802000
|
unkown
|
page readonly
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000001.00000000.1290037352.0000000000802000.00000002.00000001.01000000.00000004.sdmp
|
TargetID: |
1
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
802000
|
Size: |
36864
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected XWorm |
Stealing of Sensitive Information, Remote Access Functionality |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
Yara signature match |
System Summary |
|
|
2A7C000
|
trusted library allocation
|
page read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000001.00000002.3507381404.0000000002A7C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2A7C000
|
Size: |
69632
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected XWorm |
Stealing of Sensitive Information, Remote Access Functionality |
|
|
2B60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2472475095.0000000002B60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B60000
|
Size: |
4096
|
|
139E000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2463504372.000000000139E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
139E000
|
Size: |
8192
|
|
1BA9F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3507682009.000000001BA9F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1BA9F000
|
Size: |
4096
|
|
E30000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395439683.0000000000E30000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
E30000
|
Size: |
4096
|
|
1540000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2465378019.0000000001540000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1540000
|
Size: |
12288
|
|
2920000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3507225514.0000000002920000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2920000
|
Size: |
16384
|
|
12F48000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3506969429.0000000012F48000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
12F48000
|
Size: |
4096
|
|
7FFE7DD30000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3508261086.00007FFE7DD30000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD30000
|
Size: |
4096
|
|
1B2CC000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2565184216.000000001B2CC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1B2CC000
|
Size: |
16384
|
|
C20000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3350015099.0000000000C20000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
C20000
|
Size: |
4096
|
|
2D4F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2506175958.0000000002D4F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2D4F000
|
Size: |
4096
|
|
7FFE7DD9C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.3516207396.00007FFE7DD9C000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DD9C000
|
Size: |
8192
|
|
1C71E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3515259040.000000001C71E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1C71E000
|
Size: |
8192
|
|
8E0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3349454369.00000000008E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
8E0000
|
Size: |
36864
|
|
7FFE7DD2D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000013.00000002.3508144179.00007FFE7DD2D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DD2D000
|
Size: |
4096
|
|
12F41000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3506969429.0000000012F41000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
12F41000
|
Size: |
4096
|
|
8B0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3349454369.00000000008B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
8B0000
|
Size: |
28672
|
|
7FFE7DDF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1396535532.00007FFE7DDF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DDF0000
|
Size: |
4096
|
|
7FFE7DD9C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000005.00000002.1396517751.00007FFE7DD9C000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DD9C000
|
Size: |
4096
|
|
1B370000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3513087775.000000001B370000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B370000
|
Size: |
4096
|
|
1B7C0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1396281697.000000001B7C0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B7C0000
|
Size: |
4096
|
|
1655000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712847233.0000000001655000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1655000
|
Size: |
8192
|
|
F30000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2415857857.0000000000F30000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F30000
|
Size: |
4096
|
|
3101000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712992639.0000000003101000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3101000
|
Size: |
12288
|
|
30F1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712992639.00000000030F1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
30F1000
|
Size: |
40960
|
|
C00000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3505193561.0000000000C00000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
C00000
|
Size: |
4096
|
|
2A8E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3507381404.0000000002A8E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2A8E000
|
Size: |
4096
|
|
11C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395907120.00000000011C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
11C0000
|
Size: |
4096
|
|
8CB000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3349454369.00000000008CB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
8CB000
|
Size: |
36864
|
|
2BB0000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
0000000A.00000002.2479049814.0000000002BB0000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
2BB0000
|
Size: |
4096
|
|
7FFE7DD52000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1396418801.00007FFE7DD52000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD52000
|
Size: |
4096
|
|
15F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712807307.00000000015F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15F0000
|
Size: |
4096
|
|
1415000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395959757.0000000001415000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1415000
|
Size: |
8192
|
|
7FFE7DE00000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.3516397669.00007FFE7DE00000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DE00000
|
Size: |
4096
|
|
990000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3504827171.0000000000990000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
990000
|
Size: |
4096
|
|
30FC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712992639.00000000030FC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
30FC000
|
Size: |
8192
|
|
2A2E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3507316914.0000000002A2E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2A2E000
|
Size: |
8192
|
|
D6E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3505569502.0000000000D6E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
D6E000
|
Size: |
8192
|
|
7FFE7DE50000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.1713486088.00007FFE7DE50000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DE50000
|
Size: |
8192
|
|
CEF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3505569502.0000000000CEF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
CEF000
|
Size: |
4096
|
|
7FFE7DE00000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3350838936.00007FFE7DE00000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DE00000
|
Size: |
4096
|
|
1215000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395921148.0000000001215000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1215000
|
Size: |
8192
|
|
7FFE7DD6B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.3516010066.00007FFE7DD6B000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DD6B000
|
Size: |
4096
|
|
7FFE7DD5D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.3515936784.00007FFE7DD5D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DD5D000
|
Size: |
12288
|
|
C60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3505300766.0000000000C60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
C60000
|
Size: |
4096
|
|
2580000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3350134020.0000000002580000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2580000
|
Size: |
4096
|
|
1335000
|
heap
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3505877738.0000000001335000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1335000
|
Size: |
4096
|
|
2A9C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3507381404.0000000002A9C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2A9C000
|
Size: |
3301376
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
|
7FFE7DDAC000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
0000000C.00000002.3350813576.00007FFE7DDAC000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DDAC000
|
Size: |
4096
|
|
D83000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3505569502.0000000000D83000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
D83000
|
Size: |
180224
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
7FFE7DE26000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000005.00000002.1396569757.00007FFE7DE26000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DE26000
|
Size: |
4096
|
|
EAD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395513634.0000000000EAD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
EAD000
|
Size: |
4096
|
|
12D48000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2557656604.0000000012D48000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
12D48000
|
Size: |
4096
|
|
1BBCF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1713244352.000000001BBCF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1BBCF000
|
Size: |
4096
|
|
7FFE7DD8C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
0000000A.00000002.2566911785.00007FFE7DD8C000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DD8C000
|
Size: |
4096
|
|
7FFE7DD6D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
0000000C.00000002.3350756704.00007FFE7DD6D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DD6D000
|
Size: |
4096
|
|
3095000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3507381404.0000000003095000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3095000
|
Size: |
20480
|
|
1ADB6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3512849675.000000001ADB6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1ADB6000
|
Size: |
4096
|
|
1BACE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1396350631.000000001BACE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1BACE000
|
Size: |
8192
|
|
254E000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3350104269.000000000254E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
254E000
|
Size: |
8192
|
|
2DC5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3507381404.0000000002DC5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2DC5000
|
Size: |
2945024
|
|
7FFE7DD4D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000005.00000002.1396403706.00007FFE7DD4D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DD4D000
|
Size: |
4096
|
|
F20000
|
heap
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3502828632.0000000000F20000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F20000
|
Size: |
4096
|
|
7FFE7DD44000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1713312842.00007FFE7DD44000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD44000
|
Size: |
16384
|
|
D21000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3505569502.0000000000D21000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
D21000
|
Size: |
311296
|
|
1B76F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3513591285.000000001B76F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1B76F000
|
Size: |
4096
|
|
7FFE7DE10000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
0000000C.00000002.3350863108.00007FFE7DE10000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DE10000
|
Size: |
4096
|
|
F80000
|
heap
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3503129192.0000000000F80000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F80000
|
Size: |
28672
|
|
7FFE7DEE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1396601682.00007FFE7DEE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DEE0000
|
Size: |
12288
|
|
F4D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395513634.0000000000F4D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F4D000
|
Size: |
4096
|
|
895000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3349278234.0000000000895000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
895000
|
Size: |
8192
|
|
810000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3349193003.0000000000810000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
810000
|
Size: |
4096
|
|
8D5000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3349454369.00000000008D5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
8D5000
|
Size: |
8192
|
|
1BB3B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3513789678.000000001BB3B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1BB3B000
|
Size: |
180224
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
AV process strings found (often used to terminate AV products) |
Lowering of HIPS / PFW / Operating System Security Settings |
Security Software Discovery
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
2F41000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3506653689.0000000002F41000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F41000
|
Size: |
40960
|
|
FA6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3503129192.0000000000FA6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FA6000
|
Size: |
12288
|
|
FC0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2441108200.0000000000FC0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FC0000
|
Size: |
12288
|
|
1B9EE000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2565543500.000000001B9EE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1B9EE000
|
Size: |
8192
|
|
277F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3350212197.000000000277F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
277F000
|
Size: |
4096
|
|
FBF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3506861892.0000000000FBF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
FBF000
|
Size: |
4096
|
|
7FFE7DD40000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2566786395.00007FFE7DD40000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD40000
|
Size: |
4096
|
|
143E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3506061002.000000000143E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
143E000
|
Size: |
8192
|
|
7FFE7DE36000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
0000000C.00000002.3350892538.00007FFE7DE36000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DE36000
|
Size: |
4096
|
|
F9C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3503129192.0000000000F9C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F9C000
|
Size: |
36864
|
|
7FFE7DDF0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.1713440351.00007FFE7DDF0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DDF0000
|
Size: |
4096
|
|
1320000
|
heap
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3505796725.0000000001320000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1320000
|
Size: |
4096
|
|
1B990000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000013.00000002.3507626806.000000001B990000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
1B990000
|
Size: |
4096
|
|
12CA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712351971.00000000012CA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
12CA000
|
Size: |
151552
|
|
7FFE7DD62000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3350660906.00007FFE7DD62000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD62000
|
Size: |
4096
|
|
1BA70000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3513789678.000000001BA70000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1BA70000
|
Size: |
380928
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
944000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3504718472.0000000000944000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
944000
|
Size: |
49152
|
|
1134000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712305801.0000000001134000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1134000
|
Size: |
49152
|
|
13E5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712712293.00000000013E5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13E5000
|
Size: |
4096
|
|
C70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3505389248.0000000000C70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
C70000
|
Size: |
8192
|
|
915000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3349454369.0000000000915000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
915000
|
Size: |
4096
|
|
1B3C3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3513243233.000000001B3C3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B3C3000
|
Size: |
12288
|
|
7F0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3349164837.00000000007F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7F0000
|
Size: |
4096
|
|
7FFE7DDD0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3508842909.00007FFE7DDD0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DDD0000
|
Size: |
4096
|
|
1C915000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3515412218.000000001C915000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1C915000
|
Size: |
45056
|
|
FC5000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2441108200.0000000000FC5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FC5000
|
Size: |
4096
|
|
E60000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395498294.0000000000E60000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
E60000
|
Size: |
8192
|
|
917000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3349454369.0000000000917000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
917000
|
Size: |
319488
|
|
219162EE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1341399498.00000219162EE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
219162EE000
|
Size: |
139264
|
|
CA5000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3350039340.0000000000CA5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
CA5000
|
Size: |
8192
|
|
1210000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395921148.0000000001210000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1210000
|
Size: |
12288
|
|
F52000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395513634.0000000000F52000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F52000
|
Size: |
16384
|
|
12D41000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2557656604.0000000012D41000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
12D41000
|
Size: |
4096
|
|
2C10000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2486509678.0000000002C10000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2C10000
|
Size: |
4096
|
|
BE4000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395147423.0000000000BE4000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
BE4000
|
Size: |
49152
|
|
7FFE7DD7C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000013.00000002.3508773385.00007FFE7DD7C000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DD7C000
|
Size: |
4096
|
|
CDA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3505569502.0000000000CDA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
CDA000
|
Size: |
81920
|
|
BAF000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3349967565.0000000000BAF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
BAF000
|
Size: |
4096
|
|
2DC3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3507381404.0000000002DC3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2DC3000
|
Size: |
4096
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
|
8B8000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3349454369.00000000008B8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
8B8000
|
Size: |
73728
|
|
7FFE7DDE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1713422140.00007FFE7DDE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DDE0000
|
Size: |
4096
|
|
7FFE7DD43000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.3515585857.00007FFE7DD43000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DD43000
|
Size: |
4096
|
|
1BFAE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3514699601.000000001BFAE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1BFAE000
|
Size: |
8192
|
|
F10000
|
heap
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3502706053.0000000000F10000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F10000
|
Size: |
4096
|
|
E86000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395513634.0000000000E86000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
E86000
|
Size: |
20480
|
|
7FFE7DDE0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000013.00000002.3508964050.00007FFE7DDE0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DDE0000
|
Size: |
4096
|
|
1C1A4000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3515136351.000000001C1A4000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1C1A4000
|
Size: |
49152
|
|
7FFE7DD40000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3515526054.00007FFE7DD40000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD40000
|
Size: |
4096
|
|
7FFE7DE26000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.3516452823.00007FFE7DE26000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DE26000
|
Size: |
4096
|
|
E80000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395513634.0000000000E80000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
E80000
|
Size: |
20480
|
|
12F43000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3506969429.0000000012F43000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
12F43000
|
Size: |
12288
|
|
2F40000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712915087.0000000002F40000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2F40000
|
Size: |
4096
|
|
130F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712351971.000000000130F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
130F000
|
Size: |
139264
|
|
1B96D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3513653645.000000001B96D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1B96D000
|
Size: |
12288
|
|
1BB68000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3513789678.000000001BB68000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1BB68000
|
Size: |
8192
|
|
2B80000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2478089959.0000000002B80000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B80000
|
Size: |
4096
|
|
1BB9E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3508016792.000000001BB9E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1BB9E000
|
Size: |
8192
|
|
219162D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1341379063.00000219162D0000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
219162D0000
|
Size: |
4096
|
|
E8C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395513634.0000000000E8C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
E8C000
|
Size: |
131072
|
|
1B9CF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1396322388.000000001B9CF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1B9CF000
|
Size: |
4096
|
|
830000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3349226526.0000000000830000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
830000
|
Size: |
8192
|
|
1B6CE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1396232756.000000001B6CE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1B6CE000
|
Size: |
8192
|
|
EBF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395513634.0000000000EBF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
EBF000
|
Size: |
4096
|
|
D1D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3505569502.0000000000D1D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
D1D000
|
Size: |
12288
|
|
130C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712351971.000000000130C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
130C000
|
Size: |
8192
|
|
800000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000001.00000000.1290018662.0000000000800000.00000002.00000001.01000000.00000004.sdmp
|
TargetID: |
1
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
800000
|
Size: |
4096
|
|
1380000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712677777.0000000001380000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1380000
|
Size: |
4096
|
|
966000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3349454369.0000000000966000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
966000
|
Size: |
57344
|
|
1268000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712351971.0000000001268000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1268000
|
Size: |
114688
|
|
1BACE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3513789678.000000001BACE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1BACE000
|
Size: |
204800
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
FEB000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2451927711.0000000000FEB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FEB000
|
Size: |
36864
|
|
7FFE7DE00000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000005.00000002.1396550750.00007FFE7DE00000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DE00000
|
Size: |
4096
|
|
CA0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3350039340.0000000000CA0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
CA0000
|
Size: |
12288
|
|
130F8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1713085922.00000000130F8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
130F8000
|
Size: |
4096
|
|
2F51000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3506653689.0000000002F51000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F51000
|
Size: |
12288
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
100A000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2451927711.000000000100A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
100A000
|
Size: |
4096
|
|
1037000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2451927711.0000000001037000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1037000
|
Size: |
106496
|
|
7FFE7DE06000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000013.00000002.3509071696.00007FFE7DE06000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DE06000
|
Size: |
4096
|
|
890000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3349278234.0000000000890000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
890000
|
Size: |
12288
|
|
15EE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712785908.00000000015EE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
15EE000
|
Size: |
8192
|
|
F80000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2441074665.0000000000F80000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F80000
|
Size: |
8192
|
|
30FF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712992639.00000000030FF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
30FF000
|
Size: |
4096
|
|
2C90000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000005.00000002.1396041591.0000000002C90000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
2C90000
|
Size: |
4096
|
|
1B1EE000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3350524860.000000001B1EE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1B1EE000
|
Size: |
8192
|
|
11A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395891669.00000000011A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
11A0000
|
Size: |
4096
|
|
7FFE7DD3D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
0000000A.00000002.2566503095.00007FFE7DD3D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DD3D000
|
Size: |
4096
|
|
1B3C0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3513243233.000000001B3C0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B3C0000
|
Size: |
8192
|
|
7FFE7DEE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3516537156.00007FFE7DEE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DEE0000
|
Size: |
36864
|
|
C40000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3505232855.0000000000C40000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
C40000
|
Size: |
8192
|
|
1035000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2451927711.0000000001035000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1035000
|
Size: |
4096
|
|
1B56D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1713174239.000000001B56D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1B56D000
|
Size: |
12288
|
|
EB5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395513634.0000000000EB5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
EB5000
|
Size: |
36864
|
|
1B66E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3513513425.000000001B66E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1B66E000
|
Size: |
8192
|
|
1ABED000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3350432108.000000001ABED000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1ABED000
|
Size: |
12288
|
|
7FFE7DD50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1713382582.00007FFE7DD50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD50000
|
Size: |
4096
|
|
2A90000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3507381404.0000000002A90000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2A90000
|
Size: |
20480
|
|
7FF452200000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000005.00000002.1396370791.00007FF452200000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF452200000
|
Size: |
4096
|
|
F40000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2419745328.0000000000F40000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F40000
|
Size: |
4096
|
|
7FFE7DD34000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3508261086.00007FFE7DD34000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD34000
|
Size: |
16384
|
|
2D01000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1396075292.0000000002D01000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2D01000
|
Size: |
40960
|
|
7FFE7DEF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3350947252.00007FFE7DEF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DEF0000
|
Size: |
12288
|
|
7FFE7DD70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3350786233.00007FFE7DD70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD70000
|
Size: |
4096
|
|
2D51000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2506175958.0000000002D51000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2D51000
|
Size: |
12288
|
|
FD0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2451927711.0000000000FD0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FD0000
|
Size: |
28672
|
|
28A0000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.3507070205.00000000028A0000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
28A0000
|
Size: |
4096
|
|
9D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3505137818.00000000009D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
9D0000
|
Size: |
12288
|
|
7FFE7DD8C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.1713399198.00007FFE7DD8C000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DD8C000
|
Size: |
4096
|
|
219162E9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1341399498.00000219162E9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
219162E9000
|
Size: |
16384
|
|
880000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3349254825.0000000000880000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
880000
|
Size: |
4096
|
|
1B990000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1713192633.000000001B990000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B990000
|
Size: |
4096
|
|
7FFE7DE60000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000005.00000002.1396585150.00007FFE7DE60000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DE60000
|
Size: |
8192
|
|
1043000
|
heap
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3503129192.0000000001043000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1043000
|
Size: |
4096
|
|
7FFE7DD4D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.1713363472.00007FFE7DD4D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DD4D000
|
Size: |
4096
|
|
130F1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1713085922.00000000130F1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
130F1000
|
Size: |
4096
|
|
7FFE7DD60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1396499072.00007FFE7DD60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD60000
|
Size: |
4096
|
|
1BA6C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3513739165.000000001BA6C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1BA6C000
|
Size: |
16384
|
|
EC2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395513634.0000000000EC2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
EC2000
|
Size: |
16384
|
|
7FFE7DED0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1713502064.00007FFE7DED0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DED0000
|
Size: |
12288
|
|
2F4C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3506653689.0000000002F4C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F4C000
|
Size: |
8192
|
|
7FFE7DD3D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.1713297824.00007FFE7DD3D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DD3D000
|
Size: |
4096
|
|
12F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712351971.00000000012F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
12F0000
|
Size: |
61440
|
|
8EA000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3349454369.00000000008EA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
8EA000
|
Size: |
4096
|
|
14D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3506151773.00000000014D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
14D0000
|
Size: |
4096
|
|
1610000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712825246.0000000001610000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1610000
|
Size: |
4096
|
|
277C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3350212197.000000000277C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
277C000
|
Size: |
8192
|
|
8EC000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3349454369.00000000008EC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
8EC000
|
Size: |
16384
|
|
FD8000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2451927711.0000000000FD8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FD8000
|
Size: |
73728
|
|
12A38000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3512375161.0000000012A38000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
12A38000
|
Size: |
16384
|
|
12D01000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1396114551.0000000012D01000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
12D01000
|
Size: |
4096
|
|
1B4CD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3513462164.000000001B4CD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1B4CD000
|
Size: |
12288
|
|
1B6D0000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000005.00000002.1396261624.000000001B6D0000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
1B6D0000
|
Size: |
4096
|
|
7FFE7DE16000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.1713461383.00007FFE7DE16000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DE16000
|
Size: |
4096
|
|
10B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3506934215.00000000010B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
10B0000
|
Size: |
12288
|
|
9C5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3505009945.00000000009C5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
9C5000
|
Size: |
20480
|
|
FC5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3503129192.0000000000FC5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FC5000
|
Size: |
4096
|
|
1B02E000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3350469824.000000001B02E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1B02E000
|
Size: |
8192
|
|
1B91E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3507444669.000000001B91E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1B91E000
|
Size: |
8192
|
|
2781000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3350212197.0000000002781000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2781000
|
Size: |
12288
|
|
1BAC0000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.1713227049.000000001BAC0000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
1BAC0000
|
Size: |
4096
|
|
AA0000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000005.00000002.1394993895.0000000000AA0000.00000002.00000001.01000000.00000007.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
AA0000
|
Size: |
4096
|
|
7FFE7DD54000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1396418801.00007FFE7DD54000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD54000
|
Size: |
16384
|
|
129E000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2463475820.000000000129E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
129E000
|
Size: |
8192
|
|
1B2EE000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3350557693.000000001B2EE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1B2EE000
|
Size: |
8192
|
|
F40000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395513634.0000000000F40000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F40000
|
Size: |
49152
|
|
7FFE7DD40000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3508721812.00007FFE7DD40000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD40000
|
Size: |
4096
|
|
CB6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3505569502.0000000000CB6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
CB6000
|
Size: |
20480
|
|
1170000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712331409.0000000001170000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1170000
|
Size: |
4096
|
|
FC0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3503129192.0000000000FC0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FC0000
|
Size: |
16384
|
|
12A3F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3512375161.0000000012A3F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
12A3F000
|
Size: |
4096
|
|
9DE097F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1341254281.0000009DE097F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
9DE097F000
|
Size: |
4096
|
|
129C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712351971.000000000129C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
129C000
|
Size: |
4096
|
|
12A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3505686830.00000000012A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
12A0000
|
Size: |
4096
|
|
7FFE7DD4D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
0000000A.00000002.2566892920.00007FFE7DD4D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DD4D000
|
Size: |
4096
|
|
12A31000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3512375161.0000000012A31000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
12A31000
|
Size: |
24576
|
|
124E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3505470875.000000000124E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
124E000
|
Size: |
8192
|
|
12778000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3350324107.0000000012778000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
12778000
|
Size: |
4096
|
|
7FFE7DD44000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3515605227.00007FFE7DD44000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD44000
|
Size: |
8192
|
|
28F0000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.3507128151.00000000028F0000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
28F0000
|
Size: |
4096
|
|
1330000
|
heap
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3505877738.0000000001330000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1330000
|
Size: |
12288
|
|
129E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712351971.000000000129E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
129E000
|
Size: |
16384
|
|
12773000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3350324107.0000000012773000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
12773000
|
Size: |
12288
|
|
1288000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712351971.0000000001288000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1288000
|
Size: |
4096
|
|
12D08000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1396114551.0000000012D08000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
12D08000
|
Size: |
4096
|
|
7FFE7DDFC000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.3516373102.00007FFE7DDFC000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DDFC000
|
Size: |
4096
|
|
108B000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2451927711.000000000108B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
108B000
|
Size: |
32768
|
|
1150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395876581.0000000001150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1150000
|
Size: |
4096
|
|
1B390000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3513145047.000000001B390000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B390000
|
Size: |
12288
|
|
CF2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3505569502.0000000000CF2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
CF2000
|
Size: |
16384
|
|
E40000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395481554.0000000000E40000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
E40000
|
Size: |
4096
|
|
7FFE7DED0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2568015865.00007FFE7DED0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DED0000
|
Size: |
8192
|
|
219166C5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1341528290.00000219166C5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
219166C5000
|
Size: |
12288
|
|
2C2E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1396024770.0000000002C2E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2C2E000
|
Size: |
8192
|
|
7FFE7DD40000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1713312842.00007FFE7DD40000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD40000
|
Size: |
4096
|
|
1BCCE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1713261021.000000001BCCE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1BCCE000
|
Size: |
8192
|
|
7FFE7DD50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3515853223.00007FFE7DD50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD50000
|
Size: |
4096
|
|
9A0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3504880845.00000000009A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
9A0000
|
Size: |
4096
|
|
F40000
|
heap
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3502955679.0000000000F40000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F40000
|
Size: |
4096
|
|
2F4F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3506653689.0000000002F4F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F4F000
|
Size: |
4096
|
|
EF4000
|
stack
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3502563161.0000000000EF4000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
EF4000
|
Size: |
49152
|
|
2760000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
0000000C.00000002.3350186124.0000000002760000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
2760000
|
Size: |
4096
|
|
8D8000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3349454369.00000000008D8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
8D8000
|
Size: |
4096
|
|
1BB02000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3513789678.000000001BB02000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1BB02000
|
Size: |
8192
|
|
FBB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3503129192.0000000000FBB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FBB000
|
Size: |
4096
|
|
13E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712712293.00000000013E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13E0000
|
Size: |
12288
|
|
12D03000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1396114551.0000000012D03000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
12D03000
|
Size: |
12288
|
|
100C000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2451927711.000000000100C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
100C000
|
Size: |
16384
|
|
1260000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712351971.0000000001260000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1260000
|
Size: |
28672
|
|
2A78000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3507381404.0000000002A78000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2A78000
|
Size: |
4096
|
|
2A9A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3507381404.0000000002A9A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2A9A000
|
Size: |
4096
|
|
7FFE7DD42000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1713312842.00007FFE7DD42000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD42000
|
Size: |
4096
|
|
14EE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712763272.00000000014EE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
14EE000
|
Size: |
8192
|
|
1B4DD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3507324075.000000001B4DD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1B4DD000
|
Size: |
12288
|
|
7FFE7DEF0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.3516631264.00007FFE7DEF0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DEF0000
|
Size: |
16384
|
|
1AA30000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3512580279.000000001AA30000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1AA30000
|
Size: |
4096
|
|
7FFE7DD5D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000005.00000002.1396478550.00007FFE7DD5D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DD5D000
|
Size: |
4096
|
|
1280000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3505573725.0000000001280000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1280000
|
Size: |
4096
|
|
1B6E0000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
0000000A.00000002.2565207583.000000001B6E0000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
1B6E0000
|
Size: |
4096
|
|
1B28D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1396211487.000000001B28D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1B28D000
|
Size: |
12288
|
|
710000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3349132063.0000000000710000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
710000
|
Size: |
4096
|
|
1CA25000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3515450811.000000001CA25000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1CA25000
|
Size: |
4096
|
|
2CF0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1396057341.0000000002CF0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2CF0000
|
Size: |
4096
|
|
7FFE7DE70000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
0000000C.00000002.3350917528.00007FFE7DE70000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DE70000
|
Size: |
8192
|
|
7FFE7DD24000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3508067354.00007FFE7DD24000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD24000
|
Size: |
4096
|
|
7FFE7DD60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3350660906.00007FFE7DD60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD60000
|
Size: |
4096
|
|
1B7EE000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2565227863.000000001B7EE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1B7EE000
|
Size: |
8192
|
|
F60000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2435233146.0000000000F60000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F60000
|
Size: |
4096
|
|
1B0E0000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
0000000C.00000002.3350498096.000000001B0E0000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
1B0E0000
|
Size: |
4096
|
|
7FFE7DEC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3509227716.00007FFE7DEC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DEC0000
|
Size: |
12288
|
|
1B3EE000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3350583838.000000001B3EE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1B3EE000
|
Size: |
8192
|
|
1290000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712351971.0000000001290000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1290000
|
Size: |
45056
|
|
219164B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1341480351.00000219164B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
219164B0000
|
Size: |
8192
|
|
7FFE7DE16000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
0000000A.00000002.2566931950.00007FFE7DE16000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DE16000
|
Size: |
4096
|
|
1C81A000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3515280540.000000001C81A000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1C81A000
|
Size: |
24576
|
|
7FFE7DDF6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3516292901.00007FFE7DDF6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DDF6000
|
Size: |
4096
|
|
7FFE7DD6D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.3516126739.00007FFE7DD6D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DD6D000
|
Size: |
4096
|
|
7FFE7DE40000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000013.00000002.3509146825.00007FFE7DE40000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DE40000
|
Size: |
8192
|
|
EF4000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2412386817.0000000000EF4000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
EF4000
|
Size: |
49152
|
|
7FFE7DD60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3515971666.00007FFE7DD60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD60000
|
Size: |
4096
|
|
EBE000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3506734593.0000000000EBE000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
EBE000
|
Size: |
8192
|
|
1CA29000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3515450811.000000001CA29000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1CA29000
|
Size: |
4096
|
|
2D4C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2506175958.0000000002D4C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2D4C000
|
Size: |
8192
|
|
12771000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3350324107.0000000012771000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
12771000
|
Size: |
4096
|
|
BB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3349990232.0000000000BB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
BB0000
|
Size: |
4096
|
|
7FFE7DD4D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.3515662554.00007FFE7DD4D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DD4D000
|
Size: |
12288
|
|
EF0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395513634.0000000000EF0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
EF0000
|
Size: |
299008
|
|
9DE0879000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1341162471.0000009DE0879000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
9DE0879000
|
Size: |
28672
|
|
1094000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2451927711.0000000001094000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1094000
|
Size: |
8192
|
|
CB0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3505569502.0000000000CB0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
CB0000
|
Size: |
20480
|
|
7FFE7DD5D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
0000000C.00000002.3350636708.00007FFE7DD5D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DD5D000
|
Size: |
4096
|
|
1CA20000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3515450811.000000001CA20000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1CA20000
|
Size: |
4096
|
|
1B8EE000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2565375627.000000001B8EE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1B8EE000
|
Size: |
8192
|
|
7FFE7DD50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1396418801.00007FFE7DD50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD50000
|
Size: |
4096
|
|
7FFE7DF11000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3516779087.00007FFE7DF11000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DF11000
|
Size: |
4096
|
|
1C2AC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3515223980.000000001C2AC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1C2AC000
|
Size: |
16384
|
|
1360000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712661255.0000000001360000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1360000
|
Size: |
4096
|
|
1B8CE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1396303094.000000001B8CE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1B8CE000
|
Size: |
8192
|
|
2A98000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3507381404.0000000002A98000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2A98000
|
Size: |
4096
|
|
EED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395513634.0000000000EED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
EED000
|
Size: |
8192
|
|
114F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395860615.000000000114F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
114F000
|
Size: |
4096
|
|
2D41000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2506175958.0000000002D41000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2D41000
|
Size: |
40960
|
|
1650000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712847233.0000000001650000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1650000
|
Size: |
12288
|
|
7FFE7DD64000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3350660906.00007FFE7DD64000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD64000
|
Size: |
16384
|
|
7FFE7DF00000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.3516733206.00007FFE7DF00000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DF00000
|
Size: |
4096
|
|
7FFE7DD54000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3350612974.00007FFE7DD54000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD54000
|
Size: |
4096
|
|
7FFE7DD34000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1713279496.00007FFE7DD34000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD34000
|
Size: |
4096
|
|
2B2F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1396003826.0000000002B2F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2B2F000
|
Size: |
4096
|
|
7FFE7DD64000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3515990711.00007FFE7DD64000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD64000
|
Size: |
4096
|
|
219166C0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1341528290.00000219166C0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
219166C0000
|
Size: |
16384
|
|
C73000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3505389248.0000000000C73000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
C73000
|
Size: |
53248
|
|
F89000
|
heap
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3503129192.0000000000F89000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F89000
|
Size: |
73728
|
|
13A0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712694380.00000000013A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13A0000
|
Size: |
8192
|
|
FB0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3503129192.0000000000FB0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FB0000
|
Size: |
40960
|
|
F50000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395513634.0000000000F50000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F50000
|
Size: |
4096
|
|
CBC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3505569502.0000000000CBC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
CBC000
|
Size: |
118784
|
|
7FFE7DD44000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1396388972.00007FFE7DD44000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD44000
|
Size: |
4096
|
|
FEC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3503129192.0000000000FEC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FEC000
|
Size: |
352256
|
|
1C0A9000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3514739953.000000001C0A9000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1C0A9000
|
Size: |
28672
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
FBE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3503129192.0000000000FBE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FBE000
|
Size: |
4096
|
|
1285000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712351971.0000000001285000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1285000
|
Size: |
8192
|
|
7FFE7DD52000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3515853223.00007FFE7DD52000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD52000
|
Size: |
40960
|
|
1052000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2451927711.0000000001052000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1052000
|
Size: |
221184
|
|
FF5000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2451927711.0000000000FF5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FF5000
|
Size: |
8192
|
|
2EFE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712892850.0000000002EFE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2EFE000
|
Size: |
8192
|
|
219164D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1341500853.00000219164D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
219164D0000
|
Size: |
4096
|
|
15B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3506241496.00000000015B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
15B0000
|
Size: |
12288
|
|
10B5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3506934215.00000000010B5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
10B5000
|
Size: |
40960
|
|
1410000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395959757.0000000001410000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1410000
|
Size: |
12288
|
|
1BDAE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3514632757.000000001BDAE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1BDAE000
|
Size: |
8192
|
|
7FFE7DD42000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2566786395.00007FFE7DD42000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD42000
|
Size: |
4096
|
|
2C30000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2501252727.0000000002C30000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2C30000
|
Size: |
4096
|
|
2A96000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3507381404.0000000002A96000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2A96000
|
Size: |
4096
|
|
1BA9E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1713210646.000000001BA9E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1BA9E000
|
Size: |
8192
|
|
15B5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3506241496.00000000015B5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
15B5000
|
Size: |
8192
|
|
1545000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2465378019.0000000001545000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1545000
|
Size: |
8192
|
|
30E0000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.1712975277.00000000030E0000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
30E0000
|
Size: |
4096
|
|
7FFE7DD44000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2566786395.00007FFE7DD44000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD44000
|
Size: |
16384
|
|
219162E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1341399498.00000219162E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
219162E0000
|
Size: |
28672
|
|
9DE08FE000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1341207661.0000009DE08FE000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
9DE08FE000
|
Size: |
8192
|
|
1AFBC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3512966961.000000001AFBC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1AFBC000
|
Size: |
16384
|
|
12A3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712351971.00000000012A3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
12A3000
|
Size: |
4096
|
|
7FFE7DE60000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.3516504176.00007FFE7DE60000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DE60000
|
Size: |
49152
|
|
1300000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1712351971.0000000001300000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1300000
|
Size: |
12288
|
|
F60000
|
heap
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3503049248.0000000000F60000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
F60000
|
Size: |
8192
|
|
2771000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3350212197.0000000002771000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2771000
|
Size: |
40960
|
|
D1B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3505569502.0000000000D1B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
D1B000
|
Size: |
4096
|
|
7FFE7DD3D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000013.00000002.3508653731.00007FFE7DD3D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DD3D000
|
Size: |
4096
|
|
1B86E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3513623014.000000001B86E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1B86E000
|
Size: |
8192
|
|
9C0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3505009945.00000000009C0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
9C0000
|
Size: |
12288
|
|
D71000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3505569502.0000000000D71000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
D71000
|
Size: |
61440
|
|
2F3E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3506577497.0000000002F3E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2F3E000
|
Size: |
8192
|
|
FFF000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2451927711.0000000000FFF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FFF000
|
Size: |
40960
|
|
EEB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1395513634.0000000000EEB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
EEB000
|
Size: |
4096
|
|
1BB05000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3513789678.000000001BB05000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1BB05000
|
Size: |
217088
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
2A31000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3507381404.0000000002A31000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2A31000
|
Size: |
286720
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2D0C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1396075292.0000000002D0C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2D0C000
|
Size: |
32768
|
|
2D3E000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2504782068.0000000002D3E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2D3E000
|
Size: |
8192
|
|
1AA60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3512580279.000000001AA60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1AA60000
|
Size: |
4096
|
|
130F3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.1713085922.00000000130F3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
130F3000
|
Size: |
12288
|
|
6F4000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3349096925.00000000006F4000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6F4000
|
Size: |
49152
|
|
AAE000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000C.00000002.3349937704.0000000000AAE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
AAE000
|
Size: |
8192
|
|
7FFE7DDF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.3516235417.00007FFE7DDF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DDF0000
|
Size: |
4096
|
|
7FFE7DD32000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000013.00000002.3508261086.00007FFE7DD32000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FFE7DD32000
|
Size: |
4096
|
|
7FFE7DE50000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
0000000A.00000002.2566952255.00007FFE7DE50000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FFE7DE50000
|
Size: |
8192
|
|
2E30000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000013.00000002.3506464830.0000000002E30000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
19
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
2E30000
|
Size: |
4096
|
|
12D43000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.2557656604.0000000012D43000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
12D43000
|
Size: |
12288
|
|