31F1000
|
trusted library allocation
|
page read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000000.00000002.3354430837.00000000031F1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
31F1000
|
Size: |
794624
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Found malware configuration |
AV Detection |
|
Yara detected XWorm |
Stealing of Sensitive Information, Remote Access Functionality |
|
Sample uses string decryption to hide its real strings |
AV Detection |
|
URLs found in memory or binary data |
Networking |
|
|
7D20000
|
trusted library section
|
page read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000007.00000002.2104534573.0000000007D20000.00000004.08000000.00040000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page read and write
|
Base address: |
7D20000
|
Size: |
36864
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Malicious sample detected (through community Yara rule) |
System Summary |
|
Yara detected XWorm |
Stealing of Sensitive Information, Remote Access Functionality |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
Yara signature match |
System Summary |
|
|
2C26000
|
trusted library allocation
|
page read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000007.00000002.2081035997.0000000002C26000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C26000
|
Size: |
3256320
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Malicious sample detected (through community Yara rule) |
System Summary |
|
Yara detected XWorm |
Stealing of Sensitive Information, Remote Access Functionality |
|
AV process strings found (often used to terminate AV products) |
Lowering of HIPS / PFW / Operating System Security Settings |
Security Software Discovery
|
Sample file is different than original file name gathered from version info |
System Summary |
|
Yara signature match |
System Summary |
|
URLs found in memory or binary data |
Networking |
|
|
5905000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3364637939.0000000005905000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5905000
|
Size: |
40960
|
|
42C6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3362140251.00000000042C6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
42C6000
|
Size: |
4096
|
|
7D62000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2104752824.0000000007D62000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D62000
|
Size: |
8192
|
|
6E0E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2055147116.0000000006E0E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6E0E000
|
Size: |
8192
|
|
4F40000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2098802270.0000000004F40000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4F40000
|
Size: |
4096
|
|
2DA0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2040151910.0000000002DA0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2DA0000
|
Size: |
122880
|
|
2A8D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002A8D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2A8D000
|
Size: |
4096
|
|
2B81000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B81000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B81000
|
Size: |
4096
|
|
9A60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3379687840.0000000009A60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
9A60000
|
Size: |
65536
|
|
5740000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3363699367.0000000005740000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5740000
|
Size: |
4096
|
|
B1B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830238307.0000000000B1B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
B1B000
|
Size: |
147456
|
|
1460000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3351202117.0000000001460000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1460000
|
Size: |
4096
|
|
972D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3378408610.000000000972D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
972D000
|
Size: |
12288
|
|
4C0E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2047556031.0000000004C0E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4C0E000
|
Size: |
8192
|
|
2B7A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B7A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B7A000
|
Size: |
4096
|
|
7620000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1838254828.0000000007620000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7620000
|
Size: |
65536
|
|
2D30000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2040151910.0000000002D30000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2D30000
|
Size: |
28672
|
|
7D83000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3370372894.0000000007D83000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D83000
|
Size: |
4096
|
|
78A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3368343508.00000000078A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
78A0000
|
Size: |
65536
|
|
15F2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3351818876.00000000015F2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15F2000
|
Size: |
4096
|
|
2FF0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2046675465.0000000002FF0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2FF0000
|
Size: |
28672
|
|
8A20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3373226107.0000000008A20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A20000
|
Size: |
4096
|
|
77AE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3368176317.00000000077AE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
77AE000
|
Size: |
4096
|
|
466E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2046886005.000000000466E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
466E000
|
Size: |
8192
|
|
A07E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3380610218.000000000A07E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
A07E000
|
Size: |
8192
|
|
35BE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3354430837.00000000035BE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35BE000
|
Size: |
2199552
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
|
6E5E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835123216.0000000006E5E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6E5E000
|
Size: |
8192
|
|
2D10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2040026872.0000000002D10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2D10000
|
Size: |
8192
|
|
7A7E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3369409224.0000000007A7E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
7A7E000
|
Size: |
8192
|
|
6D55000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2101162096.0000000006D55000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6D55000
|
Size: |
45056
|
|
2AB9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002AB9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2AB9000
|
Size: |
4096
|
|
2F42000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002F42000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F42000
|
Size: |
4096
|
|
9336000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3377594288.0000000009336000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
9336000
|
Size: |
16384
|
|
46AF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2046987783.00000000046AF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
46AF000
|
Size: |
4096
|
|
2BEB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BEB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BEB000
|
Size: |
4096
|
|
9FBD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3380428512.0000000009FBD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
9FBD000
|
Size: |
12288
|
|
2AA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002AA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2AA0000
|
Size: |
12288
|
|
A40000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2039812133.0000000000A40000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A40000
|
Size: |
4096
|
|
2BB5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BB5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BB5000
|
Size: |
4096
|
|
818D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2059710350.000000000818D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
818D000
|
Size: |
12288
|
|
538D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3363168079.000000000538D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
538D000
|
Size: |
12288
|
|
57B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3364222150.00000000057B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
57B0000
|
Size: |
65536
|
|
D10000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2078607715.0000000000D10000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
D10000
|
Size: |
45056
|
|
5BE0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3365137373.0000000005BE0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5BE0000
|
Size: |
4096
|
|
4F00000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2098556412.0000000004F00000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4F00000
|
Size: |
4096
|
|
5CE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3365509984.0000000005CE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5CE0000
|
Size: |
4096
|
|
2B8F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B8F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B8F000
|
Size: |
4096
|
|
729B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1836428730.000000000729B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
729B000
|
Size: |
12288
|
|
8D10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3376301437.0000000008D10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8D10000
|
Size: |
32768
|
|
2C0C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002C0C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C0C000
|
Size: |
4096
|
|
4F70000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2099020458.0000000004F70000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4F70000
|
Size: |
4096
|
|
7B80000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3369683668.0000000007B80000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7B80000
|
Size: |
32768
|
|
7610000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2057430158.0000000007610000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7610000
|
Size: |
4096
|
|
A60000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2077955594.0000000000A60000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A60000
|
Size: |
8192
|
|
544E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2099607486.000000000544E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
544E000
|
Size: |
8192
|
|
18B7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3353752866.00000000018B7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
18B7000
|
Size: |
12288
|
|
2B15000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B15000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B15000
|
Size: |
4096
|
|
6ECD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2055261390.0000000006ECD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6ECD000
|
Size: |
12288
|
|
52C0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2099409721.00000000052C0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
52C0000
|
Size: |
12288
|
|
72C4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2056328307.00000000072C4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
72C4000
|
Size: |
20480
|
|
7214000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835333566.0000000007214000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7214000
|
Size: |
102400
|
|
1A0B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3353918485.0000000001A0B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1A0B000
|
Size: |
8192
|
|
750F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1837329593.000000000750F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
750F000
|
Size: |
4096
|
|
C52000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2078457675.0000000000C52000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
C52000
|
Size: |
4096
|
|
2B7F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B7F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B7F000
|
Size: |
4096
|
|
2B25000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B25000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B25000
|
Size: |
12288
|
|
816E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2059497759.000000000816E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
816E000
|
Size: |
8192
|
|
2B9C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B9C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B9C000
|
Size: |
4096
|
|
7234000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835333566.0000000007234000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7234000
|
Size: |
36864
|
|
12F7000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3351089387.00000000012F7000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
12F7000
|
Size: |
36864
|
|
76C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2058991744.00000000076C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
76C0000
|
Size: |
65536
|
|
4F03000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2098556412.0000000004F03000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4F03000
|
Size: |
8192
|
|
8D2C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3376445239.0000000008D2C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8D2C000
|
Size: |
8192
|
|
75AF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2102471418.00000000075AF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
75AF000
|
Size: |
4096
|
|
18A4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3353650026.00000000018A4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
18A4000
|
Size: |
49152
|
|
AA9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830238307.0000000000AA9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
AA9000
|
Size: |
8192
|
|
6C3E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1834989165.0000000006C3E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6C3E000
|
Size: |
8192
|
|
5A50000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3365061976.0000000005A50000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5A50000
|
Size: |
8192
|
|
5CF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3365632603.0000000005CF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5CF0000
|
Size: |
65536
|
|
7616000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2057430158.0000000007616000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7616000
|
Size: |
40960
|
|
56E5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3363359625.00000000056E5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
56E5000
|
Size: |
45056
|
|
B6E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2039980651.0000000000B6E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
B6E000
|
Size: |
8192
|
|
7680000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2058056633.0000000007680000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7680000
|
Size: |
65536
|
|
2B8B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B8B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B8B000
|
Size: |
4096
|
|
5AB1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1834425823.0000000005AB1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5AB1000
|
Size: |
36864
|
|
2DC4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2040151910.0000000002DC4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2DC4000
|
Size: |
253952
|
|
2BE9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BE9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BE9000
|
Size: |
4096
|
|
72D3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2056386598.00000000072D3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
72D3000
|
Size: |
57344
|
|
712F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835238599.000000000712F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
712F000
|
Size: |
4096
|
|
53CE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2099513518.00000000053CE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
53CE000
|
Size: |
8192
|
|
46D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2047175461.00000000046D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
46D0000
|
Size: |
4096
|
|
8D50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3376842539.0000000008D50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8D50000
|
Size: |
40960
|
|
6B75000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1834926558.0000000006B75000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
6B75000
|
Size: |
8192
|
|
7B30000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3369589054.0000000007B30000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7B30000
|
Size: |
8192
|
|
7610000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1838148809.0000000007610000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7610000
|
Size: |
65536
|
|
477E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2047309535.000000000477E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
477E000
|
Size: |
8192
|
|
CAB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2078607715.0000000000CAB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
CAB000
|
Size: |
4096
|
|
73A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3365984088.00000000073A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
73A0000
|
Size: |
24576
|
|
2AA6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002AA6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2AA6000
|
Size: |
4096
|
|
27EC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2080236617.00000000027EC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
27EC000
|
Size: |
16384
|
|
2A7F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002A7F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2A7F000
|
Size: |
12288
|
|
7DA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2105169872.0000000007DA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7DA0000
|
Size: |
36864
|
|
8A02000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3372657003.0000000008A02000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A02000
|
Size: |
8192
|
|
2B1F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B1F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B1F000
|
Size: |
4096
|
|
56D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3363229455.00000000056D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
56D0000
|
Size: |
57344
|
|
7B7C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3369631215.0000000007B7C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
7B7C000
|
Size: |
16384
|
|
75DD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2057183384.00000000075DD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
75DD000
|
Size: |
12288
|
|
41F1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3362140251.00000000041F1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
41F1000
|
Size: |
36864
|
|
27F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2080273073.00000000027F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
27F0000
|
Size: |
4096
|
|
72EC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2056500963.00000000072EC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
72EC000
|
Size: |
12288
|
|
7D80000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3370346709.0000000007D80000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D80000
|
Size: |
4096
|
|
2BE1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BE1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BE1000
|
Size: |
4096
|
|
7256000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835333566.0000000007256000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7256000
|
Size: |
8192
|
|
99A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3378879550.00000000099A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
99A0000
|
Size: |
8192
|
|
8CC0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3375370631.0000000008CC0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
8CC0000
|
Size: |
65536
|
|
2BA9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BA9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BA9000
|
Size: |
4096
|
|
87AD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3371109892.00000000087AD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
87AD000
|
Size: |
12288
|
|
C33000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2078263748.0000000000C33000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
C33000
|
Size: |
28672
|
|
4AA0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830965511.0000000004AA0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4AA0000
|
Size: |
4096
|
|
2ADC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002ADC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2ADC000
|
Size: |
4096
|
|
AAE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2077977310.0000000000AAE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
AAE000
|
Size: |
8192
|
|
2F46000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002F46000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F46000
|
Size: |
4096
|
|
7CF6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2104197788.0000000007CF6000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7CF6000
|
Size: |
4096
|
|
2B7C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B7C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B7C000
|
Size: |
4096
|
|
911A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3376928032.000000000911A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
911A000
|
Size: |
49152
|
|
7964000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3368897061.0000000007964000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7964000
|
Size: |
40960
|
|
2FE5000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.2046583941.0000000002FE5000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
2FE5000
|
Size: |
45056
|
|
7600000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2057347182.0000000007600000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7600000
|
Size: |
61440
|
|
2D67000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2040151910.0000000002D67000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2D67000
|
Size: |
204800
|
|
2B83000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B83000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B83000
|
Size: |
28672
|
|
7D90000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2105046580.0000000007D90000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D90000
|
Size: |
4096
|
|
75F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1837884501.00000000075F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
75F0000
|
Size: |
65536
|
|
2BAF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BAF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BAF000
|
Size: |
12288
|
|
6DCE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835081651.0000000006DCE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6DCE000
|
Size: |
8192
|
|
2C02000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002C02000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C02000
|
Size: |
4096
|
|
7220000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2055850568.0000000007220000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7220000
|
Size: |
16384
|
|
74CE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1837254836.00000000074CE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
74CE000
|
Size: |
8192
|
|
FF0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3351053393.0000000000FF0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FF0000
|
Size: |
12288
|
|
7600000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1837990358.0000000007600000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7600000
|
Size: |
65536
|
|
56DF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3363229455.00000000056DF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
56DF000
|
Size: |
4096
|
|
7C30000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3369867525.0000000007C30000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7C30000
|
Size: |
249856
|
|
1A1E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3353918485.0000000001A1E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1A1E000
|
Size: |
8192
|
|
2AD4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002AD4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2AD4000
|
Size: |
4096
|
|
7301000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2056594350.0000000007301000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7301000
|
Size: |
20480
|
|
54BE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830981348.00000000054BE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
54BE000
|
Size: |
4096
|
|
2C21000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002C21000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C21000
|
Size: |
4096
|
|
6F90000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2055453187.0000000006F90000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6F90000
|
Size: |
299008
|
|
B0D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2078122827.0000000000B0D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
B0D000
|
Size: |
4096
|
|
2AA4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002AA4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2AA4000
|
Size: |
4096
|
|
9993000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3378879550.0000000009993000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
9993000
|
Size: |
4096
|
|
812D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2059460864.000000000812D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
812D000
|
Size: |
12288
|
|
87A7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3371109892.00000000087A7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
87A7000
|
Size: |
8192
|
|
3A3A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2097282716.0000000003A3A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3A3A000
|
Size: |
180224
|
|
2DC0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2040151910.0000000002DC0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2DC0000
|
Size: |
12288
|
|
2B0A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B0A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B0A000
|
Size: |
4096
|
|
15CD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3351528113.00000000015CD000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
15CD000
|
Size: |
4096
|
|
AC5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830238307.0000000000AC5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
AC5000
|
Size: |
28672
|
|
162E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3352034906.000000000162E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
162E000
|
Size: |
98304
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
|
931B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3377594288.000000000931B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
931B000
|
Size: |
65536
|
|
A0FE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3380686470.000000000A0FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
A0FE000
|
Size: |
8192
|
|
2B3E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B3E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B3E000
|
Size: |
4096
|
|
8A66000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3373682658.0000000008A66000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A66000
|
Size: |
40960
|
|
47DE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2047393989.00000000047DE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
47DE000
|
Size: |
8192
|
|
718E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2055817563.000000000718E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
718E000
|
Size: |
8192
|
|
C80000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2078589155.0000000000C80000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
C80000
|
Size: |
4096
|
|
2B72000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B72000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B72000
|
Size: |
4096
|
|
710E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2055736330.000000000710E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
710E000
|
Size: |
8192
|
|
15B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3351332225.00000000015B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15B0000
|
Size: |
8192
|
|
6CD0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2100667212.0000000006CD0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
6CD0000
|
Size: |
65536
|
|
79AE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2102871283.00000000079AE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
79AE000
|
Size: |
8192
|
|
2A92000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002A92000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2A92000
|
Size: |
53248
|
|
737E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3365939723.000000000737E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
737E000
|
Size: |
8192
|
|
C70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2078570983.0000000000C70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
C70000
|
Size: |
4096
|
|
2B46000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B46000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B46000
|
Size: |
24576
|
|
1A40000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3354331429.0000000001A40000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1A40000
|
Size: |
20480
|
|
6D1E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2100830955.0000000006D1E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6D1E000
|
Size: |
8192
|
|
6BBE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1834956779.0000000006BBE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6BBE000
|
Size: |
8192
|
|
F7A000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3350971420.0000000000F7A000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
F7A000
|
Size: |
24576
|
|
2AE5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002AE5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2AE5000
|
Size: |
12288
|
|
8D40000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3376723541.0000000008D40000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
8D40000
|
Size: |
65536
|
|
8050000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1838629017.0000000008050000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
8050000
|
Size: |
4096
|
|
715E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2102214450.000000000715E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
715E000
|
Size: |
8192
|
|
725C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835722901.000000000725C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
725C000
|
Size: |
20480
|
|
7440000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2056702140.0000000007440000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7440000
|
Size: |
24576
|
|
2D23000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.2040075328.0000000002D23000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
2D23000
|
Size: |
4096
|
|
8210000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2060070786.0000000008210000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
8210000
|
Size: |
4096
|
|
4800000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2047459302.0000000004800000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4800000
|
Size: |
16384
|
|
6E8A000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2055217666.0000000006E8A000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6E8A000
|
Size: |
24576
|
|
2A85000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002A85000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2A85000
|
Size: |
4096
|
|
6F00000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2101612208.0000000006F00000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
6F00000
|
Size: |
45056
|
|
7B50000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2103264669.0000000007B50000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7B50000
|
Size: |
4096
|
|
7660000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1838507915.0000000007660000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7660000
|
Size: |
65536
|
|
2B12000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B12000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B12000
|
Size: |
4096
|
|
2C13000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002C13000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C13000
|
Size: |
4096
|
|
186E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3353372000.000000000186E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
186E000
|
Size: |
8192
|
|
7E7000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2077847730.00000000007E7000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
7E7000
|
Size: |
36864
|
|
29D8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.00000000029D8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
29D8000
|
Size: |
573440
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Malicious sample detected (through community Yara rule) |
System Summary |
|
Yara signature match |
System Summary |
|
|
47E5000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.2047415396.00000000047E5000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
47E5000
|
Size: |
8192
|
|
76EE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2102591256.00000000076EE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
76EE000
|
Size: |
8192
|
|
7F280000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2105278604.000000007F280000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7F280000
|
Size: |
4096
|
|
3A7C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2097282716.0000000003A7C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3A7C000
|
Size: |
8192
|
|
2B0C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B0C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B0C000
|
Size: |
4096
|
|
4B13000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830981348.0000000004B13000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4B13000
|
Size: |
983040
|
|
2B51000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B51000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B51000
|
Size: |
4096
|
|
7630000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1838337191.0000000007630000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7630000
|
Size: |
65536
|
|
423A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3362140251.000000000423A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
423A000
|
Size: |
147456
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
|
5753000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3363738073.0000000005753000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5753000
|
Size: |
12288
|
|
58DB000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3364531004.00000000058DB000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
58DB000
|
Size: |
20480
|
|
D20000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2078607715.0000000000D20000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
D20000
|
Size: |
520192
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
AV process strings found (often used to terminate AV products) |
Lowering of HIPS / PFW / Operating System Security Settings |
Security Software Discovery
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
5AD9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1834425823.0000000005AD9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5AD9000
|
Size: |
184320
|
|
2BD2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BD2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BD2000
|
Size: |
4096
|
|
2810000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2080437145.0000000002810000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2810000
|
Size: |
16384
|
|
5750000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3363738073.0000000005750000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5750000
|
Size: |
4096
|
|
8180000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2059710350.0000000008180000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8180000
|
Size: |
28672
|
|
4599000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830691012.0000000004599000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4599000
|
Size: |
16384
|
|
5D00000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3365830968.0000000005D00000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
5D00000
|
Size: |
65536
|
|
B40000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830401803.0000000000B40000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
B40000
|
Size: |
12288
|
|
4F10000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2098619098.0000000004F10000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
4F10000
|
Size: |
65536
|
|
5C89000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2053696927.0000000005C89000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5C89000
|
Size: |
4096
|
|
4DD2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2047615625.0000000004DD2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4DD2000
|
Size: |
847872
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2BE7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BE7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BE7000
|
Size: |
4096
|
|
32B6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3354430837.00000000032B6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
32B6000
|
Size: |
90112
|
|
C42000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2078356975.0000000000C42000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
C42000
|
Size: |
4096
|
|
6F70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2101809639.0000000006F70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6F70000
|
Size: |
12288
|
|
6E9B000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835142429.0000000006E9B000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6E9B000
|
Size: |
20480
|
|
87A2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3371109892.00000000087A2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
87A2000
|
Size: |
8192
|
|
99D0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3379194768.00000000099D0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
99D0000
|
Size: |
65536
|
|
2BEF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BEF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BEF000
|
Size: |
4096
|
|
782F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2102714439.000000000782F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
782F000
|
Size: |
4096
|
|
7160000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2102278635.0000000007160000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7160000
|
Size: |
4096
|
|
8A05000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3372657003.0000000008A05000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A05000
|
Size: |
4096
|
|
2ADE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002ADE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2ADE000
|
Size: |
4096
|
|
1820000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3353336135.0000000001820000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1820000
|
Size: |
12288
|
|
8957000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3372122819.0000000008957000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
8957000
|
Size: |
36864
|
|
2B9E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B9E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B9E000
|
Size: |
4096
|
|
420C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3362140251.000000000420C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
420C000
|
Size: |
4096
|
|
AA5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830207678.0000000000AA5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
AA5000
|
Size: |
12288
|
|
89D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3372463374.00000000089D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
89D0000
|
Size: |
40960
|
|
1154000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2080072537.0000000001154000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1154000
|
Size: |
45056
|
|
80C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2059396574.00000000080C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
80C0000
|
Size: |
8192
|
|
7B52000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2103264669.0000000007B52000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7B52000
|
Size: |
131072
|
|
5CA9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2053696927.0000000005CA9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5CA9000
|
Size: |
184320
|
|
1130000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2079907721.0000000001130000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
1130000
|
Size: |
65536
|
|
6B70000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1834926558.0000000006B70000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
6B70000
|
Size: |
12288
|
|
9AF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3379856257.0000000009AF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
9AF0000
|
Size: |
65536
|
|
7640000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1838382201.0000000007640000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7640000
|
Size: |
65536
|
|
2800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2080351142.0000000002800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2800000
|
Size: |
57344
|
|
71E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835287558.00000000071E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
71E0000
|
Size: |
86016
|
|
4B8E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2047485553.0000000004B8E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4B8E000
|
Size: |
8192
|
|
8A80000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3374054906.0000000008A80000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A80000
|
Size: |
65536
|
|
6B2E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1834894394.0000000006B2E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6B2E000
|
Size: |
8192
|
|
58F0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3364611836.00000000058F0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
58F0000
|
Size: |
4096
|
|
2F44000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002F44000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F44000
|
Size: |
4096
|
|
AE0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2039905207.0000000000AE0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
AE0000
|
Size: |
16384
|
|
2D20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2040050366.0000000002D20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2D20000
|
Size: |
12288
|
|
6EF0000
|
direct allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2101523553.0000000006EF0000.00000040.00001000.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page execute and read and write
|
Base address: |
6EF0000
|
Size: |
57344
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Malicious sample detected (through community Yara rule) |
System Summary |
|
Yara signature match |
System Summary |
|
|
A37C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3380881957.000000000A37C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
A37C000
|
Size: |
16384
|
|
2C08000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002C08000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C08000
|
Size: |
4096
|
|
80A0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2059143064.00000000080A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
80A0000
|
Size: |
4096
|
|
6EE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2101478819.0000000006EE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6EE0000
|
Size: |
12288
|
|
49A8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2098075344.00000000049A8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49A8000
|
Size: |
8192
|
|
8060000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1838652212.0000000008060000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
8060000
|
Size: |
24576
|
|
1A2D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3353918485.0000000001A2D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1A2D000
|
Size: |
69632
|
|
4780000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2047336507.0000000004780000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4780000
|
Size: |
65536
|
|
A6C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830120515.0000000000A6C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A6C000
|
Size: |
45056
|
|
8A24000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3373226107.0000000008A24000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A24000
|
Size: |
49152
|
|
2B38000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B38000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B38000
|
Size: |
12288
|
|
4C81000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2047615625.0000000004C81000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C81000
|
Size: |
335872
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1A47000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3354331429.0000000001A47000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1A47000
|
Size: |
32768
|
|
8220000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2060097730.0000000008220000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
8220000
|
Size: |
4096
|
|
8768000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3370981097.0000000008768000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
8768000
|
Size: |
4096
|
|
73C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830048643.000000000073C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
73C000
|
Size: |
16384
|
|
19BE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3353837445.00000000019BE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
19BE000
|
Size: |
8192
|
|
89A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3372276416.00000000089A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
89A0000
|
Size: |
8192
|
|
816E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3370778704.000000000816E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
816E000
|
Size: |
8192
|
|
89C0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3372348215.00000000089C0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
89C0000
|
Size: |
65536
|
|
1628000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3352034906.0000000001628000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1628000
|
Size: |
16384
|
|
4C4E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2047575466.0000000004C4E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4C4E000
|
Size: |
8192
|
|
4590000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830691012.0000000004590000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4590000
|
Size: |
32768
|
|
7400000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1836932523.0000000007400000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7400000
|
Size: |
4096
|
|
6D20000
|
trusted library section
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2100952372.0000000006D20000.00000004.08000000.00040000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page read and write
|
Base address: |
6D20000
|
Size: |
139264
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
|
548D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2099650183.000000000548D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
548D000
|
Size: |
12288
|
|
76B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2058789428.00000000076B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
76B0000
|
Size: |
65536
|
|
814E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1838870366.000000000814E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
814E000
|
Size: |
8192
|
|
AF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2078026189.0000000000AF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
AF0000
|
Size: |
8192
|
|
716E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835254514.000000000716E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
716E000
|
Size: |
8192
|
|
9350000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3378215014.0000000009350000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
9350000
|
Size: |
65536
|
|
7670000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1838571991.0000000007670000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7670000
|
Size: |
65536
|
|
18B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3353752866.00000000018B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
18B0000
|
Size: |
16384
|
|
295D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2080577292.000000000295D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
295D000
|
Size: |
69632
|
|
7D6E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3370274004.0000000007D6E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
7D6E000
|
Size: |
8192
|
|
A23C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3380775437.000000000A23C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
A23C000
|
Size: |
16384
|
|
5B1C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1834425823.0000000005B1C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5B1C000
|
Size: |
1257472
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
B09000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830238307.0000000000B09000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
B09000
|
Size: |
12288
|
|
C40000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2078332310.0000000000C40000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
C40000
|
Size: |
4096
|
|
72A5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1836428730.00000000072A5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
72A5000
|
Size: |
20480
|
|
5940000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3364879987.0000000005940000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
5940000
|
Size: |
20480
|
|
5C30000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3365137373.0000000005C30000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5C30000
|
Size: |
32768
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
4F80000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2099049022.0000000004F80000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
4F80000
|
Size: |
4096
|
|
75A0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1837532004.00000000075A0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
75A0000
|
Size: |
4096
|
|
2B23000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B23000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B23000
|
Size: |
4096
|
|
2BF2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BF2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BF2000
|
Size: |
4096
|
|
6E4E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2055178708.0000000006E4E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6E4E000
|
Size: |
8192
|
|
84DF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3370953861.00000000084DF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
84DF000
|
Size: |
4096
|
|
144E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3351168104.000000000144E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
144E000
|
Size: |
8192
|
|
8D19000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3376301437.0000000008D19000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8D19000
|
Size: |
28672
|
|
2AEB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002AEB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2AEB000
|
Size: |
106496
|
|
75E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2057233800.00000000075E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
75E0000
|
Size: |
65536
|
|
CE2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2078607715.0000000000CE2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
CE2000
|
Size: |
180224
|
|
4A60000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1830917207.0000000004A60000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
4A60000
|
Size: |
28672
|
|
2A87000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002A87000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2A87000
|
Size: |
4096
|
|
8A30000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3373402632.0000000008A30000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A30000
|
Size: |
65536
|
|
39A1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2097282716.00000000039A1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39A1000
|
Size: |
282624
|
|
4620000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2046799637.0000000004620000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4620000
|
Size: |
4096
|
|
7FB10000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3381146205.000000007FB10000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FB10000
|
Size: |
4096
|
|
2A7D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002A7D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2A7D000
|
Size: |
4096
|
|
49B0000
|
heap
|
page readonly
|
|
|
|
Name: |
00000002.00000002.1830833600.00000000049B0000.00000002.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page readonly
|
Base address: |
49B0000
|
Size: |
4096
|
|
70CE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2055686590.00000000070CE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
70CE000
|
Size: |
8192
|
|
5492000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2099694195.0000000005492000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5492000
|
Size: |
57344
|
|
8190000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.2059948494.0000000008190000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
8190000
|
Size: |
8192
|
|
2AAB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002AAB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2AAB000
|
Size: |
4096
|
|
8D20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3376445239.0000000008D20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8D20000
|
Size: |
45056
|
|
C46000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2078384525.0000000000C46000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
C46000
|
Size: |
12288
|
|
2F4F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002F4F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F4F000
|
Size: |
20480
|
|
15F5000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3351851893.00000000015F5000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
15F5000
|
Size: |
4096
|
|
81D5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2059974675.00000000081D5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
81D5000
|
Size: |
36864
|
|
7252000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2055940264.0000000007252000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7252000
|
Size: |
126976
|
|
15E2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3351680252.00000000015E2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15E2000
|
Size: |
4096
|
|
2FD0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2046311141.0000000002FD0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2FD0000
|
Size: |
4096
|
|
B55000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830421701.0000000000B55000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
B55000
|
Size: |
12288
|
|
75F0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.2057311543.00000000075F0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
75F0000
|
Size: |
16384
|
|
56E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3363359625.00000000056E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
56E0000
|
Size: |
16384
|
|
1140000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2079990086.0000000001140000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1140000
|
Size: |
65536
|
|
9970000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3378635262.0000000009970000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
9970000
|
Size: |
65536
|
|
8080000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1838777442.0000000008080000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8080000
|
Size: |
4096
|
|
9310000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3377594288.0000000009310000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
9310000
|
Size: |
12288
|
|
2C1D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002C1D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C1D000
|
Size: |
4096
|
|
4A1C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830883306.0000000004A1C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4A1C000
|
Size: |
16384
|
|
15C3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3351464276.00000000015C3000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
15C3000
|
Size: |
4096
|
|
9DB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3380170797.0000000009DB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
9DB0000
|
Size: |
20480
|
|
5710000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3363590643.0000000005710000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5710000
|
Size: |
65536
|
|
8AA0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3374340838.0000000008AA0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
8AA0000
|
Size: |
65536
|
|
982A000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3378449271.000000000982A000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
982A000
|
Size: |
24576
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
75EE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2102538130.00000000075EE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
75EE000
|
Size: |
8192
|
|
49C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830851753.00000000049C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49C0000
|
Size: |
4096
|
|
C3D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2078307745.0000000000C3D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
C3D000
|
Size: |
4096
|
|
6DCE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2055122669.0000000006DCE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6DCE000
|
Size: |
8192
|
|
2A89000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002A89000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2A89000
|
Size: |
4096
|
|
75D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1837769229.00000000075D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
75D0000
|
Size: |
65536
|
|
7247000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835333566.0000000007247000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7247000
|
Size: |
49152
|
|
2B61000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B61000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B61000
|
Size: |
8192
|
|
2BB7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BB7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BB7000
|
Size: |
4096
|
|
8D2F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3376445239.0000000008D2F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8D2F000
|
Size: |
4096
|
|
2815000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2080437145.0000000002815000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2815000
|
Size: |
45056
|
|
7D7E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2104752824.0000000007D7E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D7E000
|
Size: |
4096
|
|
292F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2080552465.000000000292F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
292F000
|
Size: |
4096
|
|
5CEB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2053696927.0000000005CEB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5CEB000
|
Size: |
1257472
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
57E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3364394661.00000000057E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
57E0000
|
Size: |
8192
|
|
2A66000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002A66000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2A66000
|
Size: |
90112
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Malicious sample detected (through community Yara rule) |
System Summary |
|
Yara signature match |
System Summary |
|
|
6EEE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835164419.0000000006EEE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6EEE000
|
Size: |
8192
|
|
8A18000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3372657003.0000000008A18000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A18000
|
Size: |
32768
|
|
420F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3362140251.000000000420F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
420F000
|
Size: |
143360
|
|
27F4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2080273073.00000000027F4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
27F4000
|
Size: |
49152
|
|
7650000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2057772451.0000000007650000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7650000
|
Size: |
65536
|
|
796F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3368897061.000000000796F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
796F000
|
Size: |
4096
|
|
7D94000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2105046580.0000000007D94000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D94000
|
Size: |
20480
|
|
4ED0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2098374674.0000000004ED0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4ED0000
|
Size: |
65536
|
|
15C4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3351489483.00000000015C4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15C4000
|
Size: |
16384
|
|
2BFE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BFE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BFE000
|
Size: |
4096
|
|
2BB3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BB3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BB3000
|
Size: |
4096
|
|
2C0A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002C0A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C0A000
|
Size: |
4096
|
|
4EC0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2098284036.0000000004EC0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
4EC0000
|
Size: |
65536
|
|
7FB28000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3381180771.000000007FB28000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FB28000
|
Size: |
4096
|
|
8170000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2059630928.0000000008170000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
8170000
|
Size: |
4096
|
|
4EE2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2047615625.0000000004EE2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4EE2000
|
Size: |
487424
|
|
7410000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1836983062.0000000007410000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7410000
|
Size: |
61440
|
|
7D40000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2104655379.0000000007D40000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D40000
|
Size: |
12288
|
|
19FC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3353873652.00000000019FC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
19FC000
|
Size: |
16384
|
|
42BF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3362140251.00000000042BF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
42BF000
|
Size: |
24576
|
|
2D2E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830482599.0000000002D2E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2D2E000
|
Size: |
8192
|
|
8A40000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3373566852.0000000008A40000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A40000
|
Size: |
65536
|
|
6C90000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2100367439.0000000006C90000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6C90000
|
Size: |
65536
|
|
4E80000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2098158301.0000000004E80000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4E80000
|
Size: |
65536
|
|
2ADA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002ADA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2ADA000
|
Size: |
4096
|
|
2B9A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B9A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B9A000
|
Size: |
4096
|
|
A6FE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3381045986.000000000A6FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
A6FE000
|
Size: |
8192
|
|
7960000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3368897061.0000000007960000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7960000
|
Size: |
4096
|
|
1A04000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3353918485.0000000001A04000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1A04000
|
Size: |
16384
|
|
2D80000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830525827.0000000002D80000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2D80000
|
Size: |
4096
|
|
49C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830851753.00000000049C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49C8000
|
Size: |
12288
|
|
46C0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.2047088152.00000000046C0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
46C0000
|
Size: |
40960
|
|
458D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1830677627.000000000458D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
458D000
|
Size: |
8192
|
|
1610000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3351947422.0000000001610000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1610000
|
Size: |
4096
|
|
7420000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1837019722.0000000007420000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7420000
|
Size: |
12288
|
|
89F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3372657003.00000000089F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
89F0000
|
Size: |
69632
|
|
6B7E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2100246559.0000000006B7E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6B7E000
|
Size: |
4096
|
|
AE0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2077999007.0000000000AE0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
AE0000
|
Size: |
16384
|
|
8770000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3370981097.0000000008770000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
8770000
|
Size: |
4096
|
|
7AAE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2102916516.0000000007AAE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
7AAE000
|
Size: |
8192
|
|
8A70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3373944395.0000000008A70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A70000
|
Size: |
65536
|
|
77A0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3368176317.00000000077A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
77A0000
|
Size: |
53248
|
|
75C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1837684217.00000000075C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
75C0000
|
Size: |
65536
|
|
758D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1837384467.000000000758D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
758D000
|
Size: |
12288
|
|
78C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3368595385.00000000078C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
78C0000
|
Size: |
65536
|
|
8774000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3370981097.0000000008774000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
8774000
|
Size: |
4096
|
|
2FF8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2046675465.0000000002FF8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2FF8000
|
Size: |
8192
|
|
8B50000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3374589273.0000000008B50000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
8B50000
|
Size: |
65536
|
|
4A70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830931182.0000000004A70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4A70000
|
Size: |
65536
|
|
2BAB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BAB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BAB000
|
Size: |
12288
|
|
4FA0000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2099168258.0000000004FA0000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
4FA0000
|
Size: |
20480
|
|
80B0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.2059310567.00000000080B0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
80B0000
|
Size: |
28672
|
|
723E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835333566.000000000723E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
723E000
|
Size: |
8192
|
|
45B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830720157.00000000045B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
45B0000
|
Size: |
16384
|
|
71AE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835271245.00000000071AE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
71AE000
|
Size: |
8192
|
|
2B59000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B59000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B59000
|
Size: |
4096
|
|
2B21000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B21000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B21000
|
Size: |
4096
|
|
4584000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830661291.0000000004584000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4584000
|
Size: |
36864
|
|
2BD8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BD8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BD8000
|
Size: |
4096
|
|
39F7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2097282716.00000000039F7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
39F7000
|
Size: |
143360
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
|
7484000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2056896291.0000000007484000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7484000
|
Size: |
49152
|
|
A40000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830120515.0000000000A40000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A40000
|
Size: |
28672
|
|
73AF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2102343437.00000000073AF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
73AF000
|
Size: |
4096
|
|
4C70000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.2047597650.0000000004C70000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
4C70000
|
Size: |
4096
|
|
C5B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2078548713.0000000000C5B000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
C5B000
|
Size: |
4096
|
|
2E07000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2040151910.0000000002E07000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E07000
|
Size: |
163840
|
|
2BA7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BA7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BA7000
|
Size: |
4096
|
|
6CA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2100469884.0000000006CA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6CA0000
|
Size: |
61440
|
|
2D24000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2040097133.0000000002D24000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2D24000
|
Size: |
36864
|
|
2D2D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.2040129115.0000000002D2D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
2D2D000
|
Size: |
8192
|
|
C4A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2078418535.0000000000C4A000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
C4A000
|
Size: |
16384
|
|
2C17000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002C17000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C17000
|
Size: |
20480
|
|
1703000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3352034906.0000000001703000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1703000
|
Size: |
114688
|
|
15E6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3351705910.00000000015E6000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
15E6000
|
Size: |
12288
|
|
2AE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002AE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2AE0000
|
Size: |
16384
|
|
7287000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835868532.0000000007287000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7287000
|
Size: |
12288
|
|
7D8C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3370488183.0000000007D8C000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7D8C000
|
Size: |
8192
|
|
2AC4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002AC4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2AC4000
|
Size: |
53248
|
|
9A50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3379575428.0000000009A50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
9A50000
|
Size: |
57344
|
|
4CD4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2047615625.0000000004CD4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4CD4000
|
Size: |
1028096
|
|
6CB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2100563687.0000000006CB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6CB0000
|
Size: |
65536
|
|
56F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3363487832.00000000056F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
56F0000
|
Size: |
65536
|
|
27AE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2080207720.00000000027AE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
27AE000
|
Size: |
8192
|
|
7D92000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2105046580.0000000007D92000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D92000
|
Size: |
4096
|
|
CAE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2078607715.0000000000CAE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
CAE000
|
Size: |
98304
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
|
427D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3362140251.000000000427D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
427D000
|
Size: |
184320
|
|
4BCE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2047506610.0000000004BCE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4BCE000
|
Size: |
8192
|
|
2951000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2080577292.0000000002951000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2951000
|
Size: |
16384
|
|
2BA2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BA2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BA2000
|
Size: |
4096
|
|
7D85000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2104752824.0000000007D85000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D85000
|
Size: |
4096
|
|
4580000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830629016.0000000004580000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4580000
|
Size: |
12288
|
|
2D38000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2040151910.0000000002D38000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2D38000
|
Size: |
135168
|
|
930A000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3377526593.000000000930A000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
930A000
|
Size: |
24576
|
|
7D89000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3370460220.0000000007D89000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7D89000
|
Size: |
4096
|
|
9FFD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3380478136.0000000009FFD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
9FFD000
|
Size: |
12288
|
|
7660000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2057865663.0000000007660000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7660000
|
Size: |
65536
|
|
6D60000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2101325178.0000000006D60000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
6D60000
|
Size: |
65536
|
|
7AC0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2102962263.0000000007AC0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7AC0000
|
Size: |
4096
|
|
7C7000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2039776876.00000000007C7000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
7C7000
|
Size: |
36864
|
|
9D90000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3380048714.0000000009D90000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
9D90000
|
Size: |
65536
|
|
7670000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2057959548.0000000007670000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7670000
|
Size: |
65536
|
|
58E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3364582462.00000000058E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
58E0000
|
Size: |
4096
|
|
755E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2057103368.000000000755E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
755E000
|
Size: |
8192
|
|
EE2000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000000.1712393571.0000000000EE2000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
EE2000
|
Size: |
32768
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
|
90D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3376928032.00000000090D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
90D0000
|
Size: |
282624
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
72CA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2056361191.00000000072CA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
72CA000
|
Size: |
8192
|
|
54A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2099912223.00000000054A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
54A0000
|
Size: |
65536
|
|
9A2C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3379341388.0000000009A2C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
9A2C000
|
Size: |
16384
|
|
7020000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2101899850.0000000007020000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7020000
|
Size: |
245760
|
|
933D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3377594288.000000000933D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
933D000
|
Size: |
16384
|
|
72F2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1836662233.00000000072F2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
72F2000
|
Size: |
4096
|
|
AAE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830238307.0000000000AAE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
AAE000
|
Size: |
90112
|
|
2E03000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2040151910.0000000002E03000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E03000
|
Size: |
8192
|
|
80B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1838797377.00000000080B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
80B0000
|
Size: |
4096
|
|
B50000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830421701.0000000000B50000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
B50000
|
Size: |
16384
|
|
1620000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3352034906.0000000001620000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1620000
|
Size: |
28672
|
|
826E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3370847306.000000000826E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
826E000
|
Size: |
8192
|
|
2AD8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002AD8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2AD8000
|
Size: |
4096
|
|
A48000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830120515.0000000000A48000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A48000
|
Size: |
143360
|
|
8A07000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3372657003.0000000008A07000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A07000
|
Size: |
24576
|
|
18A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3353650026.00000000018A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
18A0000
|
Size: |
4096
|
|
2BBF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BBF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BBF000
|
Size: |
49152
|
|
2BCE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BCE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BCE000
|
Size: |
12288
|
|
7CFC000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2104283469.0000000007CFC000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7CFC000
|
Size: |
4096
|
|
7D90000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3370559505.0000000007D90000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D90000
|
Size: |
65536
|
|
4B3C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2098115230.0000000004B3C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4B3C000
|
Size: |
16384
|
|
7430000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1837043055.0000000007430000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7430000
|
Size: |
40960
|
|
4905000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1830772383.0000000004905000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
4905000
|
Size: |
45056
|
|
6CCD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835005707.0000000006CCD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6CCD000
|
Size: |
12288
|
|
7D6E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2104752824.0000000007D6E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D6E000
|
Size: |
8192
|
|
1647000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3352034906.0000000001647000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1647000
|
Size: |
102400
|
|
75B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1837596757.00000000075B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
75B0000
|
Size: |
61440
|
|
6B6E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1834910467.0000000006B6E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6B6E000
|
Size: |
8192
|
|
7210000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2055850568.0000000007210000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7210000
|
Size: |
4096
|
|
8237000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2060097730.0000000008237000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
8237000
|
Size: |
8192
|
|
5A40000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3364956087.0000000005A40000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
5A40000
|
Size: |
65536
|
|
4570000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830600527.0000000004570000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4570000
|
Size: |
8192
|
|
EE0000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000000.1712375247.0000000000EE0000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
EE0000
|
Size: |
4096
|
|
51FB000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2099216500.00000000051FB000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
51FB000
|
Size: |
20480
|
|
807A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1838681824.000000000807A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
807A000
|
Size: |
12288
|
|
810E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1838842537.000000000810E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
810E000
|
Size: |
8192
|
|
1495000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3351235723.0000000001495000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1495000
|
Size: |
16384
|
|
6F10000
|
direct allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2101686555.0000000006F10000.00000004.00001000.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
direct allocation
|
Protect: |
page read and write
|
Base address: |
6F10000
|
Size: |
4096
|
|
7440000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1837076903.0000000007440000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7440000
|
Size: |
32768
|
|
2B70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B70000
|
Size: |
4096
|
|
C2E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2078211833.0000000000C2E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
C2E000
|
Size: |
8192
|
|
5A70000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2100154456.0000000005A70000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5A70000
|
Size: |
4096
|
|
CC7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2078607715.0000000000CC7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
CC7000
|
Size: |
53248
|
|
57D0000
|
trusted library section
|
page readonly
|
|
|
|
Name: |
00000000.00000002.3364322843.00000000057D0000.00000002.08000000.00040000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page readonly
|
Base address: |
57D0000
|
Size: |
4096
|
|
5CE2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3365509984.0000000005CE2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5CE2000
|
Size: |
57344
|
|
2956000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2080577292.0000000002956000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2956000
|
Size: |
16384
|
|
6AEE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1834872131.0000000006AEE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6AEE000
|
Size: |
8192
|
|
72E5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2056446159.00000000072E5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
72E5000
|
Size: |
8192
|
|
2AB7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002AB7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2AB7000
|
Size: |
4096
|
|
2A8B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002A8B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2A8B000
|
Size: |
4096
|
|
8A90000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3374207649.0000000008A90000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
8A90000
|
Size: |
65536
|
|
7AB0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2102962263.0000000007AB0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7AB0000
|
Size: |
4096
|
|
C30000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2078238174.0000000000C30000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
C30000
|
Size: |
8192
|
|
473C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2047279082.000000000473C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
473C000
|
Size: |
16384
|
|
8A15000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3372657003.0000000008A15000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A15000
|
Size: |
8192
|
|
4F5A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2047615625.0000000004F5A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F5A000
|
Size: |
1150976
|
|
759E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2057143336.000000000759E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
759E000
|
Size: |
8192
|
|
ACE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2039852339.0000000000ACE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
ACE000
|
Size: |
8192
|
|
6D8E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835061836.0000000006D8E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6D8E000
|
Size: |
8192
|
|
6E0A000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835099370.0000000006E0A000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6E0A000
|
Size: |
24576
|
|
A3E000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830102671.0000000000A3E000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
A3E000
|
Size: |
8192
|
|
49AF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830818353.00000000049AF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
49AF000
|
Size: |
4096
|
|
7430000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.2056667633.0000000007430000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
7430000
|
Size: |
4096
|
|
B15000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2078145002.0000000000B15000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
B15000
|
Size: |
16384
|
|
8D30000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3376616818.0000000008D30000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8D30000
|
Size: |
65536
|
|
52B0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2099306697.00000000052B0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
52B0000
|
Size: |
65536
|
|
57D4000
|
trusted library section
|
page readonly
|
|
|
|
Name: |
00000000.00000002.3364322843.00000000057D4000.00000002.08000000.00040000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page readonly
|
Base address: |
57D4000
|
Size: |
4096
|
|
8188000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2059710350.0000000008188000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8188000
|
Size: |
16384
|
|
772E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2102669195.000000000772E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
772E000
|
Size: |
8192
|
|
792E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3368856351.000000000792E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
792E000
|
Size: |
8192
|
|
51F8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3363130953.00000000051F8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
51F8000
|
Size: |
4096
|
|
5770000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3363911214.0000000005770000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5770000
|
Size: |
65536
|
|
57F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3364429970.00000000057F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
57F0000
|
Size: |
65536
|
|
AD1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830238307.0000000000AD1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
AD1000
|
Size: |
225280
|
|
2ABB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002ABB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2ABB000
|
Size: |
4096
|
|
2BBD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BBD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BBD000
|
Size: |
4096
|
|
786E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2102765076.000000000786E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
786E000
|
Size: |
8192
|
|
2ABD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002ABD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2ABD000
|
Size: |
4096
|
|
6E6F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2101440831.0000000006E6F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6E6F000
|
Size: |
4096
|
|
6B70000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2100246559.0000000006B70000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6B70000
|
Size: |
53248
|
|
4EF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2098462486.0000000004EF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4EF0000
|
Size: |
65536
|
|
802E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3370711198.000000000802E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
802E000
|
Size: |
8192
|
|
728B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835868532.000000000728B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
728B000
|
Size: |
40960
|
|
2B17000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B17000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B17000
|
Size: |
12288
|
|
2BD4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BD4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BD4000
|
Size: |
4096
|
|
2AB1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002AB1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2AB1000
|
Size: |
4096
|
|
52C5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2099409721.00000000052C5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
52C5000
|
Size: |
40960
|
|
6F6C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2101768170.0000000006F6C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6F6C000
|
Size: |
16384
|
|
99E0000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3379312582.00000000099E0000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
99E0000
|
Size: |
4096
|
|
2B08000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B08000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B08000
|
Size: |
4096
|
|
5C81000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2053696927.0000000005C81000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5C81000
|
Size: |
28672
|
|
2F4C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002F4C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F4C000
|
Size: |
4096
|
|
75E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1837824719.00000000075E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
75E0000
|
Size: |
65536
|
|
5220000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2099269058.0000000005220000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5220000
|
Size: |
8192
|
|
2B0E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B0E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B0E000
|
Size: |
4096
|
|
9A70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3379820833.0000000009A70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
9A70000
|
Size: |
4096
|
|
B00000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2078046767.0000000000B00000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
B00000
|
Size: |
12288
|
|
2AC1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002AC1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2AC1000
|
Size: |
4096
|
|
A33D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3380833830.000000000A33D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
A33D000
|
Size: |
12288
|
|
A0BE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3380647543.000000000A0BE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
A0BE000
|
Size: |
8192
|
|
CD5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2078607715.0000000000CD5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
CD5000
|
Size: |
45056
|
|
2BA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BA0000
|
Size: |
4096
|
|
5490000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2099694195.0000000005490000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5490000
|
Size: |
4096
|
|
15C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3351428031.00000000015C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15C0000
|
Size: |
12288
|
|
8CD0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3375612490.0000000008CD0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8CD0000
|
Size: |
65536
|
|
2BF8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BF8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BF8000
|
Size: |
20480
|
|
2FE2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2046492769.0000000002FE2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2FE2000
|
Size: |
12288
|
|
AD0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2039880390.0000000000AD0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
AD0000
|
Size: |
12288
|
|
2BB9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BB9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BB9000
|
Size: |
12288
|
|
2C04000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002C04000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C04000
|
Size: |
4096
|
|
2DC8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830549394.0000000002DC8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2DC8000
|
Size: |
8192
|
|
4F20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2098712400.0000000004F20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F20000
|
Size: |
65536
|
|
AA2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830207678.0000000000AA2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
AA2000
|
Size: |
4096
|
|
2B42000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B42000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B42000
|
Size: |
4096
|
|
5074000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2047615625.0000000005074000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5074000
|
Size: |
6197248
|
|
9DF0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3380233780.0000000009DF0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
9DF0000
|
Size: |
45056
|
|
2B91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B91000
|
Size: |
24576
|
|
5BDD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3365099944.0000000005BDD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5BDD000
|
Size: |
12288
|
|
2B2F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B2F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B2F000
|
Size: |
32768
|
|
5947000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3364879987.0000000005947000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
5947000
|
Size: |
4096
|
|
2FC9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2046153720.0000000002FC9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2FC9000
|
Size: |
16384
|
|
87C3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3371109892.00000000087C3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
87C3000
|
Size: |
638976
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
2AB3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002AB3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2AB3000
|
Size: |
4096
|
|
7F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830083985.00000000007F0000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7F0000
|
Size: |
4096
|
|
1662000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3352034906.0000000001662000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1662000
|
Size: |
266240
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
AV process strings found (often used to terminate AV products) |
Lowering of HIPS / PFW / Operating System Security Settings |
Security Software Discovery
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
6BFE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1834972961.0000000006BFE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6BFE000
|
Size: |
8192
|
|
4F90000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2099075452.0000000004F90000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F90000
|
Size: |
65536
|
|
2DC0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830549394.0000000002DC0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2DC0000
|
Size: |
28672
|
|
8230000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2060097730.0000000008230000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
8230000
|
Size: |
8192
|
|
89E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3372546356.00000000089E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
89E0000
|
Size: |
20480
|
|
54BA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830981348.00000000054BA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
54BA000
|
Size: |
12288
|
|
AE6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2039905207.0000000000AE6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
AE6000
|
Size: |
12288
|
|
2C1F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002C1F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C1F000
|
Size: |
4096
|
|
83DE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3370921650.00000000083DE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
83DE000
|
Size: |
8192
|
|
7D30000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2104602374.0000000007D30000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7D30000
|
Size: |
16384
|
|
7480000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2056896291.0000000007480000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7480000
|
Size: |
4096
|
|
81E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2060035213.00000000081E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
81E0000
|
Size: |
16384
|
|
1880000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3353523790.0000000001880000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1880000
|
Size: |
65536
|
|
2A8F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002A8F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2A8F000
|
Size: |
4096
|
|
2A83000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002A83000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2A83000
|
Size: |
4096
|
|
9EBC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3380375321.0000000009EBC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
9EBC000
|
Size: |
16384
|
|
5790000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3364014710.0000000005790000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5790000
|
Size: |
65536
|
|
5A81000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2100154456.0000000005A81000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5A81000
|
Size: |
20480
|
|
2D6F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830504033.0000000002D6F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2D6F000
|
Size: |
4096
|
|
8A63000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3373682658.0000000008A63000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A63000
|
Size: |
4096
|
|
2B2B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B2B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B2B000
|
Size: |
4096
|
|
16A4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3352034906.00000000016A4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
16A4000
|
Size: |
172032
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
F9F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2079882764.0000000000F9F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
F9F000
|
Size: |
4096
|
|
15F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3351787368.00000000015F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15F0000
|
Size: |
4096
|
|
A1FD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3380725257.000000000A1FD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
A1FD000
|
Size: |
12288
|
|
2B4D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B4D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B4D000
|
Size: |
12288
|
|
2B76000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B76000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B76000
|
Size: |
4096
|
|
2BE3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BE3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BE3000
|
Size: |
4096
|
|
15EA000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3351746743.00000000015EA000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
15EA000
|
Size: |
16384
|
|
8A56000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3373682658.0000000008A56000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A56000
|
Size: |
4096
|
|
181E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3353303197.000000000181E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
181E000
|
Size: |
8192
|
|
2B44000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B44000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B44000
|
Size: |
4096
|
|
2B78000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B78000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B78000
|
Size: |
4096
|
|
7460000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2056792930.0000000007460000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7460000
|
Size: |
49152
|
|
6F4E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2055351698.0000000006F4E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6F4E000
|
Size: |
8192
|
|
A8E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2039832288.0000000000A8E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
A8E000
|
Size: |
8192
|
|
2B8D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B8D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B8D000
|
Size: |
4096
|
|
2B1B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B1B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B1B000
|
Size: |
12288
|
|
5BF0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3365137373.0000000005BF0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5BF0000
|
Size: |
86016
|
|
9969000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3378560724.0000000009969000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
9969000
|
Size: |
28672
|
|
2AA8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002AA8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2AA8000
|
Size: |
8192
|
|
796F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2102803037.000000000796F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
796F000
|
Size: |
4096
|
|
8B60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3374720505.0000000008B60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8B60000
|
Size: |
65536
|
|
6CBE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2055010484.0000000006CBE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6CBE000
|
Size: |
8192
|
|
1A21000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3353918485.0000000001A21000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1A21000
|
Size: |
16384
|
|
B03000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2078073531.0000000000B03000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
B03000
|
Size: |
4096
|
|
2AAD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002AAD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2AAD000
|
Size: |
4096
|
|
15FB000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3351912797.00000000015FB000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
15FB000
|
Size: |
8192
|
|
15E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3351655308.00000000015E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15E0000
|
Size: |
4096
|
|
ACD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830238307.0000000000ACD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
ACD000
|
Size: |
12288
|
|
2B06000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B06000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B06000
|
Size: |
4096
|
|
80C0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1838819944.00000000080C0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
80C0000
|
Size: |
4096
|
|
2B10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B10000
|
Size: |
4096
|
|
1A00000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3353918485.0000000001A00000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1A00000
|
Size: |
12288
|
|
6D4D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2055064489.0000000006D4D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6D4D000
|
Size: |
12288
|
|
7970000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3369227915.0000000007970000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7970000
|
Size: |
65536
|
|
4C06000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830981348.0000000004C06000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4C06000
|
Size: |
9121792
|
|
8070000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1838681824.0000000008070000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8070000
|
Size: |
36864
|
|
4920000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830788106.0000000004920000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4920000
|
Size: |
4096
|
|
9980000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3378763863.0000000009980000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
9980000
|
Size: |
65536
|
|
6F0A000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2055303667.0000000006F0A000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6F0A000
|
Size: |
24576
|
|
1890000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3353620831.0000000001890000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
1890000
|
Size: |
4096
|
|
7590000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1837444334.0000000007590000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7590000
|
Size: |
65536
|
|
8A50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3373682658.0000000008A50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A50000
|
Size: |
20480
|
|
7690000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2058291582.0000000007690000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7690000
|
Size: |
65536
|
|
78C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2039721326.000000000078C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
78C000
|
Size: |
16384
|
|
2AD6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002AD6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2AD6000
|
Size: |
4096
|
|
6D8B000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2055091322.0000000006D8B000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6D8B000
|
Size: |
20480
|
|
7B10000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3369493804.0000000007B10000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7B10000
|
Size: |
32768
|
|
2B5D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B5D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B5D000
|
Size: |
4096
|
|
2990000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2080990779.0000000002990000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
2990000
|
Size: |
4096
|
|
2B29000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B29000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B29000
|
Size: |
4096
|
|
78B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3368446176.00000000078B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
78B0000
|
Size: |
61440
|
|
726F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835846587.000000000726F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
726F000
|
Size: |
8192
|
|
540D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2099556052.000000000540D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
540D000
|
Size: |
12288
|
|
7AF2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2103264669.0000000007AF2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7AF2000
|
Size: |
8192
|
|
2930000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2080577292.0000000002930000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2930000
|
Size: |
12288
|
|
7289000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2056077924.0000000007289000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7289000
|
Size: |
167936
|
|
A5FC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3380986968.000000000A5FC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
A5FC000
|
Size: |
16384
|
|
4A5E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830903433.0000000004A5E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4A5E000
|
Size: |
8192
|
|
4583000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1830647124.0000000004583000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
4583000
|
Size: |
4096
|
|
46EA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2047201315.00000000046EA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
46EA000
|
Size: |
4096
|
|
778000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830067182.0000000000778000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
778000
|
Size: |
32768
|
|
4902000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830760160.0000000004902000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4902000
|
Size: |
12288
|
|
7D88000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2104752824.0000000007D88000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D88000
|
Size: |
32768
|
|
7D70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3370313692.0000000007D70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D70000
|
Size: |
8192
|
|
1150000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2080072537.0000000001150000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1150000
|
Size: |
12288
|
|
46E8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2047201315.00000000046E8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
46E8000
|
Size: |
4096
|
|
B2E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2039957640.0000000000B2E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
B2E000
|
Size: |
8192
|
|
6F2B000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835182407.0000000006F2B000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6F2B000
|
Size: |
20480
|
|
5900000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3364637939.0000000005900000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5900000
|
Size: |
12288
|
|
7620000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2057563039.0000000007620000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7620000
|
Size: |
65536
|
|
8CE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3375882380.0000000008CE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8CE0000
|
Size: |
65536
|
|
9116000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3376928032.0000000009116000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
9116000
|
Size: |
8192
|
|
29A1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.00000000029A1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
29A1000
|
Size: |
217088
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
7B8D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3369778895.0000000007B8D000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7B8D000
|
Size: |
4096
|
|
2F48000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002F48000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F48000
|
Size: |
4096
|
|
7630000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2057628779.0000000007630000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7630000
|
Size: |
65536
|
|
8CB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3375067833.0000000008CB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8CB0000
|
Size: |
65536
|
|
5C0D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3365137373.0000000005C0D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5C0D000
|
Size: |
4096
|
|
2D5A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2040151910.0000000002D5A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2D5A000
|
Size: |
49152
|
|
8A0E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3372657003.0000000008A0E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A0E000
|
Size: |
24576
|
|
7CF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2104134571.0000000007CF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7CF0000
|
Size: |
4096
|
|
2C00000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002C00000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C00000
|
Size: |
4096
|
|
76A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2058552437.00000000076A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
76A0000
|
Size: |
65536
|
|
2BED000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BED000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BED000
|
Size: |
4096
|
|
7285000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835868532.0000000007285000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7285000
|
Size: |
4096
|
|
1490000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3351235723.0000000001490000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1490000
|
Size: |
16384
|
|
2FC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2046153720.0000000002FC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2FC0000
|
Size: |
32768
|
|
2BE5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BE5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BE5000
|
Size: |
4096
|
|
1A26000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3353918485.0000000001A26000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1A26000
|
Size: |
16384
|
|
7262000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835814020.0000000007262000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7262000
|
Size: |
32768
|
|
73E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1836908442.00000000073E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
73E0000
|
Size: |
24576
|
|
74AE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2102422044.00000000074AE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
74AE000
|
Size: |
8192
|
|
7470000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2056856849.0000000007470000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7470000
|
Size: |
4096
|
|
6F74000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2101809639.0000000006F74000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6F74000
|
Size: |
32768
|
|
2AB5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002AB5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2AB5000
|
Size: |
4096
|
|
2B53000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B53000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B53000
|
Size: |
4096
|
|
B04000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2078095104.0000000000B04000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
B04000
|
Size: |
12288
|
|
7F298000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2105372165.000000007F298000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7F298000
|
Size: |
4096
|
|
46E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2047201315.00000000046E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
46E0000
|
Size: |
4096
|
|
8B20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3374467718.0000000008B20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8B20000
|
Size: |
65536
|
|
7480000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1837155345.0000000007480000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
7480000
|
Size: |
4096
|
|
496E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830803058.000000000496E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
496E000
|
Size: |
8192
|
|
99A6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3378879550.00000000099A6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
99A6000
|
Size: |
40960
|
|
4900000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830747740.0000000004900000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4900000
|
Size: |
4096
|
|
96E8000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3378338429.00000000096E8000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
96E8000
|
Size: |
32768
|
|
4EB0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2098251062.0000000004EB0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4EB0000
|
Size: |
4096
|
|
8D00000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3376180123.0000000008D00000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
8D00000
|
Size: |
65536
|
|
B90000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2040002211.0000000000B90000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
B90000
|
Size: |
4096
|
|
15D3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3351592696.00000000015D3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15D3000
|
Size: |
12288
|
|
2BDA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BDA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BDA000
|
Size: |
24576
|
|
812E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3370746057.000000000812E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
812E000
|
Size: |
8192
|
|
78E0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3368714214.00000000078E0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
78E0000
|
Size: |
65536
|
|
9314000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3377594288.0000000009314000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
9314000
|
Size: |
16384
|
|
7640000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2057696175.0000000007640000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7640000
|
Size: |
65536
|
|
2BD6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BD6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BD6000
|
Size: |
4096
|
|
9D8C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3379991548.0000000009D8C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
9D8C000
|
Size: |
16384
|
|
A50000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2077913499.0000000000A50000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A50000
|
Size: |
4096
|
|
899F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3372243977.000000000899F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
899F000
|
Size: |
4096
|
|
15D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3351555837.00000000015D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
15D0000
|
Size: |
8192
|
|
46B0000
|
heap
|
page readonly
|
|
|
|
Name: |
00000008.00000002.2047022667.00000000046B0000.00000002.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page readonly
|
Base address: |
46B0000
|
Size: |
4096
|
|
7B14000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2103264669.0000000007B14000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7B14000
|
Size: |
225280
|
|
47E0000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.2047415396.00000000047E0000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
47E0000
|
Size: |
12288
|
|
C55000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2078487732.0000000000C55000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
C55000
|
Size: |
4096
|
|
2B3C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B3C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B3C000
|
Size: |
4096
|
|
5C1E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3365137373.0000000005C1E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5C1E000
|
Size: |
57344
|
|
2B74000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B74000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B74000
|
Size: |
4096
|
|
2B40000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B40000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B40000
|
Size: |
4096
|
|
2B5B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B5B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B5B000
|
Size: |
4096
|
|
57A0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3364112824.00000000057A0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
57A0000
|
Size: |
65536
|
|
4AB1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830981348.0000000004AB1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4AB1000
|
Size: |
397312
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
9A40000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3379386624.0000000009A40000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
9A40000
|
Size: |
65536
|
|
2BCC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BCC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BCC000
|
Size: |
4096
|
|
2C06000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002C06000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C06000
|
Size: |
4096
|
|
7650000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1838454479.0000000007650000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7650000
|
Size: |
65536
|
|
7D86000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3370435068.0000000007D86000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7D86000
|
Size: |
4096
|
|
2970000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2080902635.0000000002970000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2970000
|
Size: |
65536
|
|
FE0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3351018150.0000000000FE0000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FE0000
|
Size: |
4096
|
|
8A5D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3373682658.0000000008A5D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8A5D000
|
Size: |
12288
|
|
4F60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2098931011.0000000004F60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4F60000
|
Size: |
65536
|
|
2AD2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002AD2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2AD2000
|
Size: |
4096
|
|
99C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3379063002.00000000099C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
99C0000
|
Size: |
65536
|
|
5930000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3364760823.0000000005930000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
5930000
|
Size: |
65536
|
|
2B2D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B2D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B2D000
|
Size: |
4096
|
|
7447000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2056702140.0000000007447000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7447000
|
Size: |
8192
|
|
6F20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2101717166.0000000006F20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6F20000
|
Size: |
16384
|
|
2BA4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BA4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BA4000
|
Size: |
8192
|
|
294E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2080577292.000000000294E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
294E000
|
Size: |
8192
|
|
2C0E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002C0E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C0E000
|
Size: |
16384
|
|
7CEE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2104064844.0000000007CEE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
7CEE000
|
Size: |
8192
|
|
16E5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3352034906.00000000016E5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
16E5000
|
Size: |
118784
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
70EE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835219454.00000000070EE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
70EE000
|
Size: |
8192
|
|
2B98000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B98000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B98000
|
Size: |
4096
|
|
807E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1838681824.000000000807E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
807E000
|
Size: |
8192
|
|
73C2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3365984088.00000000073C2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
73C2000
|
Size: |
1667072
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
6D50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2101162096.0000000006D50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
6D50000
|
Size: |
16384
|
|
2B64000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B64000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B64000
|
Size: |
36864
|
|
7273000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835868532.0000000007273000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7273000
|
Size: |
69632
|
|
6D0B000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835024173.0000000006D0B000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6D0B000
|
Size: |
20480
|
|
9342000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3377594288.0000000009342000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
9342000
|
Size: |
49152
|
|
4EA2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2047615625.0000000004EA2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4EA2000
|
Size: |
258048
|
|
32CD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3354430837.00000000032CD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
32CD000
|
Size: |
3055616
|
|
15F7000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3351883642.00000000015F7000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
15F7000
|
Size: |
4096
|
|
C57000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2078514478.0000000000C57000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
C57000
|
Size: |
4096
|
|
8185000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1838891218.0000000008185000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
8185000
|
Size: |
36864
|
|
2C23000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002C23000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C23000
|
Size: |
4096
|
|
9E00000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3380323240.0000000009E00000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
9E00000
|
Size: |
16384
|
|
2B5F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B5F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B5F000
|
Size: |
4096
|
|
7FDE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3370671818.0000000007FDE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
7FDE000
|
Size: |
8192
|
|
932E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3377594288.000000000932E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
932E000
|
Size: |
4096
|
|
2B57000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B57000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B57000
|
Size: |
4096
|
|
7D10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2104503022.0000000007D10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D10000
|
Size: |
4096
|
|
7CA7000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2103959079.0000000007CA7000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
7CA7000
|
Size: |
36864
|
|
7D00000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2104350387.0000000007D00000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D00000
|
Size: |
65536
|
|
280F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2080351142.000000000280F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
280F000
|
Size: |
4096
|
|
B10000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2078145002.0000000000B10000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
B10000
|
Size: |
16384
|
|
A78000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830120515.0000000000A78000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A78000
|
Size: |
167936
|
|
7D45000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2104655379.0000000007D45000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7D45000
|
Size: |
20480
|
|
714E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2055784728.000000000714E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
714E000
|
Size: |
8192
|
|
2B55000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B55000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B55000
|
Size: |
4096
|
|
4A90000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1830949050.0000000004A90000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
4A90000
|
Size: |
4096
|
|
7AF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3369450877.0000000007AF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7AF0000
|
Size: |
4096
|
|
2934000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2080577292.0000000002934000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2934000
|
Size: |
16384
|
|
7332000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2056636561.0000000007332000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7332000
|
Size: |
4096
|
|
72F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2056534038.00000000072F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
72F0000
|
Size: |
53248
|
|
2AAF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002AAF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2AAF000
|
Size: |
4096
|
|
B9E000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1830460570.0000000000B9E000.00000004.00000001.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
B9E000
|
Size: |
8192
|
|
986C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3378509065.000000000986C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
986C000
|
Size: |
16384
|
|
1A0E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3353918485.0000000001A0E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1A0E000
|
Size: |
57344
|
|
7296000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835868532.0000000007296000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7296000
|
Size: |
12288
|
|
99B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3379035635.00000000099B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
99B0000
|
Size: |
4096
|
|
E9E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2079813200.0000000000E9E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
E9E000
|
Size: |
8192
|
|
16CF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3352034906.00000000016CF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
16CF000
|
Size: |
86016
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
6FA0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835203351.0000000006FA0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6FA0000
|
Size: |
4096
|
|
35B8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3354430837.00000000035B8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
35B8000
|
Size: |
20480
|
|
2F4A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002F4A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2F4A000
|
Size: |
4096
|
|
6D4E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835044956.0000000006D4E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6D4E000
|
Size: |
8192
|
|
4F50000
|
trusted library section
|
page readonly
|
|
|
|
Name: |
00000007.00000002.2098832420.0000000004F50000.00000002.08000000.00040000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page readonly
|
Base address: |
4F50000
|
Size: |
65536
|
|
2BF4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002BF4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2BF4000
|
Size: |
12288
|
|
2820000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2080532520.0000000002820000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2820000
|
Size: |
4096
|
|
2B6E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002B6E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2B6E000
|
Size: |
4096
|
|
54B0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000007.00000002.2100016596.00000000054B0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
54B0000
|
Size: |
65536
|
|
751E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2057063292.000000000751E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
751E000
|
Size: |
8192
|
|
720E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1835333566.000000000720E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
720E000
|
Size: |
20480
|
|
2FDA000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.2046342181.0000000002FDA000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
2FDA000
|
Size: |
4096
|
|
72E8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2056474433.00000000072E8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
72E8000
|
Size: |
8192
|
|
15DD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3351630286.00000000015DD000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
15DD000
|
Size: |
4096
|
|
72B3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2056077924.00000000072B3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
72B3000
|
Size: |
61440
|
|
5760000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3363811358.0000000005760000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
5760000
|
Size: |
65536
|
|
2FE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2046457258.0000000002FE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2FE0000
|
Size: |
4096
|
|
6F8D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2055404925.0000000006F8D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6F8D000
|
Size: |
12288
|
|
A47C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3380934491.000000000A47C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
A47C000
|
Size: |
16384
|
|
9331000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3377594288.0000000009331000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
9331000
|
Size: |
16384
|
|
6E9000
|
stack
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2077789824.00000000006E9000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6E9000
|
Size: |
28672
|
|
1870000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000000.00000002.3353430997.0000000001870000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
1870000
|
Size: |
65536
|
|
2ABF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002ABF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2ABF000
|
Size: |
4096
|
|
293B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2080577292.000000000293B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
293B000
|
Size: |
69632
|
|
CA0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2078607715.0000000000CA0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
CA0000
|
Size: |
40960
|
|
754E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1837348925.000000000754E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
754E000
|
Size: |
8192
|
|
A03E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.3380567186.000000000A03E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
A03E000
|
Size: |
8192
|
|
2AE9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002AE9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2AE9000
|
Size: |
4096
|
|
74C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.2057007174.00000000074C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
74C0000
|
Size: |
49152
|
|
2C15000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2081035997.0000000002C15000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2C15000
|
Size: |
4096
|
|
D1C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000007.00000002.2078607715.0000000000D1C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
7
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
D1C000
|
Size: |
12288
|
|