F42000
|
unkown
|
page readonly
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000001.00000000.1303931495.0000000000F42000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
1
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
F42000
|
Size: |
45056
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected XWorm |
Stealing of Sensitive Information, Remote Access Functionality |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
Yara signature match |
System Summary |
|
|
1B4F424A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1414300722.000001B4F424A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F424A000
|
Size: |
167936
|
|
7FF7C0F40000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1418712215.00007FF7C0F40000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F40000
|
Size: |
65536
|
|
21ED4F37000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED4F37000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED4F37000
|
Size: |
49152
|
|
21EEB8B7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1516573838.0000021EEB8B7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB8B7000
|
Size: |
4096
|
|
7FF7C1028000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1897801260.00007FF7C1028000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1028000
|
Size: |
12288
|
|
191B5B0D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1702627889.00000191B5B0D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191B5B0D000
|
Size: |
20480
|
|
7FF7C0D2C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1417023649.00007FF7C0D2C000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0D2C000
|
Size: |
4096
|
|
2236800C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1660846694.000002236800C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2236800C000
|
Size: |
4096
|
|
21ED1700000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1442614687.0000021ED1700000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21ED1700000
|
Size: |
4096
|
|
7FF7C10D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1899457975.00007FF7C10D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C10D0000
|
Size: |
32768
|
|
34E717E000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1699615388.00000034E717E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
34E717E000
|
Size: |
8192
|
|
191B8E81000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B8E81000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B8E81000
|
Size: |
180224
|
|
55E3D8E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1440785497.00000055E3D8E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55E3D8E000
|
Size: |
8192
|
|
21ED4EED000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED4EED000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED4EED000
|
Size: |
143360
|
|
1C154000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2603116191.000000001C154000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1C154000
|
Size: |
217088
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
AV process strings found (often used to terminate AV products) |
Lowering of HIPS / PFW / Operating System Security Settings |
Security Software Discovery
|
|
7FF7C0D80000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1417055017.00007FF7C0D80000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0D80000
|
Size: |
8192
|
|
191B7540000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
0000000A.00000002.1709405423.00000191B7540000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
191B7540000
|
Size: |
4096
|
|
7FF7C0CD0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2612513960.00007FF7C0CD0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CD0000
|
Size: |
4096
|
|
21EEB892000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1516270429.0000021EEB892000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB892000
|
Size: |
28672
|
|
7FF7C0FE3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1673158104.00007FF7C0FE3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0FE3000
|
Size: |
28672
|
|
7FF7C0FB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1672238282.00007FF7C0FB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0FB0000
|
Size: |
24576
|
|
191CFCA8000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1881400021.00000191CFCA8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CFCA8000
|
Size: |
4096
|
|
14AC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2564913843.00000000014AC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
14AC000
|
Size: |
118784
|
|
1BA8F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2602504616.000000001BA8F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1BA8F000
|
Size: |
4096
|
|
191B7FE2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B7FE2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B7FE2000
|
Size: |
1724416
|
|
191B5B39000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1702627889.00000191B5B39000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191B5B39000
|
Size: |
483328
|
|
7FF7C0FC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1896589414.00007FF7C0FC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0FC0000
|
Size: |
65536
|
|
7FF7C0E80000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
0000000A.00000002.1890418610.00007FF7C0E80000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0E80000
|
Size: |
24576
|
|
7FF7C0EF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1668424988.00007FF7C0EF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0EF0000
|
Size: |
65536
|
|
7FF7C1004000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1673299776.00007FF7C1004000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1004000
|
Size: |
4096
|
|
1B4902FD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1405545492.000001B4902FD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B4902FD000
|
Size: |
4096
|
|
22368350000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1664899158.0000022368350000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22368350000
|
Size: |
4096
|
|
7FF7C10E0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
0000000A.00000002.1899634844.00007FF7C10E0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C10E0000
|
Size: |
4096
|
|
1470000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2564561769.0000000001470000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1470000
|
Size: |
4096
|
|
22368018000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1660846694.0000022368018000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22368018000
|
Size: |
8192
|
|
7FF7C110D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1523313384.00007FF7C110D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C110D000
|
Size: |
12288
|
|
7FF7C0F70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1671083270.00007FF7C0F70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F70000
|
Size: |
65536
|
|
1B4902F7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1405545492.000001B4902F7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B4902F7000
|
Size: |
12288
|
|
7FF7C0CB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1516732996.00007FF7C0CB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CB0000
|
Size: |
4096
|
|
7FF7C0E70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1417438461.00007FF7C0E70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0E70000
|
Size: |
65536
|
|
22350B49000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.0000022350B49000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
22350B49000
|
Size: |
389120
|
|
1B4F1FB0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1410782562.000001B4F1FB0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F1FB0000
|
Size: |
4096
|
|
1B4F22B0000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1412255700.000001B4F22B0000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
1B4F22B0000
|
Size: |
20480
|
|
7FF7C1015000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1673514552.00007FF7C1015000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1015000
|
Size: |
4096
|
|
55E29C3000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1440024792.00000055E29C3000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55E29C3000
|
Size: |
53248
|
|
7FF7C0F60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1520572712.00007FF7C0F60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F60000
|
Size: |
65536
|
|
7FF7C0F60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1418900027.00007FF7C0F60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F60000
|
Size: |
65536
|
|
7FF7C111D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1900283287.00007FF7C111D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C111D000
|
Size: |
12288
|
|
34E6DFA000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1698422364.00000034E6DFA000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
34E6DFA000
|
Size: |
24576
|
|
1BBFD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2602794659.000000001BBFD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1BBFD000
|
Size: |
12288
|
|
565BB39000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387188113.000000565BB39000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
565BB39000
|
Size: |
28672
|
|
55E32BE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1440689390.00000055E32BE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55E32BE000
|
Size: |
8192
|
|
7FF7C0FD0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1896993134.00007FF7C0FD0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0FD0000
|
Size: |
57344
|
|
21EEB597000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000005.00000002.1513168387.0000021EEB597000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
21EEB597000
|
Size: |
12288
|
|
7FF7C0E92000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1667010302.00007FF7C0E92000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0E92000
|
Size: |
4096
|
|
7FF7C0E70000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000005.00000002.1518400419.00007FF7C0E70000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0E70000
|
Size: |
4096
|
|
2E5F1FD000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1543596084.0000002E5F1FD000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E5F1FD000
|
Size: |
12288
|
|
191B8955000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B8955000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B8955000
|
Size: |
2973696
|
|
21ED3D17000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED3D17000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED3D17000
|
Size: |
372736
|
|
7FF7C1030000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1898135549.00007FF7C1030000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1030000
|
Size: |
40960
|
|
1B480C08000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B480C08000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B480C08000
|
Size: |
3760128
|
|
7DF4A0A10000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
0000000A.00000002.1887528733.00007DF4A0A10000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7DF4A0A10000
|
Size: |
4096
|
|
191C7591000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1851051074.00000191C7591000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191C7591000
|
Size: |
57344
|
|
7FF7C0FE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1419856469.00007FF7C0FE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0FE0000
|
Size: |
57344
|
|
7FF7C0DF0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1417356831.00007FF7C0DF0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0DF0000
|
Size: |
53248
|
|
7FF7C0D6C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.2612931442.00007FF7C0D6C000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0D6C000
|
Size: |
4096
|
|
2234DEB0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1546889849.000002234DEB0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2234DEB0000
|
Size: |
16384
|
|
1B490021000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1405545492.000001B490021000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B490021000
|
Size: |
8192
|
|
7FF7C0CC2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2611868701.00007FF7C0CC2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CC2000
|
Size: |
45056
|
|
7FF7C0F80000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1419100439.00007FF7C0F80000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F80000
|
Size: |
65536
|
|
55E3E0C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1440827940.00000055E3E0C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55E3E0C000
|
Size: |
16384
|
|
7FF7C0E80000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.2613808497.00007FF7C0E80000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0E80000
|
Size: |
24576
|
|
21ED3E1D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED3E1D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED3E1D000
|
Size: |
458752
|
|
21ED4116000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED4116000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED4116000
|
Size: |
172032
|
|
565C907000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387457991.000000565C907000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
565C907000
|
Size: |
36864
|
|
1810000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2569453189.0000000001810000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1810000
|
Size: |
12288
|
|
7FF7C0D60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2612828316.00007FF7C0D60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0D60000
|
Size: |
4096
|
|
7FF7C0E80000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.1666904489.00007FF7C0E80000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0E80000
|
Size: |
24576
|
|
1BAF3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2602641500.000000001BAF3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1BAF3000
|
Size: |
12288
|
|
7FF7C0CC3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
0000000A.00000002.1887708295.00007FF7C0CC3000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0CC3000
|
Size: |
4096
|
|
22367E60000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.1660510183.0000022367E60000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
22367E60000
|
Size: |
4096
|
|
7FF7C0D70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1888285432.00007FF7C0D70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0D70000
|
Size: |
8192
|
|
21EE3131000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1500338058.0000021EE3131000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21EE3131000
|
Size: |
8192
|
|
7FF7C0F30000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1418599331.00007FF7C0F30000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F30000
|
Size: |
65536
|
|
191CFCE2000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1881699790.00000191CFCE2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CFCE2000
|
Size: |
65536
|
|
7FF7C0FA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1419363257.00007FF7C0FA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0FA0000
|
Size: |
65536
|
|
7FF7C110D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1678522578.00007FF7C110D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C110D000
|
Size: |
12288
|
|
2E602CE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1544616541.0000002E602CE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E602CE000
|
Size: |
8192
|
|
191B87DE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B87DE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B87DE000
|
Size: |
356352
|
|
191B5A70000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1701728861.00000191B5A70000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191B5A70000
|
Size: |
20480
|
|
191C75A1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1851051074.00000191C75A1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191C75A1000
|
Size: |
12288
|
|
55E2F7D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1440368460.00000055E2F7D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55E2F7D000
|
Size: |
12288
|
|
150F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2564913843.000000000150F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
150F000
|
Size: |
16384
|
|
7FF7C0E98000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1667010302.00007FF7C0E98000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0E98000
|
Size: |
4096
|
|
7FF7C1022000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1897801260.00007FF7C1022000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1022000
|
Size: |
20480
|
|
34E72FE000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1700041603.00000034E72FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
34E72FE000
|
Size: |
8192
|
|
21EE340A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1500338058.0000021EE340A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21EE340A000
|
Size: |
4096
|
|
1B4F441C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1415320721.000001B4F441C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F441C000
|
Size: |
135168
|
|
7FF7C0EA0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.1667128666.00007FF7C0EA0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0EA0000
|
Size: |
45056
|
|
1780000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2569343437.0000000001780000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1780000
|
Size: |
12288
|
|
191CFA41000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1875964316.00000191CFA41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CFA41000
|
Size: |
139264
|
|
7DF44F630000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1416671102.00007DF44F630000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7DF44F630000
|
Size: |
4096
|
|
34E70F8000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1699416107.00000034E70F8000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
34E70F8000
|
Size: |
32768
|
|
565B6FE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1386649141.000000565B6FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
565B6FE000
|
Size: |
8192
|
|
7FF7C0CDD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.2612678424.00007FF7C0CDD000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0CDD000
|
Size: |
4096
|
|
22367CF0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1657230876.0000022367CF0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22367CF0000
|
Size: |
81920
|
|
7FF7C0D60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1665575528.00007FF7C0D60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0D60000
|
Size: |
8192
|
|
22368169000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1664551300.0000022368169000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22368169000
|
Size: |
4096
|
|
3151000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2569949990.0000000003151000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3151000
|
Size: |
24576
|
|
565BAB7000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387161059.000000565BAB7000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
565BAB7000
|
Size: |
36864
|
|
7FF7C0EC0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1417941458.00007FF7C0EC0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0EC0000
|
Size: |
45056
|
|
191B5AB8000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1702627889.00000191B5AB8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191B5AB8000
|
Size: |
208896
|
|
1B490001000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1405545492.000001B490001000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B490001000
|
Size: |
77824
|
|
565CA0E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387514367.000000565CA0E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
565CA0E000
|
Size: |
8192
|
|
1BA90000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.2602545163.000000001BA90000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
1BA90000
|
Size: |
4096
|
|
1B4F4215000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1414163525.000001B4F4215000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F4215000
|
Size: |
40960
|
|
7FF7C0E70000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.2613706456.00007FF7C0E70000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0E70000
|
Size: |
8192
|
|
1B4811A5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B4811A5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B4811A5000
|
Size: |
196608
|
|
7FF7C0F20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1519895316.00007FF7C0F20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F20000
|
Size: |
65536
|
|
7FF7C0CBD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.2611696020.00007FF7C0CBD000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0CBD000
|
Size: |
12288
|
|
1C78B000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2608517069.000000001C78B000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1C78B000
|
Size: |
20480
|
|
1B4F2240000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1412190730.000001B4F2240000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B4F2240000
|
Size: |
4096
|
|
191B8196000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B8196000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B8196000
|
Size: |
192512
|
|
7FF7C0FC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1419643186.00007FF7C0FC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0FC0000
|
Size: |
65536
|
|
21ED4142000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED4142000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED4142000
|
Size: |
577536
|
|
7FF7C0E60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2613594315.00007FF7C0E60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0E60000
|
Size: |
12288
|
|
2236811A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1663803792.000002236811A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2236811A000
|
Size: |
24576
|
|
21EEB590000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000005.00000002.1513168387.0000021EEB590000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
21EEB590000
|
Size: |
20480
|
|
7FF7C1030000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1420307251.00007FF7C1030000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1030000
|
Size: |
28672
|
|
7FF7C0CD4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1416787746.00007FF7C0CD4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CD4000
|
Size: |
36864
|
|
55E2DF9000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1440219988.00000055E2DF9000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55E2DF9000
|
Size: |
28672
|
|
191CFCB0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1881400021.00000191CFCB0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CFCB0000
|
Size: |
4096
|
|
34E7EC9000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1701153192.00000034E7EC9000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
34E7EC9000
|
Size: |
28672
|
|
34E6F7D000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1698803460.00000034E6F7D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
34E6F7D000
|
Size: |
12288
|
|
2235FB93000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1635372615.000002235FB93000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2235FB93000
|
Size: |
12288
|
|
7FF7C0F50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1418805753.00007FF7C0F50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F50000
|
Size: |
65536
|
|
1D38A000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2610869908.000000001D38A000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1D38A000
|
Size: |
24576
|
|
7FF7C0EA0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1417837082.00007FF7C0EA0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0EA0000
|
Size: |
4096
|
|
21EEB710000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1513365284.0000021EEB710000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB710000
|
Size: |
315392
|
|
191C7899000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1851051074.00000191C7899000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191C7899000
|
Size: |
1724416
|
|
191CFA8F000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1879152704.00000191CFA8F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CFA8F000
|
Size: |
327680
|
|
2235083F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.000002235083F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2235083F000
|
Size: |
4096
|
|
7FF7C0D0C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.2612736066.00007FF7C0D0C000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0D0C000
|
Size: |
12288
|
|
21EEB7E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1514049638.0000021EEB7E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB7E7000
|
Size: |
4096
|
|
1579000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2564913843.0000000001579000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1579000
|
Size: |
155648
|
|
21EEB450000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1511101322.0000021EEB450000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB450000
|
Size: |
40960
|
|
1B4F22B7000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1412255700.000001B4F22B7000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
1B4F22B7000
|
Size: |
12288
|
|
21ED1660000
|
trusted library section
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1442375575.0000021ED1660000.00000004.08000000.00040000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page read and write
|
Base address: |
21ED1660000
|
Size: |
4096
|
|
2235FBAB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1635372615.000002235FBAB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2235FBAB000
|
Size: |
876544
|
|
7FF7C0D7C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
0000000A.00000002.1888475506.00007FF7C0D7C000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0D7C000
|
Size: |
61440
|
|
1440000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2564254922.0000000001440000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1440000
|
Size: |
8192
|
|
191C7602000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1851051074.00000191C7602000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191C7602000
|
Size: |
1900544
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
7FF7C0F30000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1893580166.00007FF7C0F30000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F30000
|
Size: |
65536
|
|
1CBB4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2608987846.000000001CBB4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1CBB4000
|
Size: |
4096
|
|
7DF4A0A20000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
0000000A.00000002.1887569581.00007DF4A0A20000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7DF4A0A20000
|
Size: |
4096
|
|
21EEB8B4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1516363771.0000021EEB8B4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB8B4000
|
Size: |
8192
|
|
7FF7C0D8C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1417145688.00007FF7C0D8C000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0D8C000
|
Size: |
61440
|
|
1D48C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2611151010.000000001D48C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1D48C000
|
Size: |
16384
|
|
7FF7C10AA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1674473292.00007FF7C10AA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C10AA000
|
Size: |
4096
|
|
191CFB88000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1880672968.00000191CFB88000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CFB88000
|
Size: |
16384
|
|
21ED3105000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1443926487.0000021ED3105000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21ED3105000
|
Size: |
20480
|
|
7FF7C10D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1523024854.00007FF7C10D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C10D0000
|
Size: |
65536
|
|
191B936C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B936C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B936C000
|
Size: |
143360
|
|
55E313A000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1440554521.00000055E313A000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55E313A000
|
Size: |
24576
|
|
34E7F4C000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1701428874.00000034E7F4C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
34E7F4C000
|
Size: |
16384
|
|
30BE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2569732667.00000000030BE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
30BE000
|
Size: |
8192
|
|
1CB90000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2608987846.000000001CB90000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1CB90000
|
Size: |
102400
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
AV process strings found (often used to terminate AV products) |
Lowering of HIPS / PFW / Operating System Security Settings |
Security Software Discovery
|
|
7FF7C1110000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1900283287.00007FF7C1110000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1110000
|
Size: |
4096
|
|
565B77F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1386674390.000000565B77F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
565B77F000
|
Size: |
4096
|
|
191B5B36000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1702627889.00000191B5B36000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191B5B36000
|
Size: |
8192
|
|
7FF7C0D66000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1517261037.00007FF7C0D66000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0D66000
|
Size: |
24576
|
|
1B4F212D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1411098501.000001B4F212D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F212D000
|
Size: |
4096
|
|
55E31B8000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1440600206.00000055E31B8000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55E31B8000
|
Size: |
32768
|
|
191CFC80000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
0000000A.00000002.1881357216.00000191CFC80000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
191CFC80000
|
Size: |
4096
|
|
191C75B1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1851051074.00000191C75B1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191C75B1000
|
Size: |
8192
|
|
7FF7C102C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1897801260.00007FF7C102C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C102C000
|
Size: |
8192
|
|
1B480A51000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B480A51000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B480A51000
|
Size: |
1671168
|
|
565BC3F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387243132.000000565BC3F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
565BC3F000
|
Size: |
4096
|
|
1B481DDC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B481DDC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B481DDC000
|
Size: |
143360
|
|
7FF7C0F20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1669277549.00007FF7C0F20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F20000
|
Size: |
65536
|
|
2234DCFD000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1544668717.000002234DCFD000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2234DCFD000
|
Size: |
4096
|
|
191B852F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B852F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B852F000
|
Size: |
184320
|
|
191B88D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B88D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B88D0000
|
Size: |
524288
|
|
2235167C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.000002235167C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2235167C000
|
Size: |
139264
|
|
191B86B3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B86B3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B86B3000
|
Size: |
733184
|
|
7FF7C0D60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1517211708.00007FF7C0D60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0D60000
|
Size: |
8192
|
|
1B4F4475000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1415596647.000001B4F4475000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F4475000
|
Size: |
221184
|
|
21EEB46F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1511101322.0000021EEB46F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB46F000
|
Size: |
217088
|
|
191CFDA4000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1881699790.00000191CFDA4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CFDA4000
|
Size: |
323584
|
|
21ED155A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1441053311.0000021ED155A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21ED155A000
|
Size: |
8192
|
|
1B4F4720000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1416568284.000001B4F4720000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F4720000
|
Size: |
4096
|
|
7FF7C10F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1899689876.00007FF7C10F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C10F0000
|
Size: |
36864
|
|
22368010000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1660846694.0000022368010000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22368010000
|
Size: |
8192
|
|
2235F913000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1635372615.000002235F913000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2235F913000
|
Size: |
2576384
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1B4F423D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1414300722.000001B4F423D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F423D000
|
Size: |
45056
|
|
55E3F8C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1440957100.00000055E3F8C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55E3F8C000
|
Size: |
16384
|
|
22350C29000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.0000022350C29000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
22350C29000
|
Size: |
241664
|
|
7FF7C0F70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1894930105.00007FF7C0F70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F70000
|
Size: |
65536
|
|
191C7882000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1851051074.00000191C7882000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191C7882000
|
Size: |
8192
|
|
2E5EFFE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1543316570.0000002E5EFFE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E5EFFE000
|
Size: |
8192
|
|
7DF44F620000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1416637366.00007DF44F620000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7DF44F620000
|
Size: |
4096
|
|
21ED13F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1441026875.0000021ED13F0000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21ED13F0000
|
Size: |
4096
|
|
1B4F2081000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1411098501.000001B4F2081000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F2081000
|
Size: |
12288
|
|
34E7077000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1699068876.00000034E7077000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
34E7077000
|
Size: |
36864
|
|
1B4F2230000
|
heap
|
page readonly
|
|
|
|
Name: |
00000002.00000002.1412167226.000001B4F2230000.00000002.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page readonly
|
Base address: |
1B4F2230000
|
Size: |
4096
|
|
1C18B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2603116191.000000001C18B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1C18B000
|
Size: |
4096
|
|
1B481307000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B481307000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B481307000
|
Size: |
204800
|
|
7FF7C10E0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.1677485435.00007FF7C10E0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C10E0000
|
Size: |
4096
|
|
2234FC51000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.000002234FC51000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2234FC51000
|
Size: |
516096
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
22367E90000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1660680681.0000022367E90000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22367E90000
|
Size: |
4096
|
|
7FF7C0E90000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
0000000A.00000002.1890563151.00007FF7C0E90000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0E90000
|
Size: |
4096
|
|
55E2FF9000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1440400661.00000055E2FF9000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55E2FF9000
|
Size: |
28672
|
|
191CFCB4000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1881400021.00000191CFCB4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CFCB4000
|
Size: |
4096
|
|
191CFCF3000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1881699790.00000191CFCF3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CFCF3000
|
Size: |
61440
|
|
7FF7C0D66000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2612879954.00007FF7C0D66000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0D66000
|
Size: |
4096
|
|
13D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2564131465.00000000013D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13D0000
|
Size: |
12288
|
|
2E5F279000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1543646330.0000002E5F279000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E5F279000
|
Size: |
28672
|
|
2235F8A1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1635372615.000002235F8A1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2235F8A1000
|
Size: |
77824
|
|
2234DDD0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1546855993.000002234DDD0000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2234DDD0000
|
Size: |
4096
|
|
7FF7C1130000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1421435604.00007FF7C1130000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1130000
|
Size: |
8192
|
|
7FF7C1020000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1522313146.00007FF7C1020000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1020000
|
Size: |
65536
|
|
55E2CFE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1440137495.00000055E2CFE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55E2CFE000
|
Size: |
8192
|
|
223516C6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.00000223516C6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
223516C6000
|
Size: |
49152
|
|
55E3E8E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1440869012.00000055E3E8E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55E3E8E000
|
Size: |
8192
|
|
55E323E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1440651562.00000055E323E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55E323E000
|
Size: |
8192
|
|
7FF7C1009000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1673299776.00007FF7C1009000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1009000
|
Size: |
28672
|
|
7FF7C0EE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1519242026.00007FF7C0EE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0EE0000
|
Size: |
65536
|
|
2E601C9000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1544473245.0000002E601C9000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E601C9000
|
Size: |
28672
|
|
55E33BB000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1440744917.00000055E33BB000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55E33BB000
|
Size: |
20480
|
|
7FF7C10B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1522828008.00007FF7C10B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C10B0000
|
Size: |
4096
|
|
7FF7C0FB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1521559992.00007FF7C0FB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0FB0000
|
Size: |
24576
|
|
7FF7C0E50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2613365497.00007FF7C0E50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0E50000
|
Size: |
45056
|
|
21EEB861000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1515629413.0000021EEB861000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB861000
|
Size: |
32768
|
|
2234FD6D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.000002234FD6D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2234FD6D000
|
Size: |
5783552
|
|
21ED2F94000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1442870335.0000021ED2F94000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21ED2F94000
|
Size: |
798720
|
|
191CFC70000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1881310601.00000191CFC70000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CFC70000
|
Size: |
4096
|
|
2E5F37A000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1543856361.0000002E5F37A000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E5F37A000
|
Size: |
24576
|
|
7FF7C0FF3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1897430682.00007FF7C0FF3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0FF3000
|
Size: |
28672
|
|
12F1000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2563817685.00000000012F1000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
12F1000
|
Size: |
61440
|
|
223509C3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.00000223509C3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
223509C3000
|
Size: |
741376
|
|
7FF7C101C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1522110693.00007FF7C101C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C101C000
|
Size: |
8192
|
|
7FF7C1116000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1900283287.00007FF7C1116000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1116000
|
Size: |
16384
|
|
191C77D8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1851051074.00000191C77D8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191C77D8000
|
Size: |
651264
|
|
7FF7C0E6A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1518212920.00007FF7C0E6A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0E6A000
|
Size: |
24576
|
|
1B4F207D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1411098501.000001B4F207D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F207D000
|
Size: |
4096
|
|
7FF7C0F40000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1520246786.00007FF7C0F40000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F40000
|
Size: |
65536
|
|
191B5990000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1701659633.00000191B5990000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191B5990000
|
Size: |
4096
|
|
7FF7C0CCB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1516971412.00007FF7C0CCB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CCB000
|
Size: |
4096
|
|
191B5AF1000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1702627889.00000191B5AF1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191B5AF1000
|
Size: |
4096
|
|
191B73C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1708620999.00000191B73C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B73C0000
|
Size: |
16384
|
|
7FF7C0F10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1418408103.00007FF7C0F10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F10000
|
Size: |
65536
|
|
21ED35DD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED35DD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED35DD000
|
Size: |
5783552
|
|
7FF7C0EB4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1417863007.00007FF7C0EB4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0EB4000
|
Size: |
12288
|
|
22368042000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1662139430.0000022368042000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22368042000
|
Size: |
40960
|
|
7FF7C0DD0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.1666208594.00007FF7C0DD0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0DD0000
|
Size: |
16384
|
|
7FF7C0EB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1518753261.00007FF7C0EB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0EB0000
|
Size: |
65536
|
|
1B4F2040000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1411098501.000001B4F2040000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F2040000
|
Size: |
73728
|
|
7FF7C1120000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1523674504.00007FF7C1120000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1120000
|
Size: |
8192
|
|
22367FDB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1660846694.0000022367FDB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22367FDB000
|
Size: |
12288
|
|
7FF7C0EC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1518914700.00007FF7C0EC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0EC0000
|
Size: |
65536
|
|
7FF7C0FE3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1521873241.00007FF7C0FE3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0FE3000
|
Size: |
28672
|
|
2235095E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.000002235095E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2235095E000
|
Size: |
401408
|
|
21EEB536000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1512849335.0000021EEB536000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB536000
|
Size: |
49152
|
|
21ED16C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1442518595.0000021ED16C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED16C0000
|
Size: |
65536
|
|
7FF7C0EB2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1417863007.00007FF7C0EB2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0EB2000
|
Size: |
4096
|
|
191B5A90000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1701889022.00000191B5A90000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191B5A90000
|
Size: |
8192
|
|
7FF7C0F00000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1892439497.00007FF7C0F00000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F00000
|
Size: |
65536
|
|
1B48115A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B48115A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B48115A000
|
Size: |
303104
|
|
1B48133A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B48133A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B48133A000
|
Size: |
303104
|
|
2E6014E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1544425106.0000002E6014E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E6014E000
|
Size: |
8192
|
|
1B4902F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1405545492.000001B4902F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B4902F0000
|
Size: |
16384
|
|
7FF7C1020000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1420202549.00007FF7C1020000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1020000
|
Size: |
4096
|
|
21ED3D73000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED3D73000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED3D73000
|
Size: |
692224
|
|
1B4F4404000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1415320721.000001B4F4404000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F4404000
|
Size: |
36864
|
|
7FF7C0CD2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1416697078.00007FF7C0CD2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CD2000
|
Size: |
4096
|
|
7FF7C0E6A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1666626521.00007FF7C0E6A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0E6A000
|
Size: |
24576
|
|
7FF7C0E71000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1890104154.00007FF7C0E71000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0E71000
|
Size: |
32768
|
|
7DF4E0FA0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000005.00000002.1516654898.00007DF4E0FA0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7DF4E0FA0000
|
Size: |
4096
|
|
34E7E4D000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1700948738.00000034E7E4D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
34E7E4D000
|
Size: |
12288
|
|
7FF7C10C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1522925964.00007FF7C10C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C10C0000
|
Size: |
32768
|
|
7FF7C0EB8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1417863007.00007FF7C0EB8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0EB8000
|
Size: |
4096
|
|
7FF7C0ED0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1667874641.00007FF7C0ED0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0ED0000
|
Size: |
65536
|
|
21ED151F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1441053311.0000021ED151F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21ED151F000
|
Size: |
4096
|
|
7FF7C1018000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1673514552.00007FF7C1018000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1018000
|
Size: |
4096
|
|
2235FB91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1635372615.000002235FB91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2235FB91000
|
Size: |
4096
|
|
2E5F5FB000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1544167918.0000002E5F5FB000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E5F5FB000
|
Size: |
20480
|
|
1B481782000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B481782000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B481782000
|
Size: |
929792
|
|
22351107000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.0000022351107000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
22351107000
|
Size: |
147456
|
|
34E69FE000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1698141643.00000034E69FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
34E69FE000
|
Size: |
8192
|
|
7FF7C0CD0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1517137403.00007FF7C0CD0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CD0000
|
Size: |
4096
|
|
21ED4A02000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED4A02000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED4A02000
|
Size: |
376832
|
|
2E5F0FF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1543432585.0000002E5F0FF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E5F0FF000
|
Size: |
4096
|
|
7FF7C1110000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1421217348.00007FF7C1110000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1110000
|
Size: |
65536
|
|
7FF7C0FB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1419552695.00007FF7C0FB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0FB0000
|
Size: |
65536
|
|
7FF7C0D0C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.1665543058.00007FF7C0D0C000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0D0C000
|
Size: |
4096
|
|
191B5AED000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1702627889.00000191B5AED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191B5AED000
|
Size: |
12288
|
|
191B73B0000
|
trusted library section
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1708581443.00000191B73B0000.00000004.08000000.00040000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page read and write
|
Base address: |
191B73B0000
|
Size: |
4096
|
|
21ED43B7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED43B7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED43B7000
|
Size: |
4096
|
|
14A0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2564913843.00000000014A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
14A0000
|
Size: |
20480
|
|
1B4F20C5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1411098501.000001B4F20C5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F20C5000
|
Size: |
4096
|
|
1740000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2569304790.0000000001740000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1740000
|
Size: |
4096
|
|
7FF7C0E7A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1890104154.00007FF7C0E7A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0E7A000
|
Size: |
24576
|
|
21EEB543000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1512849335.0000021EEB543000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB543000
|
Size: |
49152
|
|
7FF7C1012000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1673514552.00007FF7C1012000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1012000
|
Size: |
4096
|
|
1B4F1FF0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1410829150.000001B4F1FF0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F1FF0000
|
Size: |
4096
|
|
7FF7C0CBD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000005.00000002.1516928280.00007FF7C0CBD000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0CBD000
|
Size: |
12288
|
|
7FF7C1120000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1900527610.00007FF7C1120000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1120000
|
Size: |
8192
|
|
1B481006000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B481006000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B481006000
|
Size: |
172032
|
|
7FF7C0CDB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1887983056.00007FF7C0CDB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CDB000
|
Size: |
4096
|
|
1B4F44C1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1416147585.000001B4F44C1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F44C1000
|
Size: |
36864
|
|
191CFEA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1887486523.00000191CFEA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191CFEA0000
|
Size: |
4096
|
|
1B4F42B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1414778956.000001B4F42B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F42B0000
|
Size: |
24576
|
|
565BDBF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387318008.000000565BDBF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
565BDBF000
|
Size: |
4096
|
|
1B4F4190000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1413551365.000001B4F4190000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F4190000
|
Size: |
40960
|
|
2E5F176000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1543465880.0000002E5F176000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E5F176000
|
Size: |
40960
|
|
7FF7C103C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1420307251.00007FF7C103C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C103C000
|
Size: |
8192
|
|
7FF7C0F40000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1669844938.00007FF7C0F40000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F40000
|
Size: |
65536
|
|
1B480087000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B480087000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B480087000
|
Size: |
1683456
|
|
191B8D12000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B8D12000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B8D12000
|
Size: |
929792
|
|
34E7DCC000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1700772488.00000034E7DCC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
34E7DCC000
|
Size: |
16384
|
|
22350841000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.0000022350841000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
22350841000
|
Size: |
397312
|
|
1B4F44F4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1416251413.000001B4F44F4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F44F4000
|
Size: |
16384
|
|
F40000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000001.00000000.1303905343.0000000000F40000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
1
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
F40000
|
Size: |
4096
|
|
21ED3B63000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED3B63000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED3B63000
|
Size: |
1716224
|
|
21ED4418000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED4418000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED4418000
|
Size: |
745472
|
|
7FF7C0F60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1894619880.00007FF7C0F60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F60000
|
Size: |
65536
|
|
21EEBAA0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1516618819.0000021EEBAA0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEBAA0000
|
Size: |
4096
|
|
22368004000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1660846694.0000022368004000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22368004000
|
Size: |
8192
|
|
191CFDFC000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1881699790.00000191CFDFC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CFDFC000
|
Size: |
4096
|
|
7FF7C1020000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1897801260.00007FF7C1020000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1020000
|
Size: |
4096
|
|
7FF7C0E61000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1666626521.00007FF7C0E61000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0E61000
|
Size: |
32768
|
|
1B4F3C90000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1412602663.000001B4F3C90000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F3C90000
|
Size: |
12288
|
|
21EEB7F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1514049638.0000021EEB7F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB7F3000
|
Size: |
4096
|
|
7FF7C0CC4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1887748993.00007FF7C0CC4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CC4000
|
Size: |
36864
|
|
21EEB4C6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1511986627.0000021EEB4C6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB4C6000
|
Size: |
331776
|
|
1C29C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2608149661.000000001C29C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1C29C000
|
Size: |
16384
|
|
1B481E01000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B481E01000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B481E01000
|
Size: |
118784
|
|
55E400E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1440998857.00000055E400E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55E400E000
|
Size: |
8192
|
|
7FF7C0DB6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1417233442.00007FF7C0DB6000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0DB6000
|
Size: |
86016
|
|
21ED3100000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1443926487.0000021ED3100000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21ED3100000
|
Size: |
12288
|
|
223508A5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.00000223508A5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
223508A5000
|
Size: |
176128
|
|
7FF7C0EA4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1890603409.00007FF7C0EA4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0EA4000
|
Size: |
12288
|
|
7FF7C0CB3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000005.00000002.1516802890.00007FF7C0CB3000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0CB3000
|
Size: |
4096
|
|
21ED15D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1442244077.0000021ED15D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21ED15D0000
|
Size: |
20480
|
|
7FF7C0D76000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1888349099.00007FF7C0D76000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0D76000
|
Size: |
24576
|
|
7FF437C30000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.2611389528.00007FF437C30000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF437C30000
|
Size: |
4096
|
|
22368170000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1664624917.0000022368170000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22368170000
|
Size: |
4096
|
|
7FF7C0EA8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1890603409.00007FF7C0EA8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0EA8000
|
Size: |
4096
|
|
21ED4A61000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED4A61000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED4A61000
|
Size: |
4763648
|
|
1D28E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2610709523.000000001D28E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1D28E000
|
Size: |
8192
|
|
55E2EF9000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1440317314.00000055E2EF9000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55E2EF9000
|
Size: |
28672
|
|
7FF7C101A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1673514552.00007FF7C101A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C101A000
|
Size: |
4096
|
|
7FF7C0EA0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000005.00000002.1518629110.00007FF7C0EA0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0EA0000
|
Size: |
45056
|
|
7FF7C0E90000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1417790983.00007FF7C0E90000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0E90000
|
Size: |
24576
|
|
7FF7C0E98000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1518520375.00007FF7C0E98000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0E98000
|
Size: |
4096
|
|
2235060E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.000002235060E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2235060E000
|
Size: |
491520
|
|
7FF7C1014000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1897585808.00007FF7C1014000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1014000
|
Size: |
4096
|
|
7FF7C0CC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1887617956.00007FF7C0CC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CC0000
|
Size: |
4096
|
|
191B77BA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B77BA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B77BA000
|
Size: |
2760704
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
21ED4893000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED4893000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED4893000
|
Size: |
929792
|
|
7FF7C0CE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1888215658.00007FF7C0CE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CE0000
|
Size: |
4096
|
|
2234F926000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.000002234F926000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2234F926000
|
Size: |
1691648
|
|
223502F2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.00000223502F2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
223502F2000
|
Size: |
1781760
|
|
2236804F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1662298260.000002236804F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2236804F000
|
Size: |
4096
|
|
1B480BF8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B480BF8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B480BF8000
|
Size: |
61440
|
|
21EE340C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1500338058.0000021EE340C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21EE340C000
|
Size: |
4096
|
|
1C0A0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2603116191.000000001C0A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1C0A0000
|
Size: |
733184
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
AV process strings found (often used to terminate AV products) |
Lowering of HIPS / PFW / Operating System Security Settings |
Security Software Discovery
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
191C75C1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1851051074.00000191C75C1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191C75C1000
|
Size: |
245760
|
|
191CFB7F000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1880672968.00000191CFB7F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CFB7F000
|
Size: |
32768
|
|
7FF7C0E62000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1889645978.00007FF7C0E62000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0E62000
|
Size: |
57344
|
|
21ED4979000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED4979000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED4979000
|
Size: |
143360
|
|
191B74C0000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
0000000A.00000002.1709216762.00000191B74C0000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
191B74C0000
|
Size: |
20480
|
|
1B4902FF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1405545492.000001B4902FF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B4902FF000
|
Size: |
4096
|
|
21ED15AC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1441053311.0000021ED15AC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21ED15AC000
|
Size: |
53248
|
|
7FF7C0D1C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
0000000A.00000002.1888252023.00007FF7C0D1C000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0D1C000
|
Size: |
4096
|
|
223504A6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.00000223504A6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
223504A6000
|
Size: |
1470464
|
|
30F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2569776203.00000000030F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
30F0000
|
Size: |
4096
|
|
7FF7C0F90000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1521215521.00007FF7C0F90000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F90000
|
Size: |
65536
|
|
21ED1519000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1441053311.0000021ED1519000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21ED1519000
|
Size: |
4096
|
|
7DF4E0FB0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000005.00000002.1516690182.00007DF4E0FB0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7DF4E0FB0000
|
Size: |
4096
|
|
7FF7C0ED0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1418003873.00007FF7C0ED0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0ED0000
|
Size: |
65536
|
|
2234F7C0000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.1547531623.000002234F7C0000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
2234F7C0000
|
Size: |
4096
|
|
FE0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2563780922.0000000000FE0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FE0000
|
Size: |
4096
|
|
7FF7C1050000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1898701682.00007FF7C1050000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1050000
|
Size: |
36864
|
|
1B4F43C3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1415004581.000001B4F43C3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F43C3000
|
Size: |
122880
|
|
7FF7C0CD0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1887983056.00007FF7C0CD0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CD0000
|
Size: |
40960
|
|
1B4813C5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B4813C5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B4813C5000
|
Size: |
3915776
|
|
21EE3111000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1500338058.0000021EE3111000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21EE3111000
|
Size: |
77824
|
|
2E5EF7E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1543259718.0000002E5EF7E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E5EF7E000
|
Size: |
8192
|
|
1B4F3C95000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1412602663.000001B4F3C95000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F3C95000
|
Size: |
24576
|
|
2234F890000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547630574.000002234F890000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2234F890000
|
Size: |
12288
|
|
191CFCAC000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1881400021.00000191CFCAC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CFCAC000
|
Size: |
4096
|
|
7FF7C0E92000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1518520375.00007FF7C0E92000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0E92000
|
Size: |
4096
|
|
191B73E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1708700417.00000191B73E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B73E0000
|
Size: |
4096
|
|
7FF7C0F10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1519738297.00007FF7C0F10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F10000
|
Size: |
65536
|
|
191B760C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B760C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B760C000
|
Size: |
1732608
|
|
21ED4322000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED4322000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED4322000
|
Size: |
241664
|
|
22367D41000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1658629177.0000022367D41000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22367D41000
|
Size: |
155648
|
|
7FF7C1020000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1673873764.00007FF7C1020000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1020000
|
Size: |
65536
|
|
7FF7C0EA2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1890603409.00007FF7C0EA2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0EA2000
|
Size: |
4096
|
|
2235FB8C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1635372615.000002235FB8C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2235FB8C000
|
Size: |
16384
|
|
7FF7C0F80000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1895265406.00007FF7C0F80000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F80000
|
Size: |
65536
|
|
7FF7C0CD4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2612561243.00007FF7C0CD4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CD4000
|
Size: |
4096
|
|
1B130000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2602339860.000000001B130000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B130000
|
Size: |
4096
|
|
191CFCBC000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1881400021.00000191CFCBC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CFCBC000
|
Size: |
4096
|
|
7FF7C1120000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1421316078.00007FF7C1120000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1120000
|
Size: |
65536
|
|
191B7400000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1708781698.00000191B7400000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B7400000
|
Size: |
65536
|
|
565C88C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387423429.000000565C88C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
565C88C000
|
Size: |
16384
|
|
2234DD45000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1544668717.000002234DD45000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2234DD45000
|
Size: |
397312
|
|
7FF7C0CB4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2611576456.00007FF7C0CB4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CB4000
|
Size: |
8192
|
|
7FF7C0DA6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
0000000A.00000002.1888754410.00007FF7C0DA6000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0DA6000
|
Size: |
86016
|
|
2235112E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.000002235112E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2235112E000
|
Size: |
778240
|
|
1BD9E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2602875797.000000001BD9E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1BD9E000
|
Size: |
8192
|
|
21ED1510000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1441053311.0000021ED1510000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21ED1510000
|
Size: |
24576
|
|
21ED3E8F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED3E8F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED3E8F000
|
Size: |
2637824
|
|
21ED4F12000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED4F12000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED4F12000
|
Size: |
118784
|
|
22350AB4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.0000022350AB4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
22350AB4000
|
Size: |
606208
|
|
7FF7C0EE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1891692616.00007FF7C0EE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0EE0000
|
Size: |
65536
|
|
21EEB7FB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1514049638.0000021EEB7FB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB7FB000
|
Size: |
4096
|
|
2236809F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1662298260.000002236809F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2236809F000
|
Size: |
421888
|
|
7FF7C0CB4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1516834819.00007FF7C0CB4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CB4000
|
Size: |
36864
|
|
2235FB99000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1635372615.000002235FB99000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2235FB99000
|
Size: |
4096
|
|
21EEB4AF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1511101322.0000021EEB4AF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB4AF000
|
Size: |
20480
|
|
7FF7C0F30000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1520066431.00007FF7C0F30000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F30000
|
Size: |
65536
|
|
7FF7C0E52000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1518019280.00007FF7C0E52000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0E52000
|
Size: |
57344
|
|
2234DD05000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1544668717.000002234DD05000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2234DD05000
|
Size: |
32768
|
|
7FF7C0F50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1670139997.00007FF7C0F50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F50000
|
Size: |
65536
|
|
191B8898000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B8898000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B8898000
|
Size: |
225280
|
|
3101000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2569949990.0000000003101000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3101000
|
Size: |
323584
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
21EEB462000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1511101322.0000021EEB462000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB462000
|
Size: |
49152
|
|
191C787B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1851051074.00000191C787B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191C787B000
|
Size: |
12288
|
|
21ED155D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1441053311.0000021ED155D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21ED155D000
|
Size: |
319488
|
|
191B93B6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B93B6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B93B6000
|
Size: |
49152
|
|
1B4F4274000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1414300722.000001B4F4274000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F4274000
|
Size: |
110592
|
|
21ED3D0F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED3D0F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED3D0F000
|
Size: |
28672
|
|
2234F8A1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.000002234F8A1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2234F8A1000
|
Size: |
532480
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
7DF44F610000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1416606330.00007DF44F610000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7DF44F610000
|
Size: |
4096
|
|
7FF7C0CD3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1416759046.00007FF7C0CD3000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0CD3000
|
Size: |
4096
|
|
223508D1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.00000223508D1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
223508D1000
|
Size: |
200704
|
|
34E737C000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1700143676.00000034E737C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
34E737C000
|
Size: |
16384
|
|
34E6D7E000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1698335419.00000034E6D7E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
34E6D7E000
|
Size: |
8192
|
|
21EEB7B5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1514049638.0000021EEB7B5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB7B5000
|
Size: |
28672
|
|
21ED15F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1442292718.0000021ED15F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21ED15F0000
|
Size: |
8192
|
|
7FF7C0FC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1672412120.00007FF7C0FC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0FC0000
|
Size: |
61440
|
|
2236815A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1664352440.000002236815A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2236815A000
|
Size: |
57344
|
|
7FF7C10F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1523222237.00007FF7C10F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C10F0000
|
Size: |
36864
|
|
34E69B3000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1697934879.00000034E69B3000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
34E69B3000
|
Size: |
53248
|
|
55E2C7D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1440095937.00000055E2C7D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55E2C7D000
|
Size: |
12288
|
|
7FF7C0CC2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1887617956.00007FF7C0CC2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CC2000
|
Size: |
4096
|
|
191B855D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B855D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B855D000
|
Size: |
229376
|
|
7FF7C1029000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1420202549.00007FF7C1029000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1029000
|
Size: |
28672
|
|
7FF7C0E61000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1518212920.00007FF7C0E61000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0E61000
|
Size: |
32768
|
|
22367EB0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1660680681.0000022367EB0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22367EB0000
|
Size: |
32768
|
|
2E5FFCE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1544237752.0000002E5FFCE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E5FFCE000
|
Size: |
8192
|
|
7FF7C1019000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1897585808.00007FF7C1019000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1019000
|
Size: |
28672
|
|
21EEB570000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1513136841.0000021EEB570000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21EEB570000
|
Size: |
4096
|
|
7FF7C101C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1673514552.00007FF7C101C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C101C000
|
Size: |
8192
|
|
7FF7C0ED0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1891338927.00007FF7C0ED0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0ED0000
|
Size: |
65536
|
|
1B4810BD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B4810BD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B4810BD000
|
Size: |
393216
|
|
191B73F0000
|
heap
|
page readonly
|
|
|
|
Name: |
0000000A.00000002.1708741165.00000191B73F0000.00000002.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page readonly
|
Base address: |
191B73F0000
|
Size: |
4096
|
|
7FF7C1110000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1678699669.00007FF7C1110000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1110000
|
Size: |
65536
|
|
7FF7C1130000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1679104970.00007FF7C1130000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1130000
|
Size: |
65536
|
|
191B7460000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709102653.00000191B7460000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B7460000
|
Size: |
12288
|
|
7FF7C0E60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1889645978.00007FF7C0E60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0E60000
|
Size: |
4096
|
|
7FF7C0CC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1516971412.00007FF7C0CC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CC0000
|
Size: |
40960
|
|
22367FB5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1660846694.0000022367FB5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22367FB5000
|
Size: |
151552
|
|
2236816B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1664551300.000002236816B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2236816B000
|
Size: |
4096
|
|
21EEB4AB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1511101322.0000021EEB4AB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB4AB000
|
Size: |
12288
|
|
1B4F4506000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1416394858.000001B4F4506000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F4506000
|
Size: |
8192
|
|
14A6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2564913843.00000000014A6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
14A6000
|
Size: |
20480
|
|
2235F8C1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1635372615.000002235F8C1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2235F8C1000
|
Size: |
8192
|
|
2234F700000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547190414.000002234F700000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2234F700000
|
Size: |
16384
|
|
7FF7C10F0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1420994152.00007FF7C10F0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C10F0000
|
Size: |
4096
|
|
1B4812A5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B4812A5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B4812A5000
|
Size: |
389120
|
|
191C7880000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1851051074.00000191C7880000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191C7880000
|
Size: |
4096
|
|
565C98C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387485338.000000565C98C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
565C98C000
|
Size: |
16384
|
|
7FF7C1040000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1522550404.00007FF7C1040000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1040000
|
Size: |
36864
|
|
191B81C6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B81C6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B81C6000
|
Size: |
1298432
|
|
7FF7C1024000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1420202549.00007FF7C1024000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1024000
|
Size: |
4096
|
|
1B481385000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B481385000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B481385000
|
Size: |
241664
|
|
2234DDA7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1544668717.000002234DDA7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2234DDA7000
|
Size: |
98304
|
|
7FF7C10F0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1677764558.00007FF7C10F0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C10F0000
|
Size: |
36864
|
|
7FF7C1010000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1522110693.00007FF7C1010000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1010000
|
Size: |
4096
|
|
F40000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000001.00000002.2563676614.0000000000F40000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
F40000
|
Size: |
4096
|
|
1B4F43E4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1415004581.000001B4F43E4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F43E4000
|
Size: |
49152
|
|
7FF7C0D66000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1665628475.00007FF7C0D66000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0D66000
|
Size: |
24576
|
|
2234F800000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547560962.000002234F800000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2234F800000
|
Size: |
12288
|
|
7FF7C0E50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1518019280.00007FF7C0E50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0E50000
|
Size: |
4096
|
|
21ED41D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED41D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED41D0000
|
Size: |
393216
|
|
1B4F22C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1412324177.000001B4F22C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B4F22C0000
|
Size: |
65536
|
|
2235F8D1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1635372615.000002235F8D1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2235F8D1000
|
Size: |
253952
|
|
21ED3111000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED3111000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED3111000
|
Size: |
536576
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
1B4F41D9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1413551365.000001B4F41D9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F41D9000
|
Size: |
241664
|
|
55E303F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1440450347.00000055E303F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55E303F000
|
Size: |
4096
|
|
21EEB4B5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1511986627.0000021EEB4B5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB4B5000
|
Size: |
16384
|
|
191B7591000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B7591000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B7591000
|
Size: |
491520
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
565B87E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1386721310.000000565B87E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
565B87E000
|
Size: |
8192
|
|
191B85F5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B85F5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B85F5000
|
Size: |
372736
|
|
7FF7C0FE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1521842275.00007FF7C0FE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0FE0000
|
Size: |
4096
|
|
7FF7C0FA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1671920869.00007FF7C0FA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0FA0000
|
Size: |
65536
|
|
2234FACA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.000002234FACA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2234FACA000
|
Size: |
1576960
|
|
191B7430000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709102653.00000191B7430000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B7430000
|
Size: |
4096
|
|
7FF7C0CB4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1665086984.00007FF7C0CB4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CB4000
|
Size: |
36864
|
|
7FF7C1060000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1420581451.00007FF7C1060000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1060000
|
Size: |
36864
|
|
1B4F3BA0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1412488666.000001B4F3BA0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F3BA0000
|
Size: |
4096
|
|
21ED4F32000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED4F32000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED4F32000
|
Size: |
12288
|
|
191B8188000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B8188000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B8188000
|
Size: |
53248
|
|
1B4F4455000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1415596647.000001B4F4455000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F4455000
|
Size: |
94208
|
|
7FF7C0CB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1665028581.00007FF7C0CB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CB0000
|
Size: |
4096
|
|
1B4902F5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1405545492.000001B4902F5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B4902F5000
|
Size: |
4096
|
|
7FF7C0E94000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1667010302.00007FF7C0E94000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0E94000
|
Size: |
12288
|
|
1C595000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2608265506.000000001C595000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1C595000
|
Size: |
45056
|
|
21ED1670000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1442406195.0000021ED1670000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED1670000
|
Size: |
16384
|
|
1C98F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2608663828.000000001C98F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1C98F000
|
Size: |
4096
|
|
7FF7C10C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1420651756.00007FF7C10C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C10C0000
|
Size: |
65536
|
|
7FF7C1009000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1521957414.00007FF7C1009000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1009000
|
Size: |
28672
|
|
191B7A5D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B7A5D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B7A5D000
|
Size: |
5783552
|
|
7FF7C1003000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1420151404.00007FF7C1003000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1003000
|
Size: |
28672
|
|
7FF7C0FA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1521386130.00007FF7C0FA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0FA0000
|
Size: |
65536
|
|
191C7A41000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1851051074.00000191C7A41000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191C7A41000
|
Size: |
32768
|
|
191B8304000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B8304000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B8304000
|
Size: |
2269184
|
|
7FF7C0F10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1892753072.00007FF7C0F10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F10000
|
Size: |
65536
|
|
21ED14E3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1441053311.0000021ED14E3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21ED14E3000
|
Size: |
176128
|
|
7FF7C10C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1674662191.00007FF7C10C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C10C0000
|
Size: |
32768
|
|
1455000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2564317041.0000000001455000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1455000
|
Size: |
24576
|
|
7FF7C0E81000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1417541185.00007FF7C0E81000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0E81000
|
Size: |
32768
|
|
7FF7C1000000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1521957414.00007FF7C1000000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1000000
|
Size: |
4096
|
|
191B5D60000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1708239628.00000191B5D60000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191B5D60000
|
Size: |
4096
|
|
7FF7C0F90000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1671658417.00007FF7C0F90000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F90000
|
Size: |
65536
|
|
7FF7C1100000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1899903152.00007FF7C1100000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1100000
|
Size: |
65536
|
|
21EE3402000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1500338058.0000021EE3402000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21EE3402000
|
Size: |
4096
|
|
7FF7C0FE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1897281173.00007FF7C0FE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0FE0000
|
Size: |
16384
|
|
7FF7C0D0C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000005.00000002.1517173283.00007FF7C0D0C000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0D0C000
|
Size: |
4096
|
|
1B4F443E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1415596647.000001B4F443E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F443E000
|
Size: |
77824
|
|
1C09E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2603053305.000000001C09E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1C09E000
|
Size: |
8192
|
|
565BCBE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387265995.000000565BCBE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
565BCBE000
|
Size: |
8192
|
|
191CFE39000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1887008132.00000191CFE39000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CFE39000
|
Size: |
4096
|
|
22368008000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1660846694.0000022368008000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22368008000
|
Size: |
8192
|
|
7FF7C0F00000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1418311746.00007FF7C0F00000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F00000
|
Size: |
65536
|
|
191CFCB8000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1881400021.00000191CFCB8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CFCB8000
|
Size: |
4096
|
|
55E2D7E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1440183619.00000055E2D7E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55E2D7E000
|
Size: |
8192
|
|
7FF7C0EF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1418218840.00007FF7C0EF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0EF0000
|
Size: |
65536
|
|
191B8837000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B8837000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B8837000
|
Size: |
385024
|
|
7FF7C1130000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1523743703.00007FF7C1130000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1130000
|
Size: |
65536
|
|
21ED44D3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED44D3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED44D3000
|
Size: |
3928064
|
|
7FF7C10C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1899265803.00007FF7C10C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C10C0000
|
Size: |
4096
|
|
1CA8D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2608745537.000000001CA8D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1CA8D000
|
Size: |
12288
|
|
7FF7C0F70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1419002070.00007FF7C0F70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F70000
|
Size: |
65536
|
|
22367FB0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1660846694.0000022367FB0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22367FB0000
|
Size: |
16384
|
|
191B8E1E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B8E1E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B8E1E000
|
Size: |
401408
|
|
22367E87000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.1660539617.0000022367E87000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
22367E87000
|
Size: |
12288
|
|
2E5F4FE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1544069634.0000002E5F4FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E5F4FE000
|
Size: |
8192
|
|
7FF7C1018000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1522110693.00007FF7C1018000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1018000
|
Size: |
12288
|
|
1BADE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2602581894.000000001BADE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1BADE000
|
Size: |
8192
|
|
21EEB4BB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1511986627.0000021EEB4BB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB4BB000
|
Size: |
40960
|
|
7FF7C0F50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1894309676.00007FF7C0F50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F50000
|
Size: |
65536
|
|
2E5EE73000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1543084255.0000002E5EE73000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E5EE73000
|
Size: |
53248
|
|
7FF7C1110000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1523477522.00007FF7C1110000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1110000
|
Size: |
65536
|
|
565B8F9000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387056422.000000565B8F9000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
565B8F9000
|
Size: |
28672
|
|
2234FCD0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.000002234FCD0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2234FCD0000
|
Size: |
634880
|
|
55E2E7E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1440284403.00000055E2E7E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55E2E7E000
|
Size: |
8192
|
|
2234DF20000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1546992775.000002234DF20000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2234DF20000
|
Size: |
16384
|
|
7FF7C0F80000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1520943103.00007FF7C0F80000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F80000
|
Size: |
65536
|
|
1C18D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2603116191.000000001C18D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1C18D000
|
Size: |
73728
|
|
7FF7C0D70000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.2612974887.00007FF7C0D70000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0D70000
|
Size: |
4096
|
|
7FF7C10CC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1899265803.00007FF7C10CC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C10CC000
|
Size: |
16384
|
|
21EEB825000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1515629413.0000021EEB825000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB825000
|
Size: |
155648
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
7FF7C0F00000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1668801339.00007FF7C0F00000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F00000
|
Size: |
65536
|
|
22367FE3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1660846694.0000022367FE3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22367FE3000
|
Size: |
126976
|
|
1B480001000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B480001000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B480001000
|
Size: |
536576
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
55E333F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1440717247.00000055E333F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55E333F000
|
Size: |
4096
|
|
7FF7C10A0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1522648089.00007FF7C10A0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C10A0000
|
Size: |
8192
|
|
565B3FE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1386606737.000000565B3FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
565B3FE000
|
Size: |
8192
|
|
22367D83000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1659123298.0000022367D83000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22367D83000
|
Size: |
45056
|
|
1B490031000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1405545492.000001B490031000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B490031000
|
Size: |
266240
|
|
7FF7C0FC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1521639021.00007FF7C0FC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0FC0000
|
Size: |
61440
|
|
7FF7C0FE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1673056890.00007FF7C0FE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0FE0000
|
Size: |
4096
|
|
22351022000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.0000022351022000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
22351022000
|
Size: |
929792
|
|
1B481031000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B481031000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B481031000
|
Size: |
569344
|
|
191B8EAE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B8EAE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B8EAE000
|
Size: |
188416
|
|
191B8EDF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B8EDF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B8EDF000
|
Size: |
4763648
|
|
191CFD03000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1881699790.00000191CFD03000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CFD03000
|
Size: |
655360
|
|
191B8597000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B8597000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B8597000
|
Size: |
176128
|
|
191B8DF8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B8DF8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B8DF8000
|
Size: |
143360
|
|
13111000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2600396156.0000000013111000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
13111000
|
Size: |
356352
|
|
1562000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2564913843.0000000001562000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1562000
|
Size: |
81920
|
|
2E5F47F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1544040872.0000002E5F47F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E5F47F000
|
Size: |
4096
|
|
22367D8F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1659123298.0000022367D8F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22367D8F000
|
Size: |
12288
|
|
21ED1558000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1441053311.0000021ED1558000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21ED1558000
|
Size: |
4096
|
|
2235FCDC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1635372615.000002235FCDC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2235FCDC000
|
Size: |
520192
|
|
1B4F20C7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1411098501.000001B4F20C7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F20C7000
|
Size: |
413696
|
|
7FF7C0EB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1667334627.00007FF7C0EB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0EB0000
|
Size: |
65536
|
|
FD0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2563742042.0000000000FD0000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
FD0000
|
Size: |
4096
|
|
1514000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2564913843.0000000001514000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1514000
|
Size: |
290816
|
|
21ED3339000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED3339000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED3339000
|
Size: |
2764800
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
223516A1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.00000223516A1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
223516A1000
|
Size: |
118784
|
|
1B4F3CA8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1412696715.000001B4F3CA8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F3CA8000
|
Size: |
798720
|
|
34E727F000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1699999836.00000034E727F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
34E727F000
|
Size: |
4096
|
|
7FF7C0EC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1667608453.00007FF7C0EC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0EC0000
|
Size: |
65536
|
|
1B4F2030000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1410856798.000001B4F2030000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B4F2030000
|
Size: |
16384
|
|
191CFB98000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1880672968.00000191CFB98000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CFB98000
|
Size: |
12288
|
|
7FF7C0CC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2611868701.00007FF7C0CC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CC0000
|
Size: |
4096
|
|
223678AB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1654493975.00000223678AB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
223678AB000
|
Size: |
798720
|
|
22367E80000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.1660539617.0000022367E80000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
22367E80000
|
Size: |
20480
|
|
7FF7C0F80000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1671361420.00007FF7C0F80000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F80000
|
Size: |
65536
|
|
7FF7C0F70000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1520740548.00007FF7C0F70000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F70000
|
Size: |
65536
|
|
1BE9E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2602937993.000000001BE9E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1BE9E000
|
Size: |
8192
|
|
1BAF0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2602641500.000000001BAF0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1BAF0000
|
Size: |
8192
|
|
22368172000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1664624917.0000022368172000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22368172000
|
Size: |
12288
|
|
191CF596000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1872627776.00000191CF596000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CF596000
|
Size: |
798720
|
|
21ED16A0000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000005.00000002.1442469322.0000021ED16A0000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
21ED16A0000
|
Size: |
4096
|
|
7FF7C0EC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1890977195.00007FF7C0EC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0EC0000
|
Size: |
65536
|
|
1B4F2053000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1411098501.000001B4F2053000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F2053000
|
Size: |
159744
|
|
21EE3185000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1500338058.0000021EE3185000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21EE3185000
|
Size: |
2576384
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
191CFCA0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1881400021.00000191CFCA0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CFCA0000
|
Size: |
4096
|
|
565B97D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387085496.000000565B97D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
565B97D000
|
Size: |
12288
|
|
14CA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2564913843.00000000014CA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
14CA000
|
Size: |
90112
|
|
1B480F9F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B480F9F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B480F9F000
|
Size: |
4096
|
|
1B4F1F80000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1410721948.000001B4F1F80000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F1F80000
|
Size: |
4096
|
|
7FF7C0EF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1519397386.00007FF7C0EF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0EF0000
|
Size: |
65536
|
|
191C7889000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1851051074.00000191C7889000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191C7889000
|
Size: |
4096
|
|
22350BAA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.0000022350BAA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
22350BAA000
|
Size: |
208896
|
|
565B7FA000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1386695735.000000565B7FA000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
565B7FA000
|
Size: |
24576
|
|
1B4F1F90000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1410748501.000001B4F1F90000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F1F90000
|
Size: |
16384
|
|
7FF7C0E70000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.1666866950.00007FF7C0E70000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0E70000
|
Size: |
4096
|
|
2E5F57E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1544119211.0000002E5F57E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E5F57E000
|
Size: |
8192
|
|
191B87A2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B87A2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B87A2000
|
Size: |
241664
|
|
2234F730000
|
heap
|
page readonly
|
|
|
|
Name: |
00000008.00000002.1547280691.000002234F730000.00000002.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page readonly
|
Base address: |
2234F730000
|
Size: |
4096
|
|
1450000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2564317041.0000000001450000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1450000
|
Size: |
12288
|
|
21ED1775000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1442651424.0000021ED1775000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21ED1775000
|
Size: |
40960
|
|
7FF7C0DD0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000005.00000002.1517870289.00007FF7C0DD0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0DD0000
|
Size: |
53248
|
|
191B7420000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709063859.00000191B7420000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191B7420000
|
Size: |
4096
|
|
21EEB84D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1515629413.0000021EEB84D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB84D000
|
Size: |
61440
|
|
2236801C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1660846694.000002236801C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2236801C000
|
Size: |
8192
|
|
2E600CE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1544374936.0000002E600CE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E600CE000
|
Size: |
8192
|
|
191B5D85000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1708285787.00000191B5D85000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191B5D85000
|
Size: |
40960
|
|
7FF7C0F10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1669035384.00007FF7C0F10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F10000
|
Size: |
65536
|
|
1483000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2564608831.0000000001483000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1483000
|
Size: |
53248
|
|
7FF7C0CB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2611443456.00007FF7C0CB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CB0000
|
Size: |
4096
|
|
1CF88000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2610309487.000000001CF88000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1CF88000
|
Size: |
32768
|
|
34E6E7E000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1698539378.00000034E6E7E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
34E6E7E000
|
Size: |
8192
|
|
1815000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2569453189.0000000001815000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1815000
|
Size: |
40960
|
|
7FF7C0D96000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000005.00000002.1517659747.00007FF7C0D96000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0D96000
|
Size: |
86016
|
|
21ED3197000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED3197000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED3197000
|
Size: |
1683456
|
|
7FF7C10E0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1420860091.00007FF7C10E0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C10E0000
|
Size: |
65536
|
|
22350C67000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.0000022350C67000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
22350C67000
|
Size: |
3907584
|
|
191CFA31000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1875964316.00000191CFA31000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CFA31000
|
Size: |
36864
|
|
191CF9E0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1875964316.00000191CF9E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CF9E0000
|
Size: |
327680
|
|
1B4F43F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1415320721.000001B4F43F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F43F3000
|
Size: |
16384
|
|
55E30B6000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1440481605.00000055E30B6000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55E30B6000
|
Size: |
40960
|
|
7FF7C0FD0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1419747712.00007FF7C0FD0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0FD0000
|
Size: |
65536
|
|
1B4F4220000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1414163525.000001B4F4220000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F4220000
|
Size: |
8192
|
|
7FF7C0EF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1892092098.00007FF7C0EF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0EF0000
|
Size: |
65536
|
|
191CFB70000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1880672968.00000191CFB70000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CFB70000
|
Size: |
53248
|
|
7FF7C0E8A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1417541185.00007FF7C0E8A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0E8A000
|
Size: |
24576
|
|
1B4F3BC0000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1412521873.000001B4F3BC0000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
1B4F3BC0000
|
Size: |
4096
|
|
191CFE33000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1887008132.00000191CFE33000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CFE33000
|
Size: |
20480
|
|
22350903000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.0000022350903000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
22350903000
|
Size: |
368640
|
|
2E5F2F6000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1543737778.0000002E5F2F6000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E5F2F6000
|
Size: |
40960
|
|
7FF7C0CB2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1516732996.00007FF7C0CB2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CB2000
|
Size: |
4096
|
|
22368129000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1663803792.0000022368129000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22368129000
|
Size: |
20480
|
|
7FF7C1050000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1420493955.00007FF7C1050000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1050000
|
Size: |
65536
|
|
21EEB7FF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1514049638.0000021EEB7FF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB7FF000
|
Size: |
4096
|
|
34E6C7E000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1698224181.00000034E6C7E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
34E6C7E000
|
Size: |
8192
|
|
7FF7C1100000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1523313384.00007FF7C1100000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1100000
|
Size: |
4096
|
|
2236810D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1663803792.000002236810D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2236810D000
|
Size: |
45056
|
|
13F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2564212204.00000000013F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13F0000
|
Size: |
4096
|
|
1B4F4453000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1415596647.000001B4F4453000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F4453000
|
Size: |
4096
|
|
1B49030F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1405545492.000001B49030F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B49030F000
|
Size: |
1769472
|
|
7FF7C0CB3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.1665058823.00007FF7C0CB3000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0CB3000
|
Size: |
4096
|
|
1CB8E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2608841850.000000001CB8E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1CB8E000
|
Size: |
8192
|
|
7FF7C0CD0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1416697078.00007FF7C0CD0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CD0000
|
Size: |
4096
|
|
7FF7C0FA0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1895972420.00007FF7C0FA0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0FA0000
|
Size: |
65536
|
|
7FF7C0E94000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1518520375.00007FF7C0E94000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0E94000
|
Size: |
12288
|
|
565B67E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1386628032.000000565B67E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
565B67E000
|
Size: |
8192
|
|
1B4F419B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1413551365.000001B4F419B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F419B000
|
Size: |
249856
|
|
7FF7C0F60000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1670637710.00007FF7C0F60000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F60000
|
Size: |
65536
|
|
34E6FF9000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1698897349.00000034E6FF9000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
34E6FF9000
|
Size: |
28672
|
|
1B4F2310000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1412397535.000001B4F2310000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F2310000
|
Size: |
16384
|
|
21ED3D07000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED3D07000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED3D07000
|
Size: |
28672
|
|
7FF7C0CB3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.2611499738.00007FF7C0CB3000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0CB3000
|
Size: |
4096
|
|
21ED2F50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1442779571.0000021ED2F50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED2F50000
|
Size: |
16384
|
|
21ED1531000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1441053311.0000021ED1531000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21ED1531000
|
Size: |
20480
|
|
565B9F9000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387112176.000000565B9F9000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
565B9F9000
|
Size: |
28672
|
|
1B480BEA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B480BEA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B480BEA000
|
Size: |
53248
|
|
1B4F209D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1411098501.000001B4F209D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F209D000
|
Size: |
20480
|
|
7FF7C1012000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1522110693.00007FF7C1012000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1012000
|
Size: |
20480
|
|
21EE3404000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1500338058.0000021EE3404000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21EE3404000
|
Size: |
12288
|
|
21EE341C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1500338058.0000021EE341C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21EE341C000
|
Size: |
1769472
|
|
22350687000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.0000022350687000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
22350687000
|
Size: |
1798144
|
|
34E71FE000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1699790842.00000034E71FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
34E71FE000
|
Size: |
8192
|
|
7FF7C1010000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1673514552.00007FF7C1010000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1010000
|
Size: |
4096
|
|
21ED1630000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1442325647.0000021ED1630000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21ED1630000
|
Size: |
4096
|
|
191B85C3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B85C3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B85C3000
|
Size: |
200704
|
|
565B373000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1386576516.000000565B373000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
565B373000
|
Size: |
53248
|
|
7FF7C0CCD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.2612421069.00007FF7C0CCD000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0CCD000
|
Size: |
12288
|
|
2234F6D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547159291.000002234F6D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2234F6D0000
|
Size: |
4096
|
|
3159000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2569949990.0000000003159000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3159000
|
Size: |
4096
|
|
7FF7C10D6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1674900827.00007FF7C10D6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C10D6000
|
Size: |
40960
|
|
13108000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2600396156.0000000013108000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
13108000
|
Size: |
32768
|
|
2234DCC8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1544668717.000002234DCC8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2234DCC8000
|
Size: |
208896
|
|
7FF7C1000000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1420064116.00007FF7C1000000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1000000
|
Size: |
4096
|
|
191B7580000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709446962.00000191B7580000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191B7580000
|
Size: |
12288
|
|
2E5F07A000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1543362235.0000002E5F07A000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E5F07A000
|
Size: |
24576
|
|
1B4F3C10000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1412549063.000001B4F3C10000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B4F3C10000
|
Size: |
4096
|
|
7FF7C0D6C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.1665726372.00007FF7C0D6C000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0D6C000
|
Size: |
61440
|
|
7FF7C1004000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1521957414.00007FF7C1004000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1004000
|
Size: |
4096
|
|
7FF7C1038000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1420307251.00007FF7C1038000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1038000
|
Size: |
12288
|
|
22368176000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1664624917.0000022368176000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22368176000
|
Size: |
16384
|
|
14E3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2564913843.00000000014E3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
14E3000
|
Size: |
24576
|
|
7FF7C0E52000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1666408125.00007FF7C0E52000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0E52000
|
Size: |
57344
|
|
1B4F44FB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1416316600.000001B4F44FB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F44FB000
|
Size: |
40960
|
|
21ED1650000
|
trusted library section
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1442350112.0000021ED1650000.00000004.08000000.00040000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page read and write
|
Base address: |
21ED1650000
|
Size: |
4096
|
|
21ED43B9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED43B9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED43B9000
|
Size: |
376832
|
|
21EEB7EF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1514049638.0000021EEB7EF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB7EF000
|
Size: |
8192
|
|
7FF7C0FB0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1896277079.00007FF7C0FB0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0FB0000
|
Size: |
65536
|
|
565BBB8000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387215310.000000565BBB8000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
565BBB8000
|
Size: |
32768
|
|
3161000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2569949990.0000000003161000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3161000
|
Size: |
6365184
|
|
1B68D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2602428985.000000001B68D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1B68D000
|
Size: |
12288
|
|
7FF7C0F20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1893123092.00007FF7C0F20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F20000
|
Size: |
65536
|
|
7FF7C0DD0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.2613077919.00007FF7C0DD0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0DD0000
|
Size: |
57344
|
|
191B5D80000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1708285787.00000191B5D80000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191B5D80000
|
Size: |
16384
|
|
7FF7C0F20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1418516335.00007FF7C0F20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F20000
|
Size: |
65536
|
|
21ED4233000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED4233000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED4233000
|
Size: |
737280
|
|
7FF7C1130000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1900586878.00007FF7C1130000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1130000
|
Size: |
65536
|
|
1B4818F1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B4818F1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B4818F1000
|
Size: |
376832
|
|
22350A7B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.0000022350A7B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
22350A7B000
|
Size: |
229376
|
|
2234F750000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547501499.000002234F750000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2234F750000
|
Size: |
4096
|
|
7FF7C10B0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1898906218.00007FF7C10B0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C10B0000
|
Size: |
65536
|
|
1480000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2564608831.0000000001480000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1480000
|
Size: |
8192
|
|
7FF7C0F00000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1519571863.00007FF7C0F00000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F00000
|
Size: |
65536
|
|
21ED15BA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1441053311.0000021ED15BA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21ED15BA000
|
Size: |
86016
|
|
7DF4936B0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.1664931117.00007DF4936B0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7DF4936B0000
|
Size: |
4096
|
|
2234DF25000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1546992775.000002234DF25000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2234DF25000
|
Size: |
40960
|
|
7FF7C1040000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1898366554.00007FF7C1040000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1040000
|
Size: |
65536
|
|
191CFE1F000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1886908282.00000191CFE1F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CFE1F000
|
Size: |
16384
|
|
191B5AF5000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1702627889.00000191B5AF5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191B5AF5000
|
Size: |
4096
|
|
1B4804CD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B4804CD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B4804CD000
|
Size: |
5779456
|
|
21ED42E9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED42E9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED42E9000
|
Size: |
229376
|
|
223516C1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.00000223516C1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
223516C1000
|
Size: |
12288
|
|
191B8769000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B8769000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B8769000
|
Size: |
229376
|
|
191B5AB0000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1702627889.00000191B5AB0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191B5AB0000
|
Size: |
28672
|
|
7FF7C0EB0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
0000000A.00000002.1890759292.00007FF7C0EB0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0EB0000
|
Size: |
45056
|
|
1B4F44B4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1415596647.000001B4F44B4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F44B4000
|
Size: |
24576
|
|
7FF7C0FF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1897381382.00007FF7C0FF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0FF0000
|
Size: |
4096
|
|
7FF7C0FF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1419959791.00007FF7C0FF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0FF0000
|
Size: |
16384
|
|
1B4F2135000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1411098501.000001B4F2135000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F2135000
|
Size: |
40960
|
|
21EEB7CE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1514049638.0000021EEB7CE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB7CE000
|
Size: |
90112
|
|
7FF7C0E80000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000005.00000002.1518441082.00007FF7C0E80000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0E80000
|
Size: |
24576
|
|
21ED1770000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1442651424.0000021ED1770000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21ED1770000
|
Size: |
16384
|
|
2234F895000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547630574.000002234F895000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2234F895000
|
Size: |
20480
|
|
7FF7C0F30000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1669563717.00007FF7C0F30000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F30000
|
Size: |
65536
|
|
7FF7C0CC0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1665360029.00007FF7C0CC0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CC0000
|
Size: |
40960
|
|
191B8651000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B8651000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B8651000
|
Size: |
389120
|
|
55E3F07000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1440900599.00000055E3F07000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
55E3F07000
|
Size: |
36864
|
|
223681D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1664839378.00000223681D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
223681D0000
|
Size: |
4096
|
|
565C80E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387387409.000000565C80E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
565C80E000
|
Size: |
8192
|
|
17C0000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.2569417204.00000000017C0000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
17C0000
|
Size: |
4096
|
|
2235FB9B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1635372615.000002235FB9B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2235FB9B000
|
Size: |
4096
|
|
1B481E26000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B481E26000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B481E26000
|
Size: |
49152
|
|
22367D93000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1659123298.0000022367D93000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22367D93000
|
Size: |
204800
|
|
565BE3B000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387351398.000000565BE3B000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
565BE3B000
|
Size: |
20480
|
|
7FF7C0D96000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.1665925504.00007FF7C0D96000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0D96000
|
Size: |
86016
|
|
7FF7C0CBD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.1665302178.00007FF7C0CBD000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0CBD000
|
Size: |
12288
|
|
21ED30D0000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000005.00000002.1443892392.0000021ED30D0000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
21ED30D0000
|
Size: |
4096
|
|
7FF7C0FD0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1521782441.00007FF7C0FD0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0FD0000
|
Size: |
16384
|
|
7FF7C0F90000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1419259429.00007FF7C0F90000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F90000
|
Size: |
65536
|
|
191B5AF9000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1702627889.00000191B5AF9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191B5AF9000
|
Size: |
4096
|
|
1B481120000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B481120000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B481120000
|
Size: |
233472
|
|
1B4F2089000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1411098501.000001B4F2089000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F2089000
|
Size: |
12288
|
|
1B480FA1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B480FA1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B480FA1000
|
Size: |
401408
|
|
7FF7C0CDB000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.2612628699.00007FF7C0CDB000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0CDB000
|
Size: |
4096
|
|
191B93B1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B93B1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B93B1000
|
Size: |
12288
|
|
7FF7C1106000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1523313384.00007FF7C1106000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1106000
|
Size: |
16384
|
|
1B4F4390000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1414835744.000001B4F4390000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F4390000
|
Size: |
139264
|
|
7FF7C0CCD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
0000000A.00000002.1887918080.00007FF7C0CCD000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0CCD000
|
Size: |
12288
|
|
7FF7C0CEB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1416890011.00007FF7C0CEB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CEB000
|
Size: |
4096
|
|
1B4811D8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B4811D8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B4811D8000
|
Size: |
835584
|
|
2E5F3F8000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1543944855.0000002E5F3F8000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E5F3F8000
|
Size: |
32768
|
|
1D18E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2610539221.000000001D18E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1D18E000
|
Size: |
8192
|
|
1B480229000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B480229000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B480229000
|
Size: |
2764800
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
34E6CFE000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1698276080.00000034E6CFE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
34E6CFE000
|
Size: |
8192
|
|
7FF7C0F90000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1895643499.00007FF7C0F90000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F90000
|
Size: |
65536
|
|
7FF7C0D96000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000001.00000002.2613034523.00007FF7C0D96000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0D96000
|
Size: |
4096
|
|
1CE8A000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2610108138.000000001CE8A000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1CE8A000
|
Size: |
24576
|
|
2234DD1D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1544668717.000002234DD1D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2234DD1D000
|
Size: |
20480
|
|
2234DD03000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1544668717.000002234DD03000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2234DD03000
|
Size: |
4096
|
|
2234DD01000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1544668717.000002234DD01000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2234DD01000
|
Size: |
4096
|
|
1B481868000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B481868000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B481868000
|
Size: |
143360
|
|
7FF7C0F40000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1893999786.00007FF7C0F40000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F40000
|
Size: |
65536
|
|
21ED499F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED499F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED499F000
|
Size: |
401408
|
|
21ED14D7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1441053311.0000021ED14D7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21ED14D7000
|
Size: |
45056
|
|
13101000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2600396156.0000000013101000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
13101000
|
Size: |
24576
|
|
34E7D4E000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1700309136.00000034E7D4E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
34E7D4E000
|
Size: |
8192
|
|
1B4F43E2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1415004581.000001B4F43E2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F43E2000
|
Size: |
4096
|
|
1BF9E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2602997099.000000001BF9E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1BF9E000
|
Size: |
8192
|
|
7FF7C10D0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1420753107.00007FF7C10D0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C10D0000
|
Size: |
65536
|
|
7FF7C0F50000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1520408637.00007FF7C0F50000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0F50000
|
Size: |
65536
|
|
22350BDE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.0000022350BDE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
22350BDE000
|
Size: |
303104
|
|
2236816E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1664624917.000002236816E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2236816E000
|
Size: |
4096
|
|
1B481950000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B481950000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B481950000
|
Size: |
4759552
|
|
7FF7C1106000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1678522578.00007FF7C1106000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1106000
|
Size: |
16384
|
|
1B48188E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B48188E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B48188E000
|
Size: |
401408
|
|
2235FC82000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1635372615.000002235FC82000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2235FC82000
|
Size: |
360448
|
|
21ED14D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1441053311.0000021ED14D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21ED14D0000
|
Size: |
24576
|
|
2E5EEFE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1543222436.0000002E5EEFE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E5EEFE000
|
Size: |
8192
|
|
1CBAA000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2608987846.000000001CBAA000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1CBAA000
|
Size: |
20480
|
|
191B9391000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B9391000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B9391000
|
Size: |
118784
|
|
22368131000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1663803792.0000022368131000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22368131000
|
Size: |
20480
|
|
565BD3E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387294545.000000565BD3E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
565BD3E000
|
Size: |
8192
|
|
1B4F3E40000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1413506834.000001B4F3E40000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
1B4F3E40000
|
Size: |
4096
|
|
2234F720000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547250484.000002234F720000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2234F720000
|
Size: |
4096
|
|
1B4F44E7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1416198393.000001B4F44E7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F44E7000
|
Size: |
28672
|
|
7FF7C1100000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1421041509.00007FF7C1100000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1100000
|
Size: |
36864
|
|
21EEB7F7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1514049638.0000021EEB7F7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB7F7000
|
Size: |
4096
|
|
7FF7C0CF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1416992658.00007FF7C0CF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CF0000
|
Size: |
4096
|
|
2234DED0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1546955434.000002234DED0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2234DED0000
|
Size: |
8192
|
|
7FF7C0CDD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000002.00000002.1416846724.00007FF7C0CDD000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0CDD000
|
Size: |
12288
|
|
191B74C6000
|
heap
|
page execute and read and write
|
|
|
|
Name: |
0000000A.00000002.1709216762.00000191B74C6000.00000040.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page execute and read and write
|
Base address: |
191B74C6000
|
Size: |
16384
|
|
21EEB7BE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1514049638.0000021EEB7BE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB7BE000
|
Size: |
61440
|
|
22367DC6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1659123298.0000022367DC6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22367DC6000
|
Size: |
167936
|
|
191B5AF7000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1702627889.00000191B5AF7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191B5AF7000
|
Size: |
4096
|
|
21EEB532000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1512849335.0000021EEB532000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB532000
|
Size: |
12288
|
|
1B4F2270000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1412190730.000001B4F2270000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B4F2270000
|
Size: |
16384
|
|
7FF7C0CE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1416890011.00007FF7C0CE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CE0000
|
Size: |
40960
|
|
7FF7C0DD5000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.1666208594.00007FF7C0DD5000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0DD5000
|
Size: |
32768
|
|
2E5EBDE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1543045904.0000002E5EBDE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E5EBDE000
|
Size: |
8192
|
|
7FF7C1030000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1674126657.00007FF7C1030000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1030000
|
Size: |
16384
|
|
155C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2564913843.000000000155C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
155C000
|
Size: |
12288
|
|
7DF4936C0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000008.00000002.1664994309.00007DF4936C0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7DF4936C0000
|
Size: |
4096
|
|
2E6024D000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1544558037.0000002E6024D000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E6024D000
|
Size: |
12288
|
|
7FF7C1120000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1679011050.00007FF7C1120000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1120000
|
Size: |
8192
|
|
7FF7C1010000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1897585808.00007FF7C1010000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1010000
|
Size: |
4096
|
|
21EEB75E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1514049638.0000021EEB75E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB75E000
|
Size: |
348160
|
|
7FF7C0DE0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
0000000A.00000002.1889171052.00007FF7C0DE0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0DE0000
|
Size: |
53248
|
|
7FF7C10A3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1522648089.00007FF7C10A3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C10A3000
|
Size: |
53248
|
|
21EEB874000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1515629413.0000021EEB874000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB874000
|
Size: |
4096
|
|
7FF7C0D86000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1417092918.00007FF7C0D86000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0D86000
|
Size: |
24576
|
|
2234DCC0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1544668717.000002234DCC0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2234DCC0000
|
Size: |
28672
|
|
1B4F450E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1416394858.000001B4F450E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F450E000
|
Size: |
4096
|
|
21EE3141000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1500338058.0000021EE3141000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21EE3141000
|
Size: |
258048
|
|
2E6004C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1544296759.0000002E6004C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2E6004C000
|
Size: |
16384
|
|
34E7FCE000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1701545199.00000034E7FCE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
34E7FCE000
|
Size: |
8192
|
|
1B4F43B3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1415004581.000001B4F43B3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F43B3000
|
Size: |
40960
|
|
191B7585000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709446962.00000191B7585000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191B7585000
|
Size: |
16384
|
|
21EEB630000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1513277705.0000021EEB630000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB630000
|
Size: |
28672
|
|
7FF7C0ED0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1519084750.00007FF7C0ED0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0ED0000
|
Size: |
65536
|
|
21EEB8A3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1516363771.0000021EEB8A3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
21EEB8A3000
|
Size: |
65536
|
|
7FF7C1030000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1522492659.00007FF7C1030000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1030000
|
Size: |
16384
|
|
2236806F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1662298260.000002236806F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2236806F000
|
Size: |
53248
|
|
7FF7C0CCB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1665360029.00007FF7C0CCB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0CCB000
|
Size: |
4096
|
|
7FF7C1140000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1421505507.00007FF7C1140000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1140000
|
Size: |
65536
|
|
7FF7C0D6C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000005.00000002.1517352019.00007FF7C0D6C000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C0D6C000
|
Size: |
61440
|
|
7FF7C10AC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1674473292.00007FF7C10AC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C10AC000
|
Size: |
8192
|
|
21ED1690000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1442444549.0000021ED1690000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED1690000
|
Size: |
4096
|
|
7FF7C0FD0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1672943659.00007FF7C0FD0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0FD0000
|
Size: |
16384
|
|
21ED435E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1444027037.0000021ED435E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED435E000
|
Size: |
360448
|
|
191B73A0000
|
trusted library section
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1708544587.00000191B73A0000.00000004.08000000.00040000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library section
|
Protect: |
page read and write
|
Base address: |
191B73A0000
|
Size: |
4096
|
|
21ED16B0000
|
heap
|
page readonly
|
|
|
|
Name: |
00000005.00000002.1442492817.0000021ED16B0000.00000002.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page readonly
|
Base address: |
21ED16B0000
|
Size: |
4096
|
|
22368153000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1664261825.0000022368153000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22368153000
|
Size: |
20480
|
|
1B481E21000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387545416.000001B481E21000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B481E21000
|
Size: |
12288
|
|
7FF7C0EE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1668145714.00007FF7C0EE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0EE0000
|
Size: |
65536
|
|
223511EF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547742671.00000223511EF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
223511EF000
|
Size: |
4763648
|
|
565BA3E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1387137366.000000565BA3E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
565BA3E000
|
Size: |
8192
|
|
1B490077000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1405545492.000001B490077000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B490077000
|
Size: |
2576384
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
21EE33FE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1500338058.0000021EE33FE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21EE33FE000
|
Size: |
12288
|
|
191CFE24000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1887008132.00000191CFE24000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CFE24000
|
Size: |
57344
|
|
2234F740000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1547316805.000002234F740000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
2234F740000
|
Size: |
65536
|
|
7FF7C10E0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
Name: |
00000005.00000002.1523185664.00007FF7C10E0000.00000040.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page execute and read and write
|
Base address: |
7FF7C10E0000
|
Size: |
4096
|
|
22367D0C000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1657230876.0000022367D0C000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22367D0C000
|
Size: |
212992
|
|
7FF7C10BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1522828008.00007FF7C10BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C10BC000
|
Size: |
16384
|
|
14E1000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2564913843.00000000014E1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
14E1000
|
Size: |
4096
|
|
7FF7C1040000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1420421570.00007FF7C1040000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1040000
|
Size: |
40960
|
|
191B8C2D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1709615986.00000191B8C2D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
191B8C2D000
|
Size: |
933888
|
|
191CFA65000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1875964316.00000191CFA65000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
191CFA65000
|
Size: |
61440
|
|
7FF7C0EE0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1418104233.00007FF7C0EE0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C0EE0000
|
Size: |
65536
|
|
7FF7C1040000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1674265893.00007FF7C1040000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
7FF7C1040000
|
Size: |
36864
|
|
1B4F2220000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1412133451.000001B4F2220000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
1B4F2220000
|
Size: |
4096
|
|
34E6EF7000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000A.00000002.1698592206.00000034E6EF7000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
10
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
34E6EF7000
|
Size: |
36864
|
|
1CBB6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000001.00000002.2608987846.000000001CBB6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
1
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1CBB6000
|
Size: |
65536
|
|
1B4F4509000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1416394858.000001B4F4509000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F4509000
|
Size: |
16384
|
|
21ED2F20000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1442779571.0000021ED2F20000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
21ED2F20000
|
Size: |
4096
|
|
1B4F2315000
|
heap
|
page read and write
|
|
|
|
Name: |
00000002.00000002.1412397535.000001B4F2315000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
2
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1B4F2315000
|
Size: |
40960
|
|