A313000
|
heap
|
page read and write
|
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAYCAYAAADpnJ2CAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAppJREFUeNqsVkFoU0EQnZ/W2haM0R71kIAe4sWKB70ULLSei3oRBI13bXMQD1rSoD3b1LuNIPQiGgQvWjDgxR5EvZiDQnOoRzV80dRqrPOWP5/9m92ftOnAsvt358/beTOzux455Gv6yBx3BdqZFEfqn+dsC54DLM3dO24p2rlkGLRuTiYcyvdcYInDh6xjhw3qCMjeneFuyqY8ePUK7b1wPvweODup5hwyFdjq6KF1Z8nlR9SXzVJzYTGc23hQVnNYc8hSbAx5RzMuwINrn+hb5ihtd40lz7FcaPOQwVI9ZGWcFALbbZQWusnKPadPKQrRMO5CUjprXuDdaFAGTgFtiBmS5N/6lzBLfz9+wol0Lo5SkRNM7ftEXKLoXkmWbvk+/bpzl37euKnGANN1OpWJx96hBJ66gIamr1F/d9TR3zer1Czdpz/cOyQHwDUepM3iHpq+rnYPL7b8H5Eih1EINiMCmr3kPm5JRXOztBhSr0ndetKkXlcVGH5sjI3zj+tM43wA7qtaRJNvrEEHuhJT2LCepTZKD3x4S/7FS9T6WIvUGbwcnr1N/ceyCqjFHiCe8ESvRejtf/6Mvh8/2UZpgjOnwoPIdjZfrIRgIsOzt4LjbEIZ7GNQjPU1nV7YMKTKWGWhNB8J/mo06IiZ0KRvBIaFfomry4ZgeNpJg7SdUZMceFAW4Z7nYHhgciLMWmTl5ssVFTebvjZXZu9y5klT5NbAwPxZ4iJgWId3GKs5ptcUzUZDZ9B5eKPIcRO0ajXVS4lsLD1UJ47oDOYuh6UguuhFxzy8Pct9iCNu1KxHV2110KkzWCb2iRFcmq926aYYZ8Bq7AUcKFR2AaxigsW9afKSQD1Ivqs3TeAlXlulHsCKthcb5L8AAwCehEsTSl88KQAAAABJRU5ErkJggg==) |
|
|
Name: |
00000012.00000002.2656506658.000000000A313000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A313000
|
Size: |
6262784
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Yara detected UAC Bypass using CMSTP |
Exploits |
|
|
A2BC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2656506658.000000000A2BC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A2BC000
|
Size: |
348160
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
4914000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2138761975.0000000004914000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4914000
|
Size: |
679936
|
|
4917000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2144393473.0000000004917000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4917000
|
Size: |
823296
|
|
BB0000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000012.00000002.2651670381.0000000000BB0000.00000002.00000001.01000000.00000008.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
BB0000
|
Size: |
4096
|
|
891000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802482490.0000000000891000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
891000
|
Size: |
180224
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
|
3DF7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2130229402.0000000003DF7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3DF7000
|
Size: |
421888
|
|
13BE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2127876428.00000000013BE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13BE000
|
Size: |
303104
|
|
28CF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1820951001.00000000028CF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
28CF000
|
Size: |
4096
|
|
6F921000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2657722280.000000006F921000.00000004.00000001.01000000.0000000C.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
6F921000
|
Size: |
4096
|
|
4912000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2139995676.0000000004912000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4912000
|
Size: |
708608
|
|
4918000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2138257022.0000000004918000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4918000
|
Size: |
667648
|
|
6FB000
|
heap
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2651433091.00000000006FB000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6FB000
|
Size: |
8192
|
|
6AF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1820759171.00000000006AF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6AF000
|
Size: |
4096
|
|
4918000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2136226168.0000000004918000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4918000
|
Size: |
614400
|
|
293D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1820288431.000000000293D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
293D000
|
Size: |
24576
|
|
6F910000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000012.00000002.2657683484.000000006F910000.00000002.00000001.01000000.0000000C.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
6F910000
|
Size: |
4096
|
|
F04000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000012.00000002.2652276511.0000000000F04000.00000002.00000001.01000000.00000008.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
F04000
|
Size: |
356352
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
4917000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2137186542.0000000004917000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4917000
|
Size: |
643072
|
|
6C402000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2657405704.000000006C402000.00000004.00000001.01000000.0000000D.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
6C402000
|
Size: |
12288
|
|
49C9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2139895645.00000000049C9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49C9000
|
Size: |
700416
|
|
491D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2140244407.000000000491D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
491D000
|
Size: |
712704
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2129111789.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
745472
|
|
7BD000
|
unkown
|
page readonly
|
|
|
|
Name: |
0000000C.00000000.1828273024.00000000007BD000.00000002.00000001.01000000.00000007.sdmp
|
TargetID: |
12
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
7BD000
|
Size: |
151552
|
|
6D5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815310197.00000000006D5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6D5000
|
Size: |
12288
|
|
49BE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2135427067.00000000049BE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49BE000
|
Size: |
593920
|
|
30C000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.1879801727.000000000030C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
30C000
|
Size: |
16384
|
|
29B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1803086371.00000000029B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29B0000
|
Size: |
40960
|
|
82D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1825346911.000000000082D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
82D000
|
Size: |
4096
|
|
29FC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000003.1814619883.00000000029FC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29FC000
|
Size: |
16384
|
|
3E91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2131679509.0000000003E91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E91000
|
Size: |
483328
|
|
2736000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000012.00000002.2652466553.0000000002736000.00000002.00000001.01000000.0000000A.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
2736000
|
Size: |
274432
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
URLs found in memory or binary data |
Networking |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
49BA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2134802151.00000000049BA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49BA000
|
Size: |
577536
|
|
4911000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2139195911.0000000004911000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4911000
|
Size: |
684032
|
|
3AE2000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.1832640659.0000000003AE2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3AE2000
|
Size: |
4096
|
|
4918000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2144212049.0000000004918000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4918000
|
Size: |
819200
|
|
300C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1803179783.000000000300C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
300C000
|
Size: |
16384
|
|
803000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000003.1824747118.0000000000803000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
803000
|
Size: |
53248
|
|
5E78000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1825631330.0000000005E78000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5E78000
|
Size: |
40960
|
|
4FB000
|
stack
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2651154747.00000000004FB000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
4FB000
|
Size: |
20480
|
|
4910000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2135726793.0000000004910000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4910000
|
Size: |
598016
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2128097400.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
319488
|
|
49B2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2135798305.00000000049B2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49B2000
|
Size: |
606208
|
|
470E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815762494.000000000470E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
470E000
|
Size: |
8192
|
|
13BE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2128674307.00000000013BE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13BE000
|
Size: |
344064
|
|
6F1C1000
|
unkown
|
page execute read
|
|
|
|
Name: |
00000012.00000002.2657607721.000000006F1C1000.00000020.00000001.01000000.0000000B.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page execute read
|
Base address: |
6F1C1000
|
Size: |
401408
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2128353428.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
335872
|
|
400000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000002.1801770218.0000000000400000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
400000
|
Size: |
4096
|
|
2934000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1820439197.0000000002934000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2934000
|
Size: |
12288
|
|
4916000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2133526551.0000000004916000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4916000
|
Size: |
540672
|
|
3AE2000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.1832604674.0000000003AE2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3AE2000
|
Size: |
4096
|
|
491C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2140988536.000000000491C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
491C000
|
Size: |
733184
|
|
4912000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2135315309.0000000004912000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4912000
|
Size: |
589824
|
|
4911000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2139736940.0000000004911000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4911000
|
Size: |
700416
|
|
4914000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2141205200.0000000004914000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4914000
|
Size: |
737280
|
|
866000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802482490.0000000000866000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
866000
|
Size: |
49152
|
|
6CE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815289050.00000000006CE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6CE000
|
Size: |
8192
|
|
49AB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2133810324.00000000049AB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49AB000
|
Size: |
552960
|
|
4910000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2143929013.0000000004910000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4910000
|
Size: |
806912
|
|
49BF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2134983349.00000000049BF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49BF000
|
Size: |
585728
|
|
4916000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2135534417.0000000004916000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4916000
|
Size: |
593920
|
|
6C221000
|
unkown
|
page execute read
|
|
|
|
Name: |
00000012.00000002.2657118461.000000006C221000.00000020.00000001.01000000.0000000D.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page execute read
|
Base address: |
6C221000
|
Size: |
1609728
|
|
290E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1820222686.000000000290E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
290E000
|
Size: |
106496
|
|
49F5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2145054735.00000000049F5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49F5000
|
Size: |
839680
|
|
6F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2651433091.00000000006F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6F0000
|
Size: |
36864
|
|
2929000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1820394955.0000000002929000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2929000
|
Size: |
77824
|
|
4A45000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2134355286.0000000004A45000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4A45000
|
Size: |
569344
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2128599872.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
344064
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2131726093.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
487424
|
|
6C40D000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2657457964.000000006C40D000.00000004.00000001.01000000.0000000D.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
6C40D000
|
Size: |
20480
|
|
478E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815802119.000000000478E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
478E000
|
Size: |
8192
|
|
4914000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2133690451.0000000004914000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4914000
|
Size: |
544768
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2130502938.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
434176
|
|
4A3E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2133062407.0000000004A3E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4A3E000
|
Size: |
532480
|
|
7FF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000003.1824747118.00000000007FF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7FF000
|
Size: |
4096
|
|
EDF000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000012.00000002.2652248693.0000000000EDF000.00000002.00000001.01000000.00000008.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
EDF000
|
Size: |
143360
|
|
6C40B000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2657442286.000000006C40B000.00000004.00000001.01000000.0000000D.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
6C40B000
|
Size: |
4096
|
|
866000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1800014680.0000000000866000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
866000
|
Size: |
49152
|
|
3DEB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2129186345.0000000003DEB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3DEB000
|
Size: |
376832
|
|
2C10000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.1880000453.0000000002C10000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2C10000
|
Size: |
20480
|
|
740000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1820800793.0000000000740000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
740000
|
Size: |
20480
|
|
3E91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2128967868.0000000003E91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E91000
|
Size: |
360448
|
|
295E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815505630.000000000295E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
295E000
|
Size: |
8192
|
|
280F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815361566.000000000280F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
280F000
|
Size: |
4096
|
|
3FF000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.1879864935.00000000003FF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
3FF000
|
Size: |
4096
|
|
370000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.1879824866.0000000000370000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
370000
|
Size: |
4096
|
|
49C1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2137944734.00000000049C1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49C1000
|
Size: |
659456
|
|
29E9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000003.1814866802.00000000029E9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29E9000
|
Size: |
69632
|
|
4917000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2136074121.0000000004917000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4917000
|
Size: |
610304
|
|
3E91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2131870946.0000000003E91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E91000
|
Size: |
487424
|
|
49C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2140080372.00000000049C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49C0000
|
Size: |
708608
|
|
3E91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2130560723.0000000003E91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E91000
|
Size: |
434176
|
|
2375000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802915062.0000000002375000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2375000
|
Size: |
16384
|
|
7F1000
|
unkown
|
page write copy
|
|
|
|
Name: |
0000000C.00000000.1828320986.00000000007F1000.00000008.00000001.01000000.00000007.sdmp
|
TargetID: |
12
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page write copy
|
Base address: |
7F1000
|
Size: |
4096
|
|
BB1000
|
unkown
|
page execute read
|
|
|
|
Name: |
00000012.00000000.2638056098.0000000000BB1000.00000020.00000001.01000000.00000008.sdmp
|
TargetID: |
18
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page execute read
|
Base address: |
BB1000
|
Size: |
2678784
|
|
ED0000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2652208042.0000000000ED0000.00000004.00000001.01000000.00000008.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
ED0000
|
Size: |
4096
|
|
434000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1801955445.0000000000434000.00000004.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
434000
|
Size: |
40960
|
|
BB0000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000012.00000000.2638031457.0000000000BB0000.00000002.00000001.01000000.00000008.sdmp
|
TargetID: |
18
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
BB0000
|
Size: |
4096
|
|
49F4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2144481147.00000000049F4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49F4000
|
Size: |
823296
|
|
918000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.1879963577.0000000000918000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
918000
|
Size: |
45056
|
|
71E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1820778846.000000000071E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
71E000
|
Size: |
8192
|
|
13BE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2127964184.00000000013BE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13BE000
|
Size: |
307200
|
|
401000
|
unkown
|
page execute read
|
|
|
|
Name: |
00000000.00000002.1801822634.0000000000401000.00000020.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page execute read
|
Base address: |
401000
|
Size: |
32768
|
|
4AAF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2141635951.0000000004AAF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4AAF000
|
Size: |
753664
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2127236562.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
266240
|
|
491A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2144937215.000000000491A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
491A000
|
Size: |
839680
|
|
372D000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.1829289893.000000000372D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
372D000
|
Size: |
532480
|
|
6D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1825130511.00000000006D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6D0000
|
Size: |
20480
|
|
2786000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2652553830.0000000002786000.00000004.00000001.01000000.0000000A.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
2786000
|
Size: |
12288
|
|
2BAF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1803104533.0000000002BAF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2BAF000
|
Size: |
4096
|
|
287E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815405248.000000000287E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
287E000
|
Size: |
8192
|
|
811000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000003.1824747118.0000000000811000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
811000
|
Size: |
8192
|
|
510000
|
heap
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2651189786.0000000000510000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
510000
|
Size: |
4096
|
|
491E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2140578206.000000000491E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
491E000
|
Size: |
720896
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2129323664.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
761856
|
|
49E3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2143092571.00000000049E3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49E3000
|
Size: |
790528
|
|
AA3D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2656882658.000000000AA3D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
AA3D000
|
Size: |
458752
|
|
7E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1825186004.00000000007E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7E0000
|
Size: |
24576
|
|
9E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1825450128.00000000009E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
9E0000
|
Size: |
4096
|
|
491A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2140788334.000000000491A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
491A000
|
Size: |
729088
|
|
A07000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1825501225.0000000000A07000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A07000
|
Size: |
8192
|
|
2560000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1803017676.0000000002560000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2560000
|
Size: |
8192
|
|
6CE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1825095503.00000000006CE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
6CE000
|
Size: |
8192
|
|
247E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802982522.000000000247E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
247E000
|
Size: |
8192
|
|
74F000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.1879903390.000000000074F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
74F000
|
Size: |
4096
|
|
49CD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2138180656.00000000049CD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49CD000
|
Size: |
663552
|
|
49EC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2143837497.00000000049EC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49EC000
|
Size: |
806912
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2127917463.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
307200
|
|
49DC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2140325855.00000000049DC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49DC000
|
Size: |
716800
|
|
4911000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2142828964.0000000004911000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4911000
|
Size: |
782336
|
|
49C9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2139517248.00000000049C9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49C9000
|
Size: |
696320
|
|
4A87000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2139622892.0000000004A87000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4A87000
|
Size: |
696320
|
|
862000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1800014680.0000000000862000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
862000
|
Size: |
12288
|
|
510000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802243355.0000000000510000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
510000
|
Size: |
4096
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2127324198.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
270336
|
|
29FC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815718128.00000000029FC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29FC000
|
Size: |
12288
|
|
63E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802284167.000000000063E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
63E000
|
Size: |
8192
|
|
409000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000002.1801873958.0000000000409000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
409000
|
Size: |
12288
|
|
95E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1825394155.000000000095E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
95E000
|
Size: |
8192
|
|
284F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1820901026.000000000284F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
284F000
|
Size: |
4096
|
|
49E7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2144026480.00000000049E7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49E7000
|
Size: |
815104
|
|
4917000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2138502945.0000000004917000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4917000
|
Size: |
675840
|
|
88D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1800014680.000000000088D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
88D000
|
Size: |
12288
|
|
49ED000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2145315117.00000000049ED000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49ED000
|
Size: |
843776
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2128270423.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
327680
|
|
4917000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2136633762.0000000004917000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4917000
|
Size: |
630784
|
|
3E91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2130919323.0000000003E91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E91000
|
Size: |
450560
|
|
49DD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2141567732.00000000049DD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49DD000
|
Size: |
749568
|
|
13BE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2128222839.00000000013BE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13BE000
|
Size: |
323584
|
|
5F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802264830.00000000005F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5F0000
|
Size: |
8192
|
|
660000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1820707479.0000000000660000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
660000
|
Size: |
16384
|
|
2938000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1821290762.0000000002938000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2938000
|
Size: |
16384
|
|
13BE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2128551760.00000000013BE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13BE000
|
Size: |
339968
|
|
2D30000
|
heap
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2652996147.0000000002D30000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2D30000
|
Size: |
53248
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2128512796.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
339968
|
|
2912000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1821208301.0000000002912000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2912000
|
Size: |
90112
|
|
5F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2651238850.00000000005F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5F0000
|
Size: |
4096
|
|
49BC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2136295425.00000000049BC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49BC000
|
Size: |
622592
|
|
29B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815570981.00000000029B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29B0000
|
Size: |
28672
|
|
4916000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2133360237.0000000004916000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4916000
|
Size: |
536576
|
|
401000
|
unkown
|
page execute read
|
|
|
|
Name: |
00000000.00000000.1788399716.0000000000401000.00000020.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page execute read
|
Base address: |
401000
|
Size: |
32768
|
|
3DEF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2129568261.0000000003DEF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3DEF000
|
Size: |
393216
|
|
29CE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000003.1814619883.00000000029CE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29CE000
|
Size: |
106496
|
|
21FE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802793320.00000000021FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
21FE000
|
Size: |
8192
|
|
5E70000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1825631330.0000000005E70000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
5E70000
|
Size: |
24576
|
|
3E91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2129068370.0000000003E91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E91000
|
Size: |
364544
|
|
BB1000
|
unkown
|
page execute read
|
|
|
|
Name: |
00000012.00000002.2651686621.0000000000BB1000.00000020.00000001.01000000.00000008.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page execute read
|
Base address: |
BB1000
|
Size: |
2678784
|
|
29B8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815570981.00000000029B8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29B8000
|
Size: |
69632
|
|
9F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1825474983.00000000009F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
9F0000
|
Size: |
4096
|
|
13BE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2128474027.00000000013BE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13BE000
|
Size: |
335872
|
|
13BE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2127537333.00000000013BE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13BE000
|
Size: |
282624
|
|
5BE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1820549069.00000000005BE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5BE000
|
Size: |
8192
|
|
2935000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1821270117.0000000002935000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2935000
|
Size: |
8192
|
|
4913000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2143209931.0000000004913000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4913000
|
Size: |
790528
|
|
4910000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2134174334.0000000004910000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4910000
|
Size: |
561152
|
|
49E6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2143676543.00000000049E6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49E6000
|
Size: |
802816
|
|
491E000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2140411106.000000000491E000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
491E000
|
Size: |
716800
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2131539514.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
962560
|
|
49DD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2141309953.00000000049DD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49DD000
|
Size: |
745472
|
|
32C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.1830273130.00000000032C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
32C0000
|
Size: |
172032
|
|
873000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802482490.0000000000873000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
873000
|
Size: |
45056
|
|
8EE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2651627922.00000000008EE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
8EE000
|
Size: |
8192
|
|
3E00000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2131039743.0000000003E00000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E00000
|
Size: |
462848
|
|
2571000
|
unkown
|
page execute read
|
|
|
|
Name: |
00000012.00000002.2652332837.0000000002571000.00000020.00000001.01000000.0000000A.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page execute read
|
Base address: |
2571000
|
Size: |
1855488
|
|
4ADF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2145949276.0000000004ADF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4ADF000
|
Size: |
720896
|
|
10001000
|
unkown
|
page execute read
|
|
|
|
Name: |
00000012.00000002.2657055455.0000000010001000.00000020.00000001.01000000.00000009.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page execute read
|
Base address: |
10001000
|
Size: |
4096
|
|
22A0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802852706.00000000022A0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22A0000
|
Size: |
8192
|
|
49C6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2136750679.00000000049C6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49C6000
|
Size: |
630784
|
|
98000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1800991387.0000000000098000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
98000
|
Size: |
32768
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2129501214.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
778240
|
|
4916000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2135094035.0000000004916000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4916000
|
Size: |
585728
|
|
77F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802378987.000000000077F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
77F000
|
Size: |
4096
|
|
49A3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2133449242.00000000049A3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49A3000
|
Size: |
540672
|
|
29E9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000003.1814619883.00000000029E9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29E9000
|
Size: |
69632
|
|
4A4C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2133914841.0000000004A4C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4A4C000
|
Size: |
552960
|
|
1E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2651089166.00000000001E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1E0000
|
Size: |
16384
|
|
722000
|
heap
|
page read and write
|
|
|
|
Name: |
00000012.00000003.2639380681.0000000000722000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
722000
|
Size: |
139264
|
|
82E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802482490.000000000082E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
82E000
|
Size: |
172032
|
|
3E91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2130282379.0000000003E91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E91000
|
Size: |
425984
|
|
3AE2000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.1832055920.0000000003AE2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3AE2000
|
Size: |
4096
|
|
2F14000
|
heap
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2653045897.0000000002F14000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2F14000
|
Size: |
1187840
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
70E000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.1879884533.000000000070E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
70E000
|
Size: |
8192
|
|
3DFC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2130674347.0000000003DFC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3DFC000
|
Size: |
446464
|
|
49C9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2139299705.00000000049C9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49C9000
|
Size: |
692224
|
|
49AF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2132962188.00000000049AF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49AF000
|
Size: |
524288
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2129994123.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
827392
|
|
22D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802872735.00000000022D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22D0000
|
Size: |
4096
|
|
A1F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802742010.0000000000A1F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
A1F000
|
Size: |
4096
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2131924761.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
991232
|
|
3DC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815199347.00000000003DC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
3DC000
|
Size: |
16384
|
|
63E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2651322108.000000000063E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
63E000
|
Size: |
8192
|
|
29ED000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815697640.00000000029ED000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29ED000
|
Size: |
32768
|
|
4AA6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2142554047.0000000004AA6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4AA6000
|
Size: |
778240
|
|
13BE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2128871920.00000000013BE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13BE000
|
Size: |
356352
|
|
3E91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2129942164.0000000003E91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E91000
|
Size: |
409600
|
|
7F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000003.1824890712.00000000007F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7F3000
|
Size: |
12288
|
|
491B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2132865089.000000000491B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
491B000
|
Size: |
524288
|
|
4914000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2136369802.0000000004914000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4914000
|
Size: |
622592
|
|
4912000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2138036945.0000000004912000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4912000
|
Size: |
663552
|
|
49C9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2138385846.00000000049C9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49C9000
|
Size: |
667648
|
|
13BE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2127278675.00000000013BE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13BE000
|
Size: |
352256
|
|
63C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1824991671.000000000063C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
63C000
|
Size: |
16384
|
|
4913000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2139404550.0000000004913000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4913000
|
Size: |
692224
|
|
49DF000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2140670430.00000000049DF000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49DF000
|
Size: |
729088
|
|
675000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802312936.0000000000675000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
675000
|
Size: |
16384
|
|
299F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815526716.000000000299F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
299F000
|
Size: |
4096
|
|
29FC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000003.1814866802.00000000029FC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29FC000
|
Size: |
12288
|
|
91E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1825371278.000000000091E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
91E000
|
Size: |
8192
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2132515682.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
1024000
|
|
3E91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2130734019.0000000003E91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E91000
|
Size: |
446464
|
|
19A000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1801679113.000000000019A000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
19A000
|
Size: |
24576
|
|
748000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1820800793.0000000000748000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
748000
|
Size: |
12288
|
|
3DF4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2130061496.0000000003DF4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3DF4000
|
Size: |
421888
|
|
49C8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2138610181.00000000049C8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49C8000
|
Size: |
675840
|
|
C84000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1825584381.0000000000C84000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
C84000
|
Size: |
8192
|
|
491B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2134427103.000000000491B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
491B000
|
Size: |
569344
|
|
6F226000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000012.00000002.2657666640.000000006F226000.00000002.00000001.01000000.0000000B.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
6F226000
|
Size: |
28672
|
|
3E91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2131290296.0000000003E91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E91000
|
Size: |
466944
|
|
22E0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802897811.00000000022E0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
22E0000
|
Size: |
4096
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2127646490.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
290816
|
|
47CF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815822141.00000000047CF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
47CF000
|
Size: |
4096
|
|
879000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1790594779.0000000000879000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
879000
|
Size: |
114688
|
|
891000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1800014680.0000000000891000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
891000
|
Size: |
180224
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Sample file is different than original file name gathered from version info |
System Summary |
|
|
13BE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2127611157.00000000013BE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13BE000
|
Size: |
286720
|
|
ECF000
|
unkown
|
page write copy
|
|
|
|
Name: |
00000012.00000000.2638503993.0000000000ECF000.00000008.00000001.01000000.00000008.sdmp
|
TargetID: |
18
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page write copy
|
Base address: |
ECF000
|
Size: |
36864
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2127740380.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
294912
|
|
3DF8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2130402195.0000000003DF8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3DF8000
|
Size: |
434176
|
|
3AE2000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.1832291471.0000000003AE2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3AE2000
|
Size: |
4096
|
|
4910000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2141719191.0000000004910000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4910000
|
Size: |
753664
|
|
3E91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2130116337.0000000003E91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E91000
|
Size: |
413696
|
|
2ECE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1803128784.0000000002ECE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2ECE000
|
Size: |
8192
|
|
721000
|
unkown
|
page execute read
|
|
|
|
Name: |
0000000C.00000000.1828219387.0000000000721000.00000020.00000001.01000000.00000007.sdmp
|
TargetID: |
12
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page execute read
|
Base address: |
721000
|
Size: |
638976
|
|
6F922000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000012.00000002.2657737485.000000006F922000.00000002.00000001.01000000.0000000C.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
6F922000
|
Size: |
12288
|
|
49BB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2136155825.00000000049BB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49BB000
|
Size: |
614400
|
|
63C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815236462.000000000063C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
63C000
|
Size: |
16384
|
|
7F5000
|
unkown
|
page readonly
|
|
|
|
Name: |
0000000C.00000000.1828353568.00000000007F5000.00000002.00000001.01000000.00000007.sdmp
|
TargetID: |
12
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
7F5000
|
Size: |
90112
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2929000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1820222686.0000000002929000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2929000
|
Size: |
77824
|
|
4A67000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2136561012.0000000004A67000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4A67000
|
Size: |
626688
|
|
29FC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000003.1815030199.00000000029FC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29FC000
|
Size: |
12288
|
|
6F911000
|
unkown
|
page execute read
|
|
|
|
Name: |
00000012.00000002.2657701771.000000006F911000.00000020.00000001.01000000.0000000C.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page execute read
|
Base address: |
6F911000
|
Size: |
65536
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2129668574.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
794624
|
|
63E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1820626071.000000000063E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
63E000
|
Size: |
8192
|
|
49A6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2133608385.00000000049A6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49A6000
|
Size: |
544768
|
|
409000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000000.1788460957.0000000000409000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
409000
|
Size: |
12288
|
|
49F3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2145832066.00000000049F3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49F3000
|
Size: |
856064
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2129010168.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
364544
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2132161324.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
1007616
|
|
4915000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2137867661.0000000004915000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4915000
|
Size: |
659456
|
|
7ED000
|
unkown
|
page write copy
|
|
|
|
Name: |
0000000C.00000000.1828320986.00000000007ED000.00000008.00000001.01000000.00000007.sdmp
|
TargetID: |
12
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page write copy
|
Base address: |
7ED000
|
Size: |
4096
|
|
7C0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802427180.00000000007C0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7C0000
|
Size: |
4096
|
|
3E09000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2132037353.0000000003E09000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E09000
|
Size: |
499712
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2130968253.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
917504
|
|
3037000
|
heap
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2653045897.0000000003037000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3037000
|
Size: |
512000
|
|
3DA000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1824964752.00000000003DA000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
3DA000
|
Size: |
24576
|
|
49BB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2133259378.00000000049BB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49BB000
|
Size: |
536576
|
|
3E04000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2131417102.0000000003E04000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E04000
|
Size: |
479232
|
|
474F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815782384.000000000474F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
474F000
|
Size: |
4096
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2130334972.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
856064
|
|
42C000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1801955445.000000000042C000.00000004.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
42C000
|
Size: |
4096
|
|
2918000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815459528.0000000002918000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2918000
|
Size: |
8192
|
|
3E91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2132100434.0000000003E91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E91000
|
Size: |
499712
|
|
680000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815261395.0000000000680000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
680000
|
Size: |
4096
|
|
32C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.1830465272.00000000032C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
32C0000
|
Size: |
172032
|
|
500000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000002.1802217767.0000000000500000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
500000
|
Size: |
65536
|
|
49FE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2144300976.00000000049FE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49FE000
|
Size: |
819200
|
|
49EA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2142917071.00000000049EA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49EA000
|
Size: |
786432
|
|
ECF000
|
unkown
|
page write copy
|
|
|
|
Name: |
00000012.00000002.2652187938.0000000000ECF000.00000008.00000001.01000000.00000008.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page write copy
|
Base address: |
ECF000
|
Size: |
4096
|
|
47D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815842599.00000000047D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
47D0000
|
Size: |
4096
|
|
3E0A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2132281355.0000000003E0A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E0A000
|
Size: |
512000
|
|
3E91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2129461554.0000000003E91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E91000
|
Size: |
380928
|
|
85F000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1800014680.000000000085F000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
85F000
|
Size: |
4096
|
|
3AE1000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.1830207214.0000000003AE1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3AE1000
|
Size: |
65536
|
|
32C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.1831329008.00000000032C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
32C0000
|
Size: |
172032
|
|
763000
|
heap
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2651433091.0000000000763000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
763000
|
Size: |
81920
|
|
670000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802312936.0000000000670000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
670000
|
Size: |
16384
|
|
3E05000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2131614108.0000000003E05000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E05000
|
Size: |
487424
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2130790572.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
901120
|
|
2FCF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1803153153.0000000002FCF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2FCF000
|
Size: |
4096
|
|
2854000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000012.00000002.2652590651.0000000002854000.00000002.00000001.01000000.0000000A.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
2854000
|
Size: |
4481024
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
29EC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000003.1814949632.00000000029EC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29EC000
|
Size: |
57344
|
|
812000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000003.1822648162.0000000000812000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
812000
|
Size: |
114688
|
|
803000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1825260990.0000000000803000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
803000
|
Size: |
53248
|
|
49C0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2138969754.00000000049C0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49C0000
|
Size: |
679936
|
|
49CB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2137779237.00000000049CB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49CB000
|
Size: |
655360
|
|
47F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815861467.00000000047F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
47F0000
|
Size: |
4096
|
|
4500000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1803229902.0000000004500000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4500000
|
Size: |
4096
|
|
2E00000
|
heap
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2653014257.0000000002E00000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E00000
|
Size: |
4096
|
|
29AF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1803064971.00000000029AF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
29AF000
|
Size: |
4096
|
|
13BE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2127441179.00000000013BE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13BE000
|
Size: |
274432
|
|
40C000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1801955445.000000000040C000.00000004.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
40C000
|
Size: |
4096
|
|
7E8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1825186004.00000000007E8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7E8000
|
Size: |
32768
|
|
3AE2000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.1832475529.0000000003AE2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3AE2000
|
Size: |
4096
|
|
AAAE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2656882658.000000000AAAE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
AAAE000
|
Size: |
24576
|
|
3AE2000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.1832387636.0000000003AE2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3AE2000
|
Size: |
4096
|
|
910000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.1879963577.0000000000910000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
910000
|
Size: |
24576
|
|
9F4000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.1831952985.00000000009F4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
9F4000
|
Size: |
4096
|
|
4ACC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2145483782.0000000004ACC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4ACC000
|
Size: |
851968
|
|
13BE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2128059846.00000000013BE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13BE000
|
Size: |
315392
|
|
13BE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2128764296.00000000013BE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13BE000
|
Size: |
352256
|
|
500000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000000.1788582733.0000000000500000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
500000
|
Size: |
65536
|
|
3E01000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2131230203.0000000003E01000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E01000
|
Size: |
475136
|
|
7E3000
|
unkown
|
page readonly
|
|
|
|
Name: |
0000000C.00000000.1828273024.00000000007E3000.00000002.00000001.01000000.00000007.sdmp
|
TargetID: |
12
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
7E3000
|
Size: |
40960
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
|
A910000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2656882658.000000000A910000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
A910000
|
Size: |
1196032
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
237B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802915062.000000000237B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
237B000
|
Size: |
12288
|
|
4912000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2145686278.0000000004912000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4912000
|
Size: |
851968
|
|
3328000
|
heap
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2653220397.0000000003328000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3328000
|
Size: |
4096
|
|
3AE2000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.1832543135.0000000003AE2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3AE2000
|
Size: |
4096
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2128726133.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
352256
|
|
420000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1801955445.0000000000420000.00000004.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
420000
|
Size: |
36864
|
|
28BF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815433519.00000000028BF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
28BF000
|
Size: |
4096
|
|
29F6000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815718128.00000000029F6000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29F6000
|
Size: |
16384
|
|
49B5000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2135974513.00000000049B5000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49B5000
|
Size: |
610304
|
|
6C405000
|
unkown
|
page write copy
|
|
|
|
Name: |
00000012.00000002.2657425759.000000006C405000.00000008.00000001.01000000.0000000D.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page write copy
|
Base address: |
6C405000
|
Size: |
24576
|
|
6C220000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000012.00000002.2657103769.000000006C220000.00000002.00000001.01000000.0000000D.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
6C220000
|
Size: |
4096
|
|
1414000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2132597746.0000000001414000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1414000
|
Size: |
4096
|
|
10002000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000012.00000002.2657071877.0000000010002000.00000002.00000001.01000000.00000009.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
10002000
|
Size: |
4096
|
|
ED1000
|
unkown
|
page write copy
|
|
|
|
Name: |
00000012.00000002.2652228432.0000000000ED1000.00000008.00000001.01000000.00000008.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page write copy
|
Base address: |
ED1000
|
Size: |
28672
|
|
2E11000
|
heap
|
page read and write
|
|
|
|
Name: |
00000012.00000003.2642646873.0000000002E11000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E11000
|
Size: |
200704
|
|
4915000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2135899701.0000000004915000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4915000
|
Size: |
606208
|
|
49DB000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2140496971.00000000049DB000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49DB000
|
Size: |
720896
|
|
4913000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2142221141.0000000004913000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4913000
|
Size: |
770048
|
|
6C414000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000012.00000002.2657480750.000000006C414000.00000002.00000001.01000000.0000000D.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
6C414000
|
Size: |
1363968
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
URLs found in memory or binary data |
Networking |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
750000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.1879921685.0000000000750000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
750000
|
Size: |
4096
|
|
491B000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2141976330.000000000491B000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
491B000
|
Size: |
765952
|
|
4AAA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2141393459.0000000004AAA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4AAA000
|
Size: |
745472
|
|
49D8000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2142388702.00000000049D8000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49D8000
|
Size: |
770048
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2128014589.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
311296
|
|
A00000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1825501225.0000000000A00000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A00000
|
Size: |
8192
|
|
3E91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2129783543.0000000003E91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E91000
|
Size: |
397312
|
|
4A0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1820525547.00000000004A0000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4A0000
|
Size: |
4096
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2127402253.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
274432
|
|
280E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1820876523.000000000280E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
280E000
|
Size: |
8192
|
|
2779000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2652498652.0000000002779000.00000004.00000001.01000000.0000000A.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
2779000
|
Size: |
20480
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
URLs found in memory or binary data |
Networking |
|
|
2CC000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.1879768416.00000000002CC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
2CC000
|
Size: |
16384
|
|
278E000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000012.00000002.2652571718.000000000278E000.00000002.00000001.01000000.0000000A.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
278E000
|
Size: |
4096
|
|
815000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000003.1824390533.0000000000815000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
815000
|
Size: |
8192
|
|
491F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2133179020.000000000491F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
491F000
|
Size: |
532480
|
|
67E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2651357156.000000000067E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
67E000
|
Size: |
8192
|
|
2929000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1821247625.0000000002929000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2929000
|
Size: |
45056
|
|
2E10000
|
heap
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2653029420.0000000002E10000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2E10000
|
Size: |
4096
|
|
4A7A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2139093274.0000000004A7A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4A7A000
|
Size: |
684032
|
|
800000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000003.1824390533.0000000000800000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
800000
|
Size: |
65536
|
|
4918000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2136864873.0000000004918000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4918000
|
Size: |
638976
|
|
666000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1820707479.0000000000666000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
666000
|
Size: |
8192
|
|
AA39000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2656882658.000000000AA39000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
AA39000
|
Size: |
4096
|
|
13BE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2128314859.00000000013BE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13BE000
|
Size: |
327680
|
|
81E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802456034.000000000081E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
81E000
|
Size: |
8192
|
|
2792000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000012.00000002.2652590651.0000000002792000.00000002.00000001.01000000.0000000A.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
2792000
|
Size: |
745472
|
|
13BE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2127360278.00000000013BE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13BE000
|
Size: |
270336
|
|
10000000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000012.00000002.2657039886.0000000010000000.00000002.00000001.01000000.00000009.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
10000000
|
Size: |
4096
|
|
40C000
|
unkown
|
page write copy
|
|
|
|
Name: |
00000000.00000000.1788540947.000000000040C000.00000008.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page write copy
|
Base address: |
40C000
|
Size: |
4096
|
|
49B7000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2136478823.00000000049B7000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49B7000
|
Size: |
626688
|
|
4916000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2134876642.0000000004916000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4916000
|
Size: |
577536
|
|
3E91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2131481329.0000000003E91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E91000
|
Size: |
479232
|
|
49E6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2142065519.00000000049E6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49E6000
|
Size: |
765952
|
|
6F1C0000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000012.00000002.2657592291.000000006F1C0000.00000002.00000001.01000000.0000000B.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
6F1C0000
|
Size: |
4096
|
|
49E6000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2143302635.00000000049E6000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49E6000
|
Size: |
798720
|
|
6C3AA000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000012.00000002.2657322505.000000006C3AA000.00000002.00000001.01000000.0000000D.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
6C3AA000
|
Size: |
360448
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
49AC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2134242617.00000000049AC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49AC000
|
Size: |
561152
|
|
815000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000003.1824704623.0000000000815000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
815000
|
Size: |
8192
|
|
2910000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815459528.0000000002910000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2910000
|
Size: |
20480
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2128921297.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
360448
|
|
491F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2144742620.000000000491F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
491F000
|
Size: |
835584
|
|
277F000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2652517696.000000000277F000.00000004.00000001.01000000.0000000A.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
277F000
|
Size: |
4096
|
|
82A000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802482490.000000000082A000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
82A000
|
Size: |
8192
|
|
4916000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2142640160.0000000004916000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4916000
|
Size: |
778240
|
|
3AE2000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.1832418631.0000000003AE2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3AE2000
|
Size: |
4096
|
|
3E91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2130458358.0000000003E91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E91000
|
Size: |
430080
|
|
3AE2000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.1832175218.0000000003AE2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3AE2000
|
Size: |
4096
|
|
288E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1820920886.000000000288E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
288E000
|
Size: |
8192
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2130603356.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
884736
|
|
4913000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2143765434.0000000004913000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4913000
|
Size: |
802816
|
|
4916000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2137678459.0000000004916000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4916000
|
Size: |
655360
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2127572662.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
286720
|
|
43C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1820505038.000000000043C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
43C000
|
Size: |
16384
|
|
2564000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1803017676.0000000002564000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2564000
|
Size: |
8192
|
|
E3F000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000012.00000002.2652116117.0000000000E3F000.00000002.00000001.01000000.00000008.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
E3F000
|
Size: |
589824
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
19B000
|
stack
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2651005986.000000000019B000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
19B000
|
Size: |
20480
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2128803009.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
356352
|
|
49BE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2134566953.00000000049BE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49BE000
|
Size: |
573440
|
|
7B0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1825155404.00000000007B0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7B0000
|
Size: |
4096
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2131340298.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
950272
|
|
99E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1825426176.000000000099E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
99E000
|
Size: |
8192
|
|
491C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2134691089.000000000491C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
491C000
|
Size: |
573440
|
|
29E9000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815674762.00000000029E9000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29E9000
|
Size: |
12288
|
|
28F8000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1821114556.00000000028F8000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28F8000
|
Size: |
73728
|
|
C80000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1825584381.0000000000C80000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
C80000
|
Size: |
8192
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2129824398.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
811008
|
|
10003000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2657087340.0000000010003000.00000004.00000001.01000000.00000009.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
10003000
|
Size: |
4096
|
|
640000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1820668691.0000000000640000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
640000
|
Size: |
4096
|
|
9CF7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2656169214.0000000009CF7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
9CF7000
|
Size: |
5992448
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2132798215.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
516096
|
|
2370000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802915062.0000000002370000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2370000
|
Size: |
12288
|
|
310C000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1803205161.000000000310C000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
310C000
|
Size: |
16384
|
|
2929000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1820346245.0000000002929000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2929000
|
Size: |
77824
|
|
680000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1825031896.0000000000680000.00000004.00000020.00040000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
680000
|
Size: |
4096
|
|
3AE2000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.1832689766.0000000003AE2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3AE2000
|
Size: |
4096
|
|
3DEC000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2129406643.0000000003DEC000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3DEC000
|
Size: |
389120
|
|
3F0D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2132704932.0000000003F0D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3F0D000
|
Size: |
516096
|
|
9725000
|
heap
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2655821413.0000000009725000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
9725000
|
Size: |
6017024
|
|
49BD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2135607381.00000000049BD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49BD000
|
Size: |
598016
|
|
721000
|
heap
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2651433091.0000000000721000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
721000
|
Size: |
155648
|
|
229E000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802831036.000000000229E000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
229E000
|
Size: |
8192
|
|
4AAE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2141894880.0000000004AAE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4AAE000
|
Size: |
761856
|
|
873000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000003.1800014680.0000000000873000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
873000
|
Size: |
45056
|
|
3BE000
|
stack
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.1879846361.00000000003BE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
3BE000
|
Size: |
8192
|
|
78F000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1820847228.000000000078F000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
78F000
|
Size: |
4096
|
|
29FC000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000003.1814949632.00000000029FC000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29FC000
|
Size: |
12288
|
|
EDF000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000012.00000000.2638523718.0000000000EDF000.00000002.00000001.01000000.00000008.sdmp
|
TargetID: |
18
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
EDF000
|
Size: |
143360
|
|
49C2000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2137298839.00000000049C2000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49C2000
|
Size: |
643072
|
|
6F223000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2657651743.000000006F223000.00000004.00000001.01000000.0000000B.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
6F223000
|
Size: |
12288
|
|
49DA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2141811334.00000000049DA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49DA000
|
Size: |
761856
|
|
400000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000000.00000000.1788376587.0000000000400000.00000002.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
400000
|
Size: |
4096
|
|
49FA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2144827436.00000000049FA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49FA000
|
Size: |
835584
|
|
7F7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000003.1824890712.00000000007F7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7F7000
|
Size: |
32768
|
|
3AE2000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.1832140865.0000000003AE2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3AE2000
|
Size: |
4096
|
|
1FC000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1820478447.00000000001FC000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
1FC000
|
Size: |
16384
|
|
3E91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2131098245.0000000003E91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E91000
|
Size: |
462848
|
|
49C9000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2137075181.00000000049C9000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49C9000
|
Size: |
638976
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2131157224.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
933888
|
|
4916000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2141481806.0000000004916000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4916000
|
Size: |
749568
|
|
780000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000D.00000002.1879941037.0000000000780000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
13
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
780000
|
Size: |
20480
|
|
2810000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815382790.0000000002810000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2810000
|
Size: |
4096
|
|
3DFD000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2130862305.0000000003DFD000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3DFD000
|
Size: |
458752
|
|
3AE2000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.1832336256.0000000003AE2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3AE2000
|
Size: |
4096
|
|
4914000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2143584687.0000000004914000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4914000
|
Size: |
798720
|
|
A03000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1825501225.0000000000A03000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
A03000
|
Size: |
8192
|
|
3188000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.1829544583.0000000003188000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3188000
|
Size: |
1568768
|
|
4ABA000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2144119803.0000000004ABA000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4ABA000
|
Size: |
815104
|
|
2570000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000012.00000002.2652313811.0000000002570000.00000002.00000001.01000000.0000000A.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
2570000
|
Size: |
4096
|
|
6D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815310197.00000000006D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6D0000
|
Size: |
16384
|
|
3E0D000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2132629020.0000000003E0D000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E0D000
|
Size: |
516096
|
|
720000
|
unkown
|
page readonly
|
|
|
|
Name: |
0000000C.00000000.1828201557.0000000000720000.00000002.00000001.01000000.00000007.sdmp
|
TargetID: |
12
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
720000
|
Size: |
4096
|
|
491F000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2144566855.000000000491F000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
491F000
|
Size: |
831488
|
|
49CE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2137553370.00000000049CE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49CE000
|
Size: |
647168
|
|
293D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1820222686.000000000293D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
293D000
|
Size: |
24576
|
|
2912000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1820346245.0000000002912000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2912000
|
Size: |
90112
|
|
4910000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2145187157.0000000004910000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4910000
|
Size: |
843776
|
|
3E91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2132386769.0000000003E91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E91000
|
Size: |
503808
|
|
9F4000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.1830231593.00000000009F4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
9F4000
|
Size: |
4096
|
|
7F7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1825234389.00000000007F7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7F7000
|
Size: |
32768
|
|
29FF000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000003.1814783466.00000000029FF000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29FF000
|
Size: |
4096
|
|
3AE1000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.1831901039.0000000003AE1000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3AE1000
|
Size: |
229376
|
|
49B1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2135161554.00000000049B1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49B1000
|
Size: |
589824
|
|
9EF000
|
stack
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2651649573.00000000009EF000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
9EF000
|
Size: |
4096
|
|
E3F000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000012.00000000.2638434247.0000000000E3F000.00000002.00000001.01000000.00000008.sdmp
|
TargetID: |
18
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
E3F000
|
Size: |
589824
|
Signature Hits |
Behavior Group |
Mitre Attack |
|
Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
28F0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1821114556.00000000028F0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28F0000
|
Size: |
28672
|
|
3E91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2129618607.0000000003E91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E91000
|
Size: |
393216
|
|
82D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000003.1824336534.000000000082D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
82D000
|
Size: |
4096
|
|
2937000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000003.1820420236.0000000002937000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
2937000
|
Size: |
20480
|
|
491A000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2137387734.000000000491A000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
491A000
|
Size: |
647168
|
|
49E1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2142739184.00000000049E1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49E1000
|
Size: |
782336
|
|
815000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1825311771.0000000000815000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
815000
|
Size: |
8192
|
|
4912000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2143004273.0000000004912000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4912000
|
Size: |
786432
|
|
491C000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2134018633.000000000491C000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
491C000
|
Size: |
557056
|
|
4A72000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2140161977.0000000004A72000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
4A72000
|
Size: |
712704
|
|
85B000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802482490.000000000085B000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
85B000
|
Size: |
16384
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2128185024.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
323584
|
|
49B1000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2134071467.00000000049B1000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49B1000
|
Size: |
557056
|
|
3E91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2129253383.0000000003E91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3E91000
|
Size: |
376832
|
|
49D4000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2141068563.00000000049D4000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49D4000
|
Size: |
737280
|
|
7F3000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000003.1824817747.00000000007F3000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7F3000
|
Size: |
12288
|
|
7F7000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000003.1824817747.00000000007F7000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
7F7000
|
Size: |
32768
|
|
4610000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1821339577.0000000004610000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
4610000
|
Size: |
4096
|
|
29D2000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000002.1815570981.00000000029D2000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29D2000
|
Size: |
90112
|
|
811000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000002.1825260990.0000000000811000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
811000
|
Size: |
8192
|
|
49D3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2140907932.00000000049D3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49D3000
|
Size: |
733184
|
|
862000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802482490.0000000000862000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
862000
|
Size: |
12288
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2130160062.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
839680
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2127838736.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
303104
|
|
820000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802482490.0000000000820000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
820000
|
Size: |
36864
|
|
29F5000
|
heap
|
page read and write
|
|
|
|
Name: |
00000003.00000003.1815030199.00000000029F5000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
3
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
29F5000
|
Size: |
20480
|
|
2780000
|
unkown
|
page write copy
|
|
|
|
Name: |
00000012.00000002.2652535617.0000000002780000.00000008.00000001.01000000.0000000A.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page write copy
|
Base address: |
2780000
|
Size: |
24576
|
|
13BE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2127797463.00000000013BE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13BE000
|
Size: |
299008
|
|
1E4000
|
heap
|
page read and write
|
|
|
|
Name: |
00000012.00000003.2642727704.00000000001E4000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
1E4000
|
Size: |
4096
|
|
F04000
|
unkown
|
page readonly
|
|
|
|
Name: |
00000012.00000000.2638556351.0000000000F04000.00000002.00000001.01000000.00000008.sdmp
|
TargetID: |
18
|
Dumpstage: |
process new
|
Regiontype: |
unkown
|
Protect: |
page readonly
|
Base address: |
F04000
|
Size: |
356352
|
|
13BE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2127684999.00000000013BE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13BE000
|
Size: |
290816
|
|
3D91000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2127487424.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3D91000
|
Size: |
282624
|
|
88D000
|
heap
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802482490.000000000088D000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
88D000
|
Size: |
12288
|
|
6FE000
|
heap
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2651433091.00000000006FE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
6FE000
|
Size: |
135168
|
|
811000
|
heap
|
page read and write
|
|
|
|
Name: |
00000008.00000003.1824390533.0000000000811000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
8
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
811000
|
Size: |
8192
|
|
49FE000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2144653317.00000000049FE000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
49FE000
|
Size: |
831488
|
|
7BE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1802403326.00000000007BE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
7BE000
|
Size: |
8192
|
|
3DF3000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2129888934.0000000003DF3000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3DF3000
|
Size: |
409600
|
|
13BE000
|
heap
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2128141921.00000000013BE000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
13BE000
|
Size: |
319488
|
|
3316000
|
heap
|
page read and write
|
|
|
|
Name: |
00000012.00000002.2653220397.0000000003316000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
18
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
3316000
|
Size: |
61440
|
|
3DF0000
|
trusted library allocation
|
page read and write
|
|
|
|
Name: |
0000000C.00000003.2129732834.0000000003DF0000.00000004.00000800.00020000.00000000.sdmp
|
TargetID: |
12
|
Dumpstage: |
free memory
|
Regiontype: |
trusted library allocation
|
Protect: |
page read and write
|
Base address: |
3DF0000
|
Size: |
405504
|
|
28D0000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1821082850.00000000028D0000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
28D0000
|
Size: |
4096
|
|
293E000
|
heap
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1821316170.000000000293E000.00000004.00000020.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
heap
|
Protect: |
page read and write
|
Base address: |
293E000
|
Size: |
20480
|
|
46B000
|
unkown
|
page read and write
|
|
|
|
Name: |
00000000.00000002.1801955445.000000000046B000.00000004.00000001.01000000.00000003.sdmp
|
TargetID: |
0
|
Dumpstage: |
process exit
|
Regiontype: |
unkown
|
Protect: |
page read and write
|
Base address: |
46B000
|
Size: |
12288
|
|
5FE000
|
stack
|
page read and write
|
|
|
|
Name: |
00000005.00000002.1820583507.00000000005FE000.00000004.00000010.00020000.00000000.sdmp
|
TargetID: |
5
|
Dumpstage: |
process exit
|
Regiontype: |
stack
|
Protect: |
page read and write
|
Base address: |
5FE000
|
Size: |
8192
|
|