16384
|
|
25DD1424000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856355061.0000025DD1424000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1424000
|
Size: |
8192
|
|
6A5802E3C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1866480539.00006A5802E3C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802E3C000
|
Size: |
12288
|
|
7C58002C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1803745821.00007C58002C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C58002C0000
|
Size: |
4096
|
|
3CFA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003CFA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3CFA000
|
Size: |
4096
|
|
2F7E000
|
unkown
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2235342073.0000000002F7E000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
2F7E000
|
Size: |
8192
|
|
6A5802578000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1873648558.00006A5802578000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802578000
|
Size: |
12288
|
|
25DD143A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1865226627.0000025DD143A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD143A000
|
Size: |
20480
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1859062556.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1847121057.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
28672
|
|
462400320000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1825527368.0000462400320000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400320000
|
Size: |
4096
|
|
29AE000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1852113490.00000000029AE000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
29AE000
|
Size: |
4096
|
|
25DD1427000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856986812.0000025DD1427000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1427000
|
Size: |
20480
|
|
6A580309C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1874449659.00006A580309C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A580309C000
|
Size: |
69632
|
|
7C58002A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1801144760.00007C58002A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C58002A0000
|
Size: |
4096
|
|
3CE6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003CE6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3CE6000
|
Size: |
4096
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854678614.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
20480
|
|
359F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139236839.000000000359F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
359F000
|
Size: |
4096
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1846564336.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
6A5802EA4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1867471263.00006A5802EA4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802EA4000
|
Size: |
12288
|
|
6A5802E54000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1861850572.00006A5802E54000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802E54000
|
Size: |
16384
|
|
6A58030CC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1867290198.00006A58030CC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58030CC000
|
Size: |
4096
|
|
BB5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2138020622.0000000000BB5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
BB5000
|
Size: |
20480
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1852359477.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
20480
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1857600798.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
3BBA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003BBA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3BBA000
|
Size: |
8192
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856079750.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1852469060.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
25DD1440000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1864610696.0000025DD1440000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1440000
|
Size: |
24576
|
|
3DEE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141065869.0000000003DEE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3DEE000
|
Size: |
24576
|
|
42CD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141793628.00000000042CD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
42CD000
|
Size: |
4096
|
|
3BC1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003BC1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3BC1000
|
Size: |
4096
|
|
25DD1429000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1860807753.0000025DD1429000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1429000
|
Size: |
12288
|
|
25DD142E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1864610696.0000025DD142E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD142E000
|
Size: |
4096
|
|
F00000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1850674133.0000000000F00000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
F00000
|
Size: |
4096
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854181377.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
28672
|
|
29AF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1852142085.00000000029AF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
29AF000
|
Size: |
5251072
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854701836.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1852565991.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
6A5802520000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1840005903.00006A5802520000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802520000
|
Size: |
12288
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856653670.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
24576
|
|
4868000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142234459.0000000004868000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4868000
|
Size: |
4096
|
|
6A5802E2C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1861672111.00006A5802E2C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802E2C000
|
Size: |
8192
|
|
BE2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2138065559.0000000000BE2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
BE2000
|
Size: |
139264
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
C37000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2138065559.0000000000C37000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
C37000
|
Size: |
303104
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found many strings related to Crypto-Wallets (likely being stolen) |
Stealing of Sensitive Information |
|
Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
URLs found in memory or binary data |
Networking |
|
|
427C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141793628.000000000427C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
427C000
|
Size: |
8192
|
|
6A580301C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1863391736.00006A580301C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A580301C000
|
Size: |
24576
|
|
39AC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140054141.00000000039AC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
39AC000
|
Size: |
16384
|
|
25DD1424000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1855841617.0000025DD1424000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1424000
|
Size: |
8192
|
|
3BB2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003BB2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3BB2000
|
Size: |
8192
|
|
25DD1411000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854446638.0000025DD1411000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1411000
|
Size: |
4096
|
|
371C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.000000000371C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
371C000
|
Size: |
12288
|
|
2F30000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2235322412.0000000002F30000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2F30000
|
Size: |
20480
|
|
28F2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1851421205.00000000028F2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28F2000
|
Size: |
57344
|
|
6A580260C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1876861843.00006A580260C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A580260C000
|
Size: |
290816
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
4490000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2235019921.0000000004490000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4490000
|
Size: |
16384
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1851604297.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
16384
|
|
25DD1411000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854257836.0000025DD1411000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1411000
|
Size: |
4096
|
|
6A5802578000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1866624562.00006A5802578000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802578000
|
Size: |
45056
|
|
47F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142234459.00000000047F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
47F3000
|
Size: |
4096
|
|
6A58024F7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1836519504.00006A58024F7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58024F7000
|
Size: |
8192
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1846941361.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
20480
|
|
3795000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.0000000003795000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3795000
|
Size: |
4096
|
|
47FE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142234459.00000000047FE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
47FE000
|
Size: |
4096
|
|
3372000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2235183844.0000000003372000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3372000
|
Size: |
4096
|
|
6A5802550000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1836040272.00006A5802550000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802550000
|
Size: |
4096
|
|
4624006E8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1827253856.00004624006E8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4624006E8000
|
Size: |
176128
|
|
25DD1429000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1858815917.0000025DD1429000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1429000
|
Size: |
12288
|
|
6A5802EA4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1874301738.00006A5802EA4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802EA4000
|
Size: |
12288
|
|
6A5802654000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1876861843.00006A5802654000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802654000
|
Size: |
61440
|
|
6A5802434000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1831396953.00006A5802434000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802434000
|
Size: |
225280
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1857030129.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
8192
|
|
6A580256C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1836222034.00006A580256C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A580256C000
|
Size: |
12288
|
|
7C58002C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1798900208.00007C58002C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C58002C0000
|
Size: |
4096
|
|
6A58023EC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1831678271.00006A58023EC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58023EC000
|
Size: |
16384
|
|
6A5803188000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1873860772.00006A5803188000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5803188000
|
Size: |
4096
|
|
3F3A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141203872.0000000003F3A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3F3A000
|
Size: |
4096
|
|
4FE4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142772855.0000000004FE4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4FE4000
|
Size: |
4096
|
|
462400760000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1828505067.0000462400760000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400760000
|
Size: |
61440
|
|
6A5802974000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1867568700.00006A5802974000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802974000
|
Size: |
32768
|
|
25DD1445000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1863202282.0000025DD1445000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1445000
|
Size: |
4096
|
|
462400424000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1846336155.0000462400424000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400424000
|
Size: |
4096
|
|
A20000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2234448978.0000000000A20000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A20000
|
Size: |
20480
|
|
3D77000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141065869.0000000003D77000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3D77000
|
Size: |
4096
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1851745947.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
28672
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1852384485.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
7DB000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2137780219.00000000007DB000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
7DB000
|
Size: |
20480
|
|
6A58024A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1863562316.00006A58024A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58024A4000
|
Size: |
36864
|
|
2920000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1851547642.0000000002920000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2920000
|
Size: |
86016
|
|
47B3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142234459.00000000047B3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
47B3000
|
Size: |
4096
|
|
3010000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2235382855.0000000003010000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3010000
|
Size: |
36864
|
|
6A5803250000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1874337811.00006A5803250000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5803250000
|
Size: |
98304
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6A580326C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1874642283.00006A580326C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A580326C000
|
Size: |
159744
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
3C44000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003C44000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3C44000
|
Size: |
4096
|
|
6A5802974000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1843226055.00006A5802974000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802974000
|
Size: |
4096
|
|
4B3D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1856341645.0000000004B3D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4B3D000
|
Size: |
12288
|
|
46240033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1828532536.000046240033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
46240033C000
|
Size: |
8192
|
|
61C000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000000.1688163409.000000000061C000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
61C000
|
Size: |
135168
|
|
25DD1424000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1859791151.0000025DD1424000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1424000
|
Size: |
16384
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1863565378.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
32768
|
|
302F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139051580.000000000302F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
302F000
|
Size: |
4096
|
|
2944000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1851681011.0000000002944000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2944000
|
Size: |
4096
|
|
3C9E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003C9E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3C9E000
|
Size: |
4096
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1857030129.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
25DD1411000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1849017434.0000025DD1411000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1411000
|
Size: |
4096
|
|
6A58023D4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1831845080.00006A58023D4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58023D4000
|
Size: |
16384
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1860556233.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
8192
|
|
E8E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2138783328.0000000000E8E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
E8E000
|
Size: |
8192
|
|
25DD1411000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1846892132.0000025DD1411000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1411000
|
Size: |
4096
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856210324.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
4E84000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142772855.0000000004E84000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4E84000
|
Size: |
4096
|
|
6A58024A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1873584316.00006A58024A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58024A4000
|
Size: |
8192
|
|
7C58002D8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1803713859.00007C58002D8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C58002D8000
|
Size: |
4096
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
25DD140D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1849017434.0000025DD140D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD140D000
|
Size: |
4096
|
|
462400684000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1826754570.0000462400684000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400684000
|
Size: |
159744
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2910000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1851498080.0000000002910000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
2910000
|
Size: |
4096
|
|
4624006D4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1827225798.00004624006D4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4624006D4000
|
Size: |
61440
|
|
6A5802EBC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1862529997.00006A5802EBC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802EBC000
|
Size: |
61440
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1852565991.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
7C58002A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1798792463.00007C58002A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C58002A0000
|
Size: |
4096
|
|
3CEF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003CEF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3CEF000
|
Size: |
4096
|
|
37AC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.00000000037AC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
37AC000
|
Size: |
8192
|
|
6A580241C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1831504867.00006A580241C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A580241C000
|
Size: |
16384
|
|
25DD1424000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1858093808.0000025DD1424000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1424000
|
Size: |
16384
|
|
C83000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2138065559.0000000000C83000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
C83000
|
Size: |
245760
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
3033000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2138835333.0000000003033000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3033000
|
Size: |
4096
|
|
6A5803128000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1867737025.00006A5803128000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5803128000
|
Size: |
4096
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1860903842.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
8192
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1851977303.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
28672
|
|
402C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141203872.000000000402C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
402C000
|
Size: |
471040
|
|
BB0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2138020622.0000000000BB0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
BB0000
|
Size: |
16384
|
|
25DD140C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854257836.0000025DD140C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD140C000
|
Size: |
8192
|
|
FCE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2138823103.0000000000FCE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
FCE000
|
Size: |
8192
|
|
6A5802564000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1877110965.00006A5802564000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802564000
|
Size: |
8192
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856355061.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
8192
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1852162447.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
20480
|
|
6A5802578000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1876964051.00006A5802578000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802578000
|
Size: |
12288
|
|
2969000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1851681011.0000000002969000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2969000
|
Size: |
4096
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1855912014.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
39EE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140076423.00000000039EE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
39EE000
|
Size: |
8192
|
|
87C000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2234249619.000000000087C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
87C000
|
Size: |
16384
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1860556233.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
25DD1411000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1848769471.0000025DD1411000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1411000
|
Size: |
4096
|
|
C21000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2138065559.0000000000C21000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
C21000
|
Size: |
57344
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
URLs found in memory or binary data |
Networking |
|
|
502E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142772855.000000000502E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
502E000
|
Size: |
4096
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1860084469.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
6A5802974000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1861466053.00006A5802974000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802974000
|
Size: |
32768
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1848658966.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
3735000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.0000000003735000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3735000
|
Size: |
4096
|
|
6A58023F8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1831589473.00006A58023F8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58023F8000
|
Size: |
16384
|
|
25DD1427000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1859000062.0000025DD1427000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1427000
|
Size: |
4096
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1849480715.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
16384
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1846564336.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
16384
|
|
7C58002E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1803729398.00007C58002E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C58002E4000
|
Size: |
4096
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
3033000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000003.2235127721.0000000003033000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3033000
|
Size: |
4096
|
|
6A5802654000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1875165947.00006A5802654000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802654000
|
Size: |
61440
|
|
25DD1424000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1859386844.0000025DD1424000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1424000
|
Size: |
16384
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1859062556.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
6CC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1847813102.00000000006CC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6CC000
|
Size: |
16384
|
|
462400418000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1832651503.0000462400418000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400418000
|
Size: |
4096
|
|
25DD1441000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1864364335.0000025DD1441000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1441000
|
Size: |
20480
|
|
AAE000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2234520816.0000000000AAE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
AAE000
|
Size: |
8192
|
|
307D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139075921.000000000307D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
307D000
|
Size: |
12288
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1852469060.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
28672
|
|
25DD1440000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1866422445.0000025DD1440000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1440000
|
Size: |
24576
|
|
6A5802918000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1840273650.00006A5802918000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802918000
|
Size: |
4096
|
|
462400330000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1825468534.0000462400330000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400330000
|
Size: |
4096
|
|
6A5802E20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1863155714.00006A5802E20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802E20000
|
Size: |
28672
|
|
6A5802EBC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1866328011.00006A5802EBC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802EBC000
|
Size: |
61440
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6A5802974000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1869947678.00006A5802974000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802974000
|
Size: |
36864
|
|
25DD142E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1864257808.0000025DD142E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD142E000
|
Size: |
4096
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1858093808.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
4624006B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1826843309.00004624006B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4624006B0000
|
Size: |
208896
|
|
A6C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1849348060.0000000000A6C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A6C000
|
Size: |
57344
|
|
3CD9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003CD9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3CD9000
|
Size: |
4096
|
|
AFA000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2137806476.0000000000AFA000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
AFA000
|
Size: |
8192
|
|
3722000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.0000000003722000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3722000
|
Size: |
8192
|
|
4624006D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1827147039.00004624006D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4624006D0000
|
Size: |
77824
|
|
2DAE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2138990335.0000000002DAE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2DAE000
|
Size: |
8192
|
|
ADD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1850161615.0000000000ADD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
ADD000
|
Size: |
12288
|
|
A7F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1849348060.0000000000A7F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A7F000
|
Size: |
4096
|
|
375E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.000000000375E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
375E000
|
Size: |
8192
|
|
4624006B4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1826909341.00004624006B4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4624006B4000
|
Size: |
192512
|
|
25DD199D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1847415930.0000025DD199D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD199D000
|
Size: |
86016
|
|
6A580260C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1861505424.00006A580260C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A580260C000
|
Size: |
253952
|
|
56EF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2143390512.00000000056EF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
56EF000
|
Size: |
4096
|
|
6A5802538000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1835639232.00006A5802538000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802538000
|
Size: |
4096
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1851977303.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
12288
|
|
4928000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142234459.0000000004928000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4928000
|
Size: |
4096
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1858815917.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
7C58002BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1798922290.00007C58002BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C58002BC000
|
Size: |
4096
|
|
4345000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141793628.0000000004345000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4345000
|
Size: |
4096
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1837590814.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
8192
|
|
AFD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1850161615.0000000000AFD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
AFD000
|
Size: |
4096
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854349082.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
7C58002B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1801362943.00007C58002B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C58002B0000
|
Size: |
4096
|
|
7C58002B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1798757767.00007C58002B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C58002B0000
|
Size: |
4096
|
|
25DD1424000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856520243.0000025DD1424000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1424000
|
Size: |
12288
|
|
32BC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139140875.00000000032BC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
32BC000
|
Size: |
16384
|
|
376B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.000000000376B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
376B000
|
Size: |
12288
|
|
25DD1427000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1858736006.0000025DD1427000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1427000
|
Size: |
4096
|
|
3706000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.0000000003706000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3706000
|
Size: |
20480
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
25DD19F4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1884558086.0000025DD19F4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD19F4000
|
Size: |
4096
|
|
A10000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1848839346.0000000000A10000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A10000
|
Size: |
16384
|
|
F04000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1850724719.0000000000F04000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
F04000
|
Size: |
4096
|
|
462400248000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1825152888.0000462400248000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400248000
|
Size: |
4096
|
|
25DD140D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1846892132.0000025DD140D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD140D000
|
Size: |
4096
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1855912014.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
16384
|
|
25DD1411000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1836859225.0000025DD1411000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1411000
|
Size: |
4096
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1852533143.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
20480
|
|
6A580309C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1876315501.00006A580309C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A580309C000
|
Size: |
73728
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1846969936.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
4F6E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142772855.0000000004F6E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4F6E000
|
Size: |
4096
|
|
25DD1429000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1860084469.0000025DD1429000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1429000
|
Size: |
12288
|
|
6A5802414000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1831526909.00006A5802414000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802414000
|
Size: |
16384
|
|
3C3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003C3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3C3B000
|
Size: |
16384
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1852637860.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
20480
|
|
6A58034A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1877565152.00006A58034A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58034A8000
|
Size: |
53248
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856570143.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
6A5802EA4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1876075596.00006A5802EA4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802EA4000
|
Size: |
16384
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
25DD142E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1863202282.0000025DD142E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD142E000
|
Size: |
4096
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854858087.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
20480
|
|
3C73000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003C73000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3C73000
|
Size: |
16384
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1852091992.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1855409052.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
20480
|
|
25DD1428000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1865701712.0000025DD1428000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1428000
|
Size: |
4096
|
|
28A0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1851185774.00000000028A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28A0000
|
Size: |
4096
|
|
25DD1440000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1865226627.0000025DD1440000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1440000
|
Size: |
24576
|
|
3EC5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141203872.0000000003EC5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3EC5000
|
Size: |
4096
|
|
489E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142234459.000000000489E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
489E000
|
Size: |
4096
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854510983.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
20480
|
|
462400664000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1826668639.0000462400664000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400664000
|
Size: |
77824
|
|
6A58023E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1831740860.00006A58023E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58023E4000
|
Size: |
16384
|
|
3CAF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003CAF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3CAF000
|
Size: |
24576
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1852565991.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
28672
|
|
3BCA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003BCA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3BCA000
|
Size: |
8192
|
|
48B3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142234459.00000000048B3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
48B3000
|
Size: |
4096
|
|
3CDE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003CDE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3CDE000
|
Size: |
8192
|
|
3766000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.0000000003766000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3766000
|
Size: |
8192
|
|
6A58033B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1876544654.00006A58033B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58033B0000
|
Size: |
139264
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2E40000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2235280767.0000000002E40000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E40000
|
Size: |
4096
|
|
6A5802EBC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1870686842.00006A5802EBC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802EBC000
|
Size: |
20480
|
|
4789000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142234459.0000000004789000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4789000
|
Size: |
4096
|
|
349E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139212899.000000000349E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
349E000
|
Size: |
8192
|
|
2900000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1851454230.0000000002900000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
2900000
|
Size: |
24576
|
|
6A5802EA4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1866262412.00006A5802EA4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802EA4000
|
Size: |
16384
|
|
2B2E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2138913253.0000000002B2E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2B2E000
|
Size: |
8192
|
|
6A5802564000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1867214641.00006A5802564000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802564000
|
Size: |
8192
|
|
25DD1411000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1847044709.0000025DD1411000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1411000
|
Size: |
4096
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854538083.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
12288
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1852063192.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
20480
|
|
3D52000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003D52000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3D52000
|
Size: |
57344
|
|
6A5803188000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1875973956.00006A5803188000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5803188000
|
Size: |
4096
|
|
28D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1851311322.00000000028D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28D0000
|
Size: |
65536
|
|
2954000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1851681011.0000000002954000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2954000
|
Size: |
8192
|
|
25DD1429000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1857600798.0000025DD1429000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1429000
|
Size: |
12288
|
|
46240035C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1825944047.000046240035C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
46240035C000
|
Size: |
24576
|
|
6A5802974000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1866061961.00006A5802974000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802974000
|
Size: |
32768
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
618000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000000.1688145752.0000000000618000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
618000
|
Size: |
4096
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
|
C7D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1850518659.0000000000C7D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
C7D000
|
Size: |
12288
|
|
434D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141793628.000000000434D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
434D000
|
Size: |
4096
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1849082554.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
20480
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1847238219.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
20480
|
|
39A1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1854832983.00000000039A1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39A1000
|
Size: |
20480
|
|
25DD1427000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1860807753.0000025DD1427000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1427000
|
Size: |
4096
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1851954384.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
20480
|
|
25DD1440000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1865543141.0000025DD1440000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1440000
|
Size: |
24576
|
|
25DD1428000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1864912424.0000025DD1428000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1428000
|
Size: |
94208
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1852281884.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
25DD1429000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1859791151.0000025DD1429000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1429000
|
Size: |
12288
|
|
AEE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2137806476.0000000000AEE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
AEE000
|
Size: |
4096
|
|
83C000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2234143503.000000000083C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
83C000
|
Size: |
16384
|
|
2990000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1852037818.0000000002990000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2990000
|
Size: |
4096
|
|
25DD140C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1855337436.0000025DD140C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD140C000
|
Size: |
8192
|
|
25DD1424000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1860084469.0000025DD1424000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1424000
|
Size: |
16384
|
|
37B6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.00000000037B6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
37B6000
|
Size: |
45056
|
|
431D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141793628.000000000431D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
431D000
|
Size: |
4096
|
|
6A58024B8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1834590895.00006A58024B8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58024B8000
|
Size: |
4096
|
|
7C58002BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1798880797.00007C58002BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C58002BC000
|
Size: |
4096
|
|
4624006E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1827171451.00004624006E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4624006E4000
|
Size: |
192512
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1851604297.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
3D70000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141065869.0000000003D70000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3D70000
|
Size: |
16384
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856696705.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
6A5802EB4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1866096432.00006A5802EB4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802EB4000
|
Size: |
16384
|
|
3C13000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003C13000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3C13000
|
Size: |
12288
|
|
C20000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1850448946.0000000000C20000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
C20000
|
Size: |
8192
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854538083.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
28672
|
|
3A10000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140098091.0000000003A10000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3A10000
|
Size: |
4096
|
|
3CC9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003CC9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3CC9000
|
Size: |
8192
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1851745947.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
12288
|
|
372F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.000000000372F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
372F000
|
Size: |
8192
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1846969936.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
28672
|
|
7C58002BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1798838440.00007C58002BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C58002BC000
|
Size: |
4096
|
|
6A58024C4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1834109236.00006A58024C4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58024C4000
|
Size: |
4096
|
|
25DD1441000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1863101016.0000025DD1441000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1441000
|
Size: |
20480
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1852442757.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
20480
|
|
B40000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1850399347.0000000000B40000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
B40000
|
Size: |
4096
|
|
25DD1424000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1846760343.0000025DD1424000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1424000
|
Size: |
8192
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1855690687.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
25DD1424000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1859062556.0000025DD1424000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1424000
|
Size: |
16384
|
|
25DD140D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1849631516.0000025DD140D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD140D000
|
Size: |
4096
|
|
3C64000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003C64000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3C64000
|
Size: |
16384
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1852281884.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
3DE2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141065869.0000000003DE2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3DE2000
|
Size: |
8192
|
|
B17000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2234979977.0000000000B17000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
B17000
|
Size: |
49152
|
|
3732000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.0000000003732000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3732000
|
Size: |
8192
|
|
25DD1429000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1857905457.0000025DD1429000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1429000
|
Size: |
12288
|
|
6A5802564000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1836101641.00006A5802564000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802564000
|
Size: |
8192
|
|
25DD141A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1865292976.0000025DD141A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141A000
|
Size: |
53248
|
|
6A58023B4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1833376417.00006A58023B4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58023B4000
|
Size: |
16384
|
|
2C2F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2138933939.0000000002C2F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2C2F000
|
Size: |
4096
|
|
6A5803188000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1874495488.00006A5803188000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5803188000
|
Size: |
4096
|
|
7C58002C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1801340571.00007C58002C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C58002C0000
|
Size: |
4096
|
|
462400320000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1825187027.0000462400320000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400320000
|
Size: |
4096
|
|
462400368000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1825545778.0000462400368000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400368000
|
Size: |
4096
|
|
3C91000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003C91000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3C91000
|
Size: |
20480
|
|
4791000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142234459.0000000004791000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4791000
|
Size: |
12288
|
|
2975000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1851681011.0000000002975000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2975000
|
Size: |
36864
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1852384485.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
28672
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1851745947.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
289F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1851132709.000000000289F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
289F000
|
Size: |
4096
|
|
37B1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.00000000037B1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
37B1000
|
Size: |
12288
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1847121057.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
6A5802564000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1874017592.00006A5802564000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802564000
|
Size: |
16384
|
|
25DD1411000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1849631516.0000025DD1411000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1411000
|
Size: |
4096
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1849480715.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
8192
|
|
25DD1427000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1857344682.0000025DD1427000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1427000
|
Size: |
4096
|
|
25DD142E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1865543141.0000025DD142E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD142E000
|
Size: |
4096
|
|
46240069C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1827310364.000046240069C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
46240069C000
|
Size: |
61440
|
|
25DD1411000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1848531529.0000025DD1411000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1411000
|
Size: |
4096
|
|
3F50000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141203872.0000000003F50000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3F50000
|
Size: |
4096
|
|
31BB000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139117703.00000000031BB000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
31BB000
|
Size: |
20480
|
|
25DD141E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1836673188.0000025DD141E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141E000
|
Size: |
8192
|
|
C30000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1850485214.0000000000C30000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
C30000
|
Size: |
4096
|
|
6A5802654000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1867152442.00006A5802654000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802654000
|
Size: |
61440
|
|
6A58031D8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1873956895.00006A58031D8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58031D8000
|
Size: |
45056
|
|
462400644000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1826614212.0000462400644000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400644000
|
Size: |
61440
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856797844.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
24576
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1848289460.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
F2A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1850859804.0000000000F2A000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
F2A000
|
Size: |
4096
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1846815399.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
28672
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854538083.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
462400620000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1826463855.0000462400620000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400620000
|
Size: |
126976
|
|
46240075C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1828450275.000046240075C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
46240075C000
|
Size: |
77824
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854349082.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
28672
|
|
374B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.000000000374B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
374B000
|
Size: |
12288
|
|
6A58028D8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1840137291.00006A58028D8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58028D8000
|
Size: |
8192
|
|
3BF5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003BF5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3BF5000
|
Size: |
20480
|
|
462400700000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1827329876.0000462400700000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400700000
|
Size: |
77824
|
|
6A58008C4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1874070463.00006A58008C4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58008C4000
|
Size: |
4096
|
|
F9E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1850986004.0000000000F9E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
F9E000
|
Size: |
8192
|
|
25DD1427000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1863968604.0000025DD1427000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1427000
|
Size: |
20480
|
|
6A5802428000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1831277407.00006A5802428000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802428000
|
Size: |
274432
|
|
25DD1429000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1859062556.0000025DD1429000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1429000
|
Size: |
12288
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1852091992.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
F10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1850754513.0000000000F10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
F10000
|
Size: |
12288
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856413219.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
25DD1412000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1837590814.0000025DD1412000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1412000
|
Size: |
16384
|
|
3C6B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003C6B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3C6B000
|
Size: |
12288
|
|
7C58002BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1798815426.00007C58002BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C58002BC000
|
Size: |
4096
|
|
37D7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.00000000037D7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
37D7000
|
Size: |
57344
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1848289460.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
25DD1445000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1863744528.0000025DD1445000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1445000
|
Size: |
4096
|
|
25DD198B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1847494813.0000025DD198B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD198B000
|
Size: |
4096
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1858093808.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
25DD140C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854804115.0000025DD140C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD140C000
|
Size: |
8192
|
|
4624006C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1826947764.00004624006C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4624006C8000
|
Size: |
110592
|
|
25DD1429000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1860034352.0000025DD1429000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1429000
|
Size: |
12288
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856019011.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
8192
|
|
F3B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1850931370.0000000000F3B000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
F3B000
|
Size: |
4096
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854040494.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
4E80000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1856384093.0000000004E80000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4E80000
|
Size: |
110592
|
|
6A58025A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1868770762.00006A58025A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58025A8000
|
Size: |
61440
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found strings which match to known social media urls |
Networking |
|
|
25DD1411000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1855337436.0000025DD1411000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1411000
|
Size: |
4096
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1852184658.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
6A5802FA4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1867024962.00006A5802FA4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802FA4000
|
Size: |
28672
|
|
7C58002BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1801167934.00007C58002BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C58002BC000
|
Size: |
4096
|
|
6A5803110000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1867672056.00006A5803110000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5803110000
|
Size: |
4096
|
|
3E70000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141203872.0000000003E70000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3E70000
|
Size: |
4096
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1859791151.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
8192
|
|
462400754000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1828338407.0000462400754000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400754000
|
Size: |
110592
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856413219.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
4F80000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1856804055.0000000004F80000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F80000
|
Size: |
32768
|
|
4295000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141793628.0000000004295000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4295000
|
Size: |
4096
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6A580308C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1866674420.00006A580308C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A580308C000
|
Size: |
4096
|
|
25DD1411000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1846674430.0000025DD1411000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1411000
|
Size: |
4096
|
|
25DD143F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1863202282.0000025DD143F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD143F000
|
Size: |
16384
|
|
C07000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2138065559.0000000000C07000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
C07000
|
Size: |
98304
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6A58031C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1869751004.00006A58031C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58031C8000
|
Size: |
4096
|
|
6A5802558000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1836078169.00006A5802558000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802558000
|
Size: |
8192
|
|
462400788000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1826295664.0000462400788000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400788000
|
Size: |
4096
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1837590814.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
4096
|
|
37C4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.00000000037C4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
37C4000
|
Size: |
8192
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1849601583.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
8192
|
|
6A58023DC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1831792476.00006A58023DC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58023DC000
|
Size: |
16384
|
|
25DD1429000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1858736006.0000025DD1429000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1429000
|
Size: |
12288
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1858815917.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
12288
|
|
3BE4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003BE4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3BE4000
|
Size: |
4096
|
|
FE0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2138848105.0000000000FE0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FE0000
|
Size: |
49152
|
|
6A580220C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1828395821.00006A580220C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A580220C000
|
Size: |
4096
|
|
25DD1427000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1857905457.0000025DD1427000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1427000
|
Size: |
4096
|
|
6A5803188000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1868276936.00006A5803188000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5803188000
|
Size: |
4096
|
|
462400714000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1827407812.0000462400714000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400714000
|
Size: |
53248
|
|
2F20000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2235302046.0000000002F20000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2F20000
|
Size: |
4096
|
|
6A5802EA4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1877778596.00006A5802EA4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802EA4000
|
Size: |
40960
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1851700557.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
20480
|
|
A40000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1849348060.0000000000A40000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A40000
|
Size: |
24576
|
|
2F2E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139030503.0000000002F2E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2F2E000
|
Size: |
8192
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1857030129.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1847090645.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
20480
|
|
6A580309C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1866758652.00006A580309C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A580309C000
|
Size: |
69632
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856148550.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
8192
|
|
25DD1427000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1859298702.0000025DD1427000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1427000
|
Size: |
4096
|
|
6A5802578000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1876025085.00006A5802578000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802578000
|
Size: |
8192
|
|
25DD1429000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1860903842.0000025DD1429000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1429000
|
Size: |
12288
|
|
3C42000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003C42000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3C42000
|
Size: |
4096
|
|
6A5802974000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1876114099.00006A5802974000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802974000
|
Size: |
36864
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
AFF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2137806476.0000000000AFF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
AFF000
|
Size: |
4096
|
|
3D32000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003D32000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3D32000
|
Size: |
4096
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1851977303.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
462400694000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1827204681.0000462400694000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400694000
|
Size: |
16384
|
|
AFD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2137806476.0000000000AFD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
AFD000
|
Size: |
4096
|
|
6A5800DA2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1853047597.00006A5800DA2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5800DA2000
|
Size: |
4096
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
3CB9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003CB9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3CB9000
|
Size: |
4096
|
|
6A58025A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1871869336.00006A58025A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58025A8000
|
Size: |
69632
|
|
25DD1440000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1864982229.0000025DD1440000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1440000
|
Size: |
24576
|
|
B8D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2137980841.0000000000B8D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
B8D000
|
Size: |
12288
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1848289460.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
28672
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1855056533.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
3DDD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141065869.0000000003DDD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3DDD000
|
Size: |
8192
|
|
25DD1427000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1860034352.0000025DD1427000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1427000
|
Size: |
4096
|
|
3EDA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141203872.0000000003EDA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3EDA000
|
Size: |
4096
|
|
25DD1427000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1859637797.0000025DD1427000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1427000
|
Size: |
4096
|
|
377F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.000000000377F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
377F000
|
Size: |
12288
|
|
462400640000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1826549514.0000462400640000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400640000
|
Size: |
77824
|
|
4893000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142234459.0000000004893000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4893000
|
Size: |
4096
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856520243.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
8192
|
|
462400614000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1826644657.0000462400614000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400614000
|
Size: |
49152
|
|
3C83000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003C83000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3C83000
|
Size: |
16384
|
|
25DD140C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854446638.0000025DD140C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD140C000
|
Size: |
8192
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854319065.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
20480
|
|
7C58002C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1803689001.00007C58002C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C58002C8000
|
Size: |
4096
|
|
25DD141C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1865701712.0000025DD141C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141C000
|
Size: |
45056
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856696705.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1855056533.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
12288
|
|
3737000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.0000000003737000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3737000
|
Size: |
12288
|
|
301B000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2235382855.000000000301B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
301B000
|
Size: |
28672
|
|
25DD140D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1847186059.0000025DD140D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD140D000
|
Size: |
4096
|
|
6A5802EBC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1873064958.00006A5802EBC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802EBC000
|
Size: |
20480
|
|
36F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.00000000036F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
36F0000
|
Size: |
61440
|
|
3CD5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003CD5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3CD5000
|
Size: |
4096
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1848910125.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
25DD1A04000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1884558086.0000025DD1A04000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1A04000
|
Size: |
8192
|
|
25DD140D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1846674430.0000025DD140D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD140D000
|
Size: |
4096
|
|
28C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1851214606.00000000028C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
28C0000
|
Size: |
49152
|
|
4624002FC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1825205401.00004624002FC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4624002FC000
|
Size: |
69632
|
|
25DD141A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1836673188.0000025DD141A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141A000
|
Size: |
12288
|
|
462400320000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1828552582.0000462400320000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400320000
|
Size: |
4096
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854138534.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
20480
|
|
462400354000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1825590288.0000462400354000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400354000
|
Size: |
16384
|
|
3D42000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003D42000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3D42000
|
Size: |
4096
|
|
8E0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2234330573.00000000008E0000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
8E0000
|
Size: |
4096
|
|
6A5802520000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1863532622.00006A5802520000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802520000
|
Size: |
8192
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1859062556.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
8192
|
|
372A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.000000000372A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
372A000
|
Size: |
8192
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1857600798.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
8192
|
|
6A58024AE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1863562316.00006A58024AE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58024AE000
|
Size: |
8192
|
|
29A1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1852077730.00000000029A1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
29A1000
|
Size: |
53248
|
|
3CA7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003CA7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3CA7000
|
Size: |
4096
|
|
6A5802E1C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1876702520.00006A5802E1C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802E1C000
|
Size: |
45056
|
|
25DD1427000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1860275770.0000025DD1427000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1427000
|
Size: |
4096
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1860084469.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
8192
|
|
3C1B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003C1B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3C1B000
|
Size: |
8192
|
|
6A5802E1C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1863155714.00006A5802E1C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802E1C000
|
Size: |
12288
|
|
EF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1850645217.0000000000EF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
EF0000
|
Size: |
4096
|
|
6A5802520000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1861622528.00006A5802520000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802520000
|
Size: |
8192
|
|
3CA5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003CA5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3CA5000
|
Size: |
4096
|
|
4355000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141793628.0000000004355000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4355000
|
Size: |
4096
|
|
4EAE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142772855.0000000004EAE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4EAE000
|
Size: |
4096
|
|
FEE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2138848105.0000000000FEE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FEE000
|
Size: |
4096
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854701836.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1858815917.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
8192
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1852469060.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
25DD1424000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1855690687.0000025DD1424000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1424000
|
Size: |
8192
|
|
3761000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.0000000003761000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3761000
|
Size: |
4096
|
|
25DD1429000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1859637797.0000025DD1429000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1429000
|
Size: |
12288
|
|
37D1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.00000000037D1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
37D1000
|
Size: |
4096
|
|
6A58023E8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1831706681.00006A58023E8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58023E8000
|
Size: |
16384
|
|
4624006FC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1827284030.00004624006FC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4624006FC000
|
Size: |
94208
|
|
25DD1429000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1859000062.0000025DD1429000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1429000
|
Size: |
12288
|
|
ECE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2138802877.0000000000ECE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
ECE000
|
Size: |
8192
|
|
25DD143F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1862753038.0000025DD143F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD143F000
|
Size: |
16384
|
|
6A580242C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1831320753.00006A580242C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A580242C000
|
Size: |
258048
|
|
3754000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.0000000003754000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3754000
|
Size: |
4096
|
|
3F30000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141203872.0000000003F30000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3F30000
|
Size: |
4096
|
|
25DD1424000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1858815917.0000025DD1424000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1424000
|
Size: |
16384
|
|
25DD1427000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1861150069.0000025DD1427000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1427000
|
Size: |
4096
|
|
3BED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003BED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3BED000
|
Size: |
8192
|
|
7C58002A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1798726867.00007C58002A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C58002A0000
|
Size: |
4096
|
|
462400668000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1826783905.0000462400668000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400668000
|
Size: |
61440
|
|
343E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139189204.000000000343E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
343E000
|
Size: |
8192
|
|
46240033C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1825435106.000046240033C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
46240033C000
|
Size: |
8192
|
|
F03000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1850700528.0000000000F03000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
F03000
|
Size: |
4096
|
|
48A8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142234459.00000000048A8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
48A8000
|
Size: |
4096
|
|
25DD1429000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1861150069.0000025DD1429000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1429000
|
Size: |
12288
|
|
25DD1432000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1866422445.0000025DD1432000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1432000
|
Size: |
16384
|
|
4E4C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142772855.0000000004E4C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4E4C000
|
Size: |
12288
|
|
3370000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2235545136.0000000003370000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3370000
|
Size: |
8192
|
|
25DD141E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1866158554.0000025DD141E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141E000
|
Size: |
36864
|
|
25DD142C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1866422445.0000025DD142C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD142C000
|
Size: |
8192
|
|
3CCD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003CCD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3CCD000
|
Size: |
12288
|
|
6A5800A5E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1862848891.00006A5800A5E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5800A5E000
|
Size: |
4096
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854040494.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
28672
|
|
25DD1440000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1865658054.0000025DD1440000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1440000
|
Size: |
24576
|
|
25DD1441000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1865761681.0000025DD1441000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1441000
|
Size: |
20480
|
|
6A5802564000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1841132768.00006A5802564000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802564000
|
Size: |
8192
|
|
6A58025A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1866713608.00006A58025A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58025A8000
|
Size: |
69632
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6A5802520000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1868508514.00006A5802520000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802520000
|
Size: |
8192
|
|
5080000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1856923917.0000000005080000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
5080000
|
Size: |
4096
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1852281884.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
28672
|
|
3769000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.0000000003769000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3769000
|
Size: |
4096
|
|
6A5802418000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1831462047.00006A5802418000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802418000
|
Size: |
49152
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856831337.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
8192
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1855056533.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
28672
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1860903842.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
12288
|
|
7C58002C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1798942462.00007C58002C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C58002C0000
|
Size: |
4096
|
|
25DD1429000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1857344682.0000025DD1429000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1429000
|
Size: |
12288
|
|
AEF000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2234960172.0000000000AEF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
AEF000
|
Size: |
4096
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856210324.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
25DD1A0D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1884558086.0000025DD1A0D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1A0D000
|
Size: |
8192
|
|
6A58023AC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1831221998.00006A58023AC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58023AC000
|
Size: |
4096
|
|
6A58008F6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1849119847.00006A58008F6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58008F6000
|
Size: |
4096
|
|
25DD1424000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856079750.0000025DD1424000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1424000
|
Size: |
8192
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856570143.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
25DD1411000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854630275.0000025DD1411000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1411000
|
Size: |
4096
|
|
25DD1440000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1864756430.0000025DD1440000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1440000
|
Size: |
24576
|
|
6A5802420000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1831483994.00006A5802420000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802420000
|
Size: |
16384
|
|
25DD1429000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1859298702.0000025DD1429000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1429000
|
Size: |
12288
|
|
6A5802E78000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1861713591.00006A5802E78000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802E78000
|
Size: |
4096
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1846969936.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
462400654000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1826577492.0000462400654000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400654000
|
Size: |
143360
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1852258411.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
20480
|
|
462400750000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1828367313.0000462400750000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400750000
|
Size: |
16384
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1848658966.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
6A5802410000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1831548547.00006A5802410000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802410000
|
Size: |
16384
|
|
35F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139303982.00000000035F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
35F0000
|
Size: |
237568
|
|
6A5803358000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1877030160.00006A5803358000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5803358000
|
Size: |
356352
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
462400610000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1826415284.0000462400610000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400610000
|
Size: |
192512
|
|
25DD1991000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1847494813.0000025DD1991000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1991000
|
Size: |
49152
|
|
FE0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1851051187.0000000000FE0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
FE0000
|
Size: |
65536
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1849480715.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
6A58024F4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1836519504.00006A58024F4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58024F4000
|
Size: |
4096
|
|
2AD0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2138894535.0000000002AD0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2AD0000
|
Size: |
4096
|
|
B90000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2138001611.0000000000B90000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
B90000
|
Size: |
8192
|
|
7C58002BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1798775072.00007C58002BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C58002BC000
|
Size: |
4096
|
|
6A5803018000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1863391736.00006A5803018000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5803018000
|
Size: |
8192
|
|
25DD1440000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1864257808.0000025DD1440000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1440000
|
Size: |
24576
|
|
462400678000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1827365831.0000462400678000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400678000
|
Size: |
49152
|
|
420000
|
remote allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.2137621106.0000000000420000.00000040.00000400.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
remote allocation
|
Protect: |
page execute and read and write
|
Base address: |
420000
|
Size: |
8192
|
|
43E5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141793628.00000000043E5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
43E5000
|
Size: |
4096
|
|
317C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139096357.000000000317C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
317C000
|
Size: |
16384
|
|
25DD1411000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1837801193.0000025DD1411000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1411000
|
Size: |
4096
|
|
25DD140D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1847044709.0000025DD140D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD140D000
|
Size: |
4096
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1851604297.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
28672
|
|
4624003EC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1825995441.00004624003EC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4624003EC000
|
Size: |
8192
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1852184658.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
28672
|
|
370C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.000000000370C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
370C000
|
Size: |
12288
|
|
6A580256C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1877719365.00006A580256C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A580256C000
|
Size: |
36864
|
|
6A5802EDC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1863875730.00006A5802EDC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802EDC000
|
Size: |
20480
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
35E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139281161.00000000035E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
35E0000
|
Size: |
4096
|
|
25DD1437000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1866422445.0000025DD1437000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1437000
|
Size: |
8192
|
|
25DD140D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1837801193.0000025DD140D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD140D000
|
Size: |
4096
|
|
3C7D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003C7D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3C7D000
|
Size: |
4096
|
|
3763000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.0000000003763000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3763000
|
Size: |
8192
|
|
6A5802EB4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1862477646.00006A5802EB4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802EB4000
|
Size: |
16384
|
|
A85000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1849348060.0000000000A85000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A85000
|
Size: |
147456
|
|
462400408000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1828123180.0000462400408000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400408000
|
Size: |
4096
|
|
6A580320C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1872178236.00006A580320C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A580320C000
|
Size: |
69632
|
|
6A5803150000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1874145681.00006A5803150000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5803150000
|
Size: |
53248
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
25DD1425000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856831337.0000025DD1425000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1425000
|
Size: |
28672
|
|
462400734000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1828427407.0000462400734000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400734000
|
Size: |
61440
|
|
3BDC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003BDC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3BDC000
|
Size: |
12288
|
|
462400658000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1827389109.0000462400658000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400658000
|
Size: |
49152
|
|
37CA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.00000000037CA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
37CA000
|
Size: |
4096
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856696705.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
32768
|
|
6A58034B8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1877514832.00006A58034B8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58034B8000
|
Size: |
8192
|
|
46240039C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1826326276.000046240039C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
46240039C000
|
Size: |
323584
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856570143.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
32768
|
|
25DD1440000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1863968604.0000025DD1440000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1440000
|
Size: |
24576
|
|
25DD1442000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1862804390.0000025DD1442000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1442000
|
Size: |
4096
|
|
4E6E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142772855.0000000004E6E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4E6E000
|
Size: |
4096
|
|
4F59000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142772855.0000000004F59000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4F59000
|
Size: |
4096
|
|
6A58031E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1871249456.00006A58031E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58031E4000
|
Size: |
94208
|
|
5E0000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000000.1688048014.00000000005E0000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
5E0000
|
Size: |
4096
|
|
6A5800DAE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1884272551.00006A5800DAE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5800DAE000
|
Size: |
4096
|
|
DBE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1850583436.0000000000DBE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
DBE000
|
Size: |
8192
|
|
BC0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2138065559.0000000000BC0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
BC0000
|
Size: |
24576
|
|
6A58024A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1868469368.00006A58024A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58024A4000
|
Size: |
8192
|
|
462400688000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1826877060.0000462400688000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400688000
|
Size: |
65536
|
|
6A5803160000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1869588163.00006A5803160000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5803160000
|
Size: |
151552
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found strings which match to known social media urls |
Networking |
|
|
B10000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2234979977.0000000000B10000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
B10000
|
Size: |
20480
|
|
6A58026CC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1839701267.00006A58026CC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58026CC000
|
Size: |
20480
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
AEC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2137806476.0000000000AEC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
AEC000
|
Size: |
4096
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1860903842.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
2980000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1852010678.0000000002980000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2980000
|
Size: |
36864
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1848626562.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
20480
|
|
42AD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141793628.00000000042AD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
42AD000
|
Size: |
4096
|
|
6A58024AA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1862206988.00006A58024AA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58024AA000
|
Size: |
24576
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1859791151.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
12288
|
|
3CA9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003CA9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3CA9000
|
Size: |
4096
|
|
6A58023AC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1836493850.00006A58023AC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58023AC000
|
Size: |
4096
|
|
2D6F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2138972809.0000000002D6F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2D6F000
|
Size: |
4096
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1860556233.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
12288
|
|
6A58032C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1876490644.00006A58032C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58032C0000
|
Size: |
4096
|
|
6A5802544000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1835798122.00006A5802544000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802544000
|
Size: |
4096
|
|
2C6E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2138952908.0000000002C6E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2C6E000
|
Size: |
8192
|
|
25DD1429000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1859386844.0000025DD1429000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1429000
|
Size: |
12288
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854349082.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
25DD1429000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1860275770.0000025DD1429000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1429000
|
Size: |
12288
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1859386844.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
462400390000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1826030297.0000462400390000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400390000
|
Size: |
372736
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
B40000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2137955001.0000000000B40000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
B40000
|
Size: |
4096
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1848910125.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
25DD1424000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1857030129.0000025DD1424000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1424000
|
Size: |
16384
|
|
4EB9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142772855.0000000004EB9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4EB9000
|
Size: |
4096
|
|
2966000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1851681011.0000000002966000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2966000
|
Size: |
4096
|
|
6A5802FA4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1877289687.00006A5802FA4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802FA4000
|
Size: |
8192
|
|
462400310000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1825205401.0000462400310000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400310000
|
Size: |
65536
|
|
3788000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.0000000003788000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3788000
|
Size: |
4096
|
|
4F64000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142772855.0000000004F64000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4F64000
|
Size: |
4096
|
|
6A580308C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1867964880.00006A580308C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A580308C000
|
Size: |
8192
|
|
F14000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1850754513.0000000000F14000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
F14000
|
Size: |
32768
|
|
2BDD000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2235233610.0000000002BDD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2BDD000
|
Size: |
12288
|
|
6A5803160000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1874495488.00006A5803160000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5803160000
|
Size: |
159744
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
25DD1424000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1857600798.0000025DD1424000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1424000
|
Size: |
16384
|
|
462400320000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1825976387.0000462400320000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400320000
|
Size: |
4096
|
|
6A5802424000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1831439458.00006A5802424000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802424000
|
Size: |
16384
|
|
3BFB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003BFB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3BFB000
|
Size: |
8192
|
|
462400330000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1825570211.0000462400330000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400330000
|
Size: |
4096
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1846564336.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
AF0000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2137806476.0000000000AF0000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
AF0000
|
Size: |
36864
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856831337.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854181377.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
25DD140D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1836859225.0000025DD140D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD140D000
|
Size: |
4096
|
|
AE5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1850161615.0000000000AE5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
AE5000
|
Size: |
12288
|
|
6A580260C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1869640815.00006A580260C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A580260C000
|
Size: |
151552
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found strings which match to known social media urls |
Networking |
|
|
25DD1412000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1836673188.0000025DD1412000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1412000
|
Size: |
16384
|
|
6A58024A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1874573388.00006A58024A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58024A4000
|
Size: |
4096
|
|
462400380000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1826203275.0000462400380000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400380000
|
Size: |
65536
|
|
462400730000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1827480809.0000462400730000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400730000
|
Size: |
77824
|
|
3F5A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141203872.0000000003F5A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3F5A000
|
Size: |
4096
|
|
3CD7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003CD7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3CD7000
|
Size: |
4096
|
|
3DF5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141065869.0000000003DF5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3DF5000
|
Size: |
4096
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1852091992.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
28672
|
|
25DD140A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1846674430.0000025DD140A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD140A000
|
Size: |
4096
|
|
330F000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2235500332.000000000330F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
330F000
|
Size: |
4096
|
|
6A580240C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1831568801.00006A580240C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A580240C000
|
Size: |
16384
|
|
6A58023F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1831655528.00006A58023F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58023F0000
|
Size: |
16384
|
|
3700000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.0000000003700000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3700000
|
Size: |
16384
|
|
3C46000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003C46000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3C46000
|
Size: |
4096
|
|
6A58023D8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1831814555.00006A58023D8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58023D8000
|
Size: |
16384
|
|
25DD1440000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1864912424.0000025DD1440000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1440000
|
Size: |
24576
|
|
462400698000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1826806517.0000462400698000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400698000
|
Size: |
77824
|
|
3031000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2235382855.0000000003031000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3031000
|
Size: |
16384
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1859386844.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
8192
|
|
25DD1424000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856148550.0000025DD1424000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1424000
|
Size: |
8192
|
|
25DD1424000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1855912014.0000025DD1424000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1424000
|
Size: |
8192
|
|
6A580340C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1877154821.00006A580340C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A580340C000
|
Size: |
356352
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6A58023E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1831768694.00006A58023E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58023E0000
|
Size: |
16384
|
|
25DD1421000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1855841617.0000025DD1421000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1421000
|
Size: |
8192
|
|
6A58023C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1832872649.00006A58023C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58023C8000
|
Size: |
49152
|
|
6A5802E74000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1861755372.00006A5802E74000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802E74000
|
Size: |
8192
|
|
4E59000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142772855.0000000004E59000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4E59000
|
Size: |
4096
|
|
25DD1440000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1866586387.0000025DD1440000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1440000
|
Size: |
24576
|
|
6A5800AE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1874079197.00006A5800AE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5800AE0000
|
Size: |
4096
|
|
6A5802E98000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1861885149.00006A5802E98000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802E98000
|
Size: |
20480
|
|
25DD1424000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1860556233.0000025DD1424000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1424000
|
Size: |
16384
|
|
6A58000E4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1849712683.00006A58000E4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58000E4000
|
Size: |
4096
|
|
4F44000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142772855.0000000004F44000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4F44000
|
Size: |
4096
|
|
25DD1428000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1866158554.0000025DD1428000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1428000
|
Size: |
4096
|
|
6A58031A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1869449986.00006A58031A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58031A4000
|
Size: |
131072
|
|
333D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139168871.000000000333D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
333D000
|
Size: |
12288
|
|
25DD142A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1866158554.0000025DD142A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD142A000
|
Size: |
4096
|
|
FDE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1851023152.0000000000FDE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
FDE000
|
Size: |
8192
|
|
6A5802EA4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1862347821.00006A5802EA4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802EA4000
|
Size: |
16384
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
4F4E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142772855.0000000004F4E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4F4E000
|
Size: |
4096
|
|
6A5802654000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1869640815.00006A5802654000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802654000
|
Size: |
61440
|
|
479E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142234459.000000000479E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
479E000
|
Size: |
4096
|
|
6A58024A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1834151163.00006A58024A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58024A4000
|
Size: |
8192
|
|
320F000
|
unkown
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2235453739.000000000320F000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
320F000
|
Size: |
4096
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1860084469.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
4624006B8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1827115320.00004624006B8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4624006B8000
|
Size: |
65536
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1846815399.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
12288
|
|
BC7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2138065559.0000000000BC7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
BC7000
|
Size: |
106496
|
|
6A580349C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1877905141.00006A580349C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A580349C000
|
Size: |
28672
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854701836.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
28672
|
|
4F23000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142772855.0000000004F23000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4F23000
|
Size: |
8192
|
|
6A5802EA4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1866945510.00006A5802EA4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802EA4000
|
Size: |
8192
|
|
25DD1424000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856019011.0000025DD1424000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1424000
|
Size: |
8192
|
|
6A58024A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1862206988.00006A58024A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58024A4000
|
Size: |
16384
|
|
F27000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.1850826847.0000000000F27000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
F27000
|
Size: |
4096
|
|
6A5802EDC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1862413006.00006A5802EDC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802EDC000
|
Size: |
20480
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
7C58002C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1798858274.00007C58002C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7C58002C0000
|
Size: |
4096
|
|
6A58023B4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1831253499.00006A58023B4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58023B4000
|
Size: |
8192
|
|
2ADD000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2235211992.0000000002ADD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2ADD000
|
Size: |
12288
|
|
3F25000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141203872.0000000003F25000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3F25000
|
Size: |
4096
|
|
25DD1429000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1857030129.0000025DD1429000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1429000
|
Size: |
12288
|
|
6A5802654000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1861505424.00006A5802654000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802654000
|
Size: |
61440
|
|
A4E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1849348060.0000000000A4E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A4E000
|
Size: |
114688
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1858093808.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
8192
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1848658966.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
28672
|
|
6A5802430000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1831362464.00006A5802430000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5802430000
|
Size: |
241664
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856079750.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
16384
|
|
4E64000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142772855.0000000004E64000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4E64000
|
Size: |
4096
|
|
6A58031CC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1870787602.00006A58031CC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58031CC000
|
Size: |
4096
|
|
3792000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2139387565.0000000003792000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3792000
|
Size: |
8192
|
|
6A58032A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1874400127.00006A58032A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58032A0000
|
Size: |
28672
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
47D3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142234459.00000000047D3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
47D3000
|
Size: |
4096
|
|
660800234000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1800669687.0000660800234000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
660800234000
|
Size: |
4096
|
|
25DD1440000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1865970202.0000025DD1440000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1440000
|
Size: |
24576
|
|
462400704000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1827429370.0000462400704000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
462400704000
|
Size: |
61440
|
|
FF0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1851089324.0000000000FF0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FF0000
|
Size: |
12288
|
|
3CC0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003CC0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3CC0000
|
Size: |
8192
|
|
3CF2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003CF2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3CF2000
|
Size: |
4096
|
|
25DD1424000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856413219.0000025DD1424000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1424000
|
Size: |
12288
|
|
2FBE000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000B.00000002.2235362929.0000000002FBE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
11
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2FBE000
|
Size: |
8192
|
|
4E44000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142772855.0000000004E44000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4E44000
|
Size: |
4096
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1857600798.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
12288
|
|
4624006E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1828484561.00004624006E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4624006E0000
|
Size: |
12288
|
|
6A5803240000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1874198648.00006A5803240000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5803240000
|
Size: |
53248
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1852184658.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|
25DD140D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1848531529.0000025DD140D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD140D000
|
Size: |
4096
|
|
7C8000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1848016017.00000000007C8000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
7C8000
|
Size: |
32768
|
|
4973000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142234459.0000000004973000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4973000
|
Size: |
4096
|
|
6A580309C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1871568001.00006A580309C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A580309C000
|
Size: |
69632
|
|
A00000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.2234429705.0000000000A00000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A00000
|
Size: |
4096
|
|
25DD1419000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1847121057.0000025DD1419000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1419000
|
Size: |
8192
|
|
A82000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1849348060.0000000000A82000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A82000
|
Size: |
8192
|
|
6A58023F4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1831610229.00006A58023F4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58023F4000
|
Size: |
16384
|
|
25DD141F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856413219.0000025DD141F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD141F000
|
Size: |
16384
|
|
3C8B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140175140.0000000003C8B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3C8B000
|
Size: |
8192
|
|
6A58031C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1869449986.00006A58031C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A58031C8000
|
Size: |
4096
|
|
4624006CC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1826980181.00004624006CC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4624006CC000
|
Size: |
94208
|
|
25DD1424000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1860903842.0000025DD1424000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1424000
|
Size: |
16384
|
|
4276000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141793628.0000000004276000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4276000
|
Size: |
4096
|
|
A48000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1849348060.0000000000A48000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A48000
|
Size: |
16384
|
|
6A580349C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1877154821.00006A580349C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A580349C000
|
Size: |
28672
|
|
25DD1424000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1856210324.0000025DD1424000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1424000
|
Size: |
8192
|
|
6A5803150000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1867821640.00006A5803150000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6A5803150000
|
Size: |
53248
|
|
4E8E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2142772855.0000000004E8E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4E8E000
|
Size: |
4096
|
|
25DD1411000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1854804115.0000025DD1411000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1411000
|
Size: |
4096
|
|
3B70000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2140117754.0000000003B70000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3B70000
|
Size: |
151552
|
|
3E7A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2141203872.0000000003E7A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3E7A000
|
Size: |
4096
|
|
25DD1411000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1847186059.0000025DD1411000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1411000
|
Size: |
4096
|
|
A15000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1848839346.0000000000A15000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A15000
|
Size: |
12288
|
|
25DD1408000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1836859225.0000025DD1408000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1408000
|
Size: |
8192
|
|
25DD1413000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1852384485.0000025DD1413000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
25DD1413000
|
Size: |
8192
|
|