|
5F0000
|
direct allocation
|
page read and write
|
 |
|
|
| Name: |
00000004.00000002.1621398863.00000000005F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5F0000
|
| Size: |
20480
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found malware configuration |
AV Detection |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected SmokeLoader |
Key, Mouse, Clipboard, Microphone and Screen Capturing, Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
|
|
5F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1570237850.00000000005F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5F0000
|
| Size: |
32768
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected SmokeLoader |
Key, Mouse, Clipboard, Microphone and Screen Capturing, Stealing of Sensitive Information, Remote Access Functionality |
|
|
|
20E0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1929574619.00000000020E0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
20E0000
|
| Size: |
20480
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected SmokeLoader |
Key, Mouse, Clipboard, Microphone and Screen Capturing, Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
|
|
2101000
|
unclassified section
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1929772481.0000000002101000.00000004.10000000.00040000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page read and write
|
| Base address: |
2101000
|
| Size: |
24576
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected SmokeLoader |
Key, Mouse, Clipboard, Microphone and Screen Capturing, Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
|
|
771000
|
unclassified section
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1394340695.0000000000771000.00000004.10000000.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page read and write
|
| Base address: |
771000
|
| Size: |
24576
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected SmokeLoader |
Key, Mouse, Clipboard, Microphone and Screen Capturing, Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
|
|
681000
|
unclassified section
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1621512550.0000000000681000.00000004.10000000.00040000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page read and write
|
| Base address: |
681000
|
| Size: |
24576
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected SmokeLoader |
Key, Mouse, Clipboard, Microphone and Screen Capturing, Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
|
|
5F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319958118.00000000005F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5F0000
|
| Size: |
32768
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected SmokeLoader |
Key, Mouse, Clipboard, Microphone and Screen Capturing, Stealing of Sensitive Information, Remote Access Functionality |
|
|
|
20E0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1872970611.00000000020E0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
20E0000
|
| Size: |
32768
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected SmokeLoader |
Key, Mouse, Clipboard, Microphone and Screen Capturing, Stealing of Sensitive Information, Remote Access Functionality |
|
|
|
5F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1394219438.00000000005F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5F0000
|
| Size: |
20480
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected SmokeLoader |
Key, Mouse, Clipboard, Microphone and Screen Capturing, Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1397648627.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
87BB000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374602284.00000000087BB000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
87BB000
|
| Size: |
16384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1725040039.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1739102701.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1752800718.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
DD50000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1695725121.000000000DD50000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
DD50000
|
| Size: |
233472
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1706238975.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
7FF4F319E000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392449198.00007FF4F319E000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F319E000
|
| Size: |
8192
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1737649546.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7FF4F317B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392380640.00007FF4F317B000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F317B000
|
| Size: |
16384
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1755304214.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1421398655.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1426398824.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1736552509.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1701088700.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
4D79000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372829410.0000000004D79000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4D79000
|
| Size: |
28672
|
|
|
7FF4F2EAA000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383247249.00007FF4F2EAA000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2EAA000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1634115024.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1721242189.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1627312936.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
760000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1394321687.0000000000760000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
760000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1763954258.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1638583027.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1716397891.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1687827958.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
BBD0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1671081045.000000000BBD0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BBD0000
|
| Size: |
233472
|
|
|
2F67000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372048913.0000000002F67000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2F67000
|
| Size: |
16384
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1657403908.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F2CFE000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382383439.00007FF4F2CFE000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2CFE000
|
| Size: |
8192
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1713745054.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
7FF4E7E46000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1381451466.00007FF4E7E46000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4E7E46000
|
| Size: |
20480
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1659925148.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1705043757.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F3016000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383837604.00007FF4F3016000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3016000
|
| Size: |
12288
|
|
|
AE40000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1625147202.000000000AE40000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
AE40000
|
| Size: |
65536
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1505147662.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1448587348.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7FF4F2D1F000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382543339.00007FF4F2D1F000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2D1F000
|
| Size: |
24576
|
|
|
2181000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1320119390.0000000002181000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2181000
|
| Size: |
249856
|
|
|
7420000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1373496950.0000000007420000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7420000
|
| Size: |
4096
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1745304583.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
2FB0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1372326294.0000000002FB0000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
2FB0000
|
| Size: |
925696
|
|
|
81C0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1685302132.00000000081C0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81C0000
|
| Size: |
65536
|
|
|
1071000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1371575826.0000000001071000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
1071000
|
| Size: |
368640
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1717556528.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1624759591.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1765300558.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7FF4F2D11000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382402873.00007FF4F2D11000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2D11000
|
| Size: |
28672
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1660310682.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1653586070.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1723783182.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1691770943.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1776752741.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
229376
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1699798595.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
E6CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380374074.000000000E6CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E6CE000
|
| Size: |
8192
|
|
|
807000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1394461700.0000000000807000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
807000
|
| Size: |
20480
|
|
|
BD60000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BD60000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BD60000
|
| Size: |
12288
|
|
|
8CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1621639921.00000000008CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8CF000
|
| Size: |
4096
|
|
|
E4D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1772877265.000000000E4D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
E4D0000
|
| Size: |
229376
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1416399407.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
C045000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000C045000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
C045000
|
| Size: |
4096
|
|
|
7FF4F2CFB000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382204765.00007FF4F2CFB000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2CFB000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1780991165.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
229376
|
|
|
C0C3000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000C0C3000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
C0C3000
|
| Size: |
266240
|
|
|
B170000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1690464017.000000000B170000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B170000
|
| Size: |
65536
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1475148051.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1734053086.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1492647535.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
2A50000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1371834668.0000000002A50000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
2A50000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1628483606.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F2B68000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1381642931.00007FF4F2B68000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2B68000
|
| Size: |
16384
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1642335310.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1493979920.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
A93B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1377524628.000000000A93B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A93B000
|
| Size: |
20480
|
|
|
8755000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374602284.0000000008755000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8755000
|
| Size: |
8192
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1652804736.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
BDC8000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BDC8000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BDC8000
|
| Size: |
1007616
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
74F0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1373643899.00000000074F0000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
74F0000
|
| Size: |
32768
|
|
|
7112000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.0000000007112000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7112000
|
| Size: |
249856
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1649835866.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1706375316.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F323C000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392801759.00007FF4F323C000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F323C000
|
| Size: |
4096
|
|
|
85F4000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374488455.00000000085F4000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
85F4000
|
| Size: |
12288
|
|
|
7FF4F2F8B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383521501.00007FF4F2F8B000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2F8B000
|
| Size: |
4096
|
|
|
BACE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378283059.000000000BACE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BACE000
|
| Size: |
8192
|
|
|
7FF4F321E000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392717391.00007FF4F321E000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F321E000
|
| Size: |
4096
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1632176459.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1639101596.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F2F68000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383415301.00007FF4F2F68000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2F68000
|
| Size: |
8192
|
|
|
7EBB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374158059.0000000007EBB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7EBB000
|
| Size: |
20480
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1707386121.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
25F7000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371727999.00000000025F7000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
25F7000
|
| Size: |
36864
|
|
|
620000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1928185952.0000000000620000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
620000
|
| Size: |
16384
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1488899309.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1400218179.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
245760
|
|
|
2F7B000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372048913.0000000002F7B000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2F7B000
|
| Size: |
16384
|
|
|
AE40000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1628427772.000000000AE40000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
AE40000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1776707959.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1785994502.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
229376
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1701294558.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
EEA6000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380671149.000000000EEA6000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
EEA6000
|
| Size: |
4096
|
|
|
67E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1621491773.000000000067E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
67E000
|
| Size: |
8192
|
|
|
411000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000004.00000000.1562417488.0000000000411000.00000020.00000001.01000000.00000005.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
411000
|
| Size: |
61440
|
|
|
85F2000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374488455.00000000085F2000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
85F2000
|
| Size: |
4096
|
|
|
7FF4F3103000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1391883701.00007FF4F3103000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3103000
|
| Size: |
20480
|
|
|
C1CE000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1379992755.000000000C1CE000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
C1CE000
|
| Size: |
8192
|
|
|
AE40000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1672525912.000000000AE40000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
AE40000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1473946213.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
BD22000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BD22000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BD22000
|
| Size: |
233472
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1756399255.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1769053485.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
580000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1394149973.0000000000580000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
580000
|
| Size: |
4096
|
|
|
7FF4F335A000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393650718.00007FF4F335A000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F335A000
|
| Size: |
12288
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1742803349.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1692972987.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
AE40000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1751561185.000000000AE40000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
AE40000
|
| Size: |
65536
|
|
|
2480000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1930094157.0000000002480000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2480000
|
| Size: |
8192
|
|
|
7FF4F2EFD000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383285690.00007FF4F2EFD000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2EFD000
|
| Size: |
12288
|
|
|
EBD0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1625973264.000000000EBD0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
EBD0000
|
| Size: |
233472
|
|
|
9B65000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009B65000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9B65000
|
| Size: |
8192
|
|
|
7F00000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374192395.0000000007F00000.00000004.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7F00000
|
| Size: |
4096
|
|
|
7FF4F2C98000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382058462.00007FF4F2C98000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2C98000
|
| Size: |
4096
|
|
|
9C9E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009C9E000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9C9E000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1415228738.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
241664
|
|
|
8AB1000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375402885.0000000008AB1000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AB1000
|
| Size: |
4096
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1691708453.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1427645601.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
DF50000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1448641922.000000000DF50000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
DF50000
|
| Size: |
237568
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1651609987.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F2FB1000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383657047.00007FF4F2FB1000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2FB1000
|
| Size: |
8192
|
|
|
BBD0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1684134135.000000000BBD0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BBD0000
|
| Size: |
233472
|
|
|
E4D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1510271836.000000000E4D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
E4D0000
|
| Size: |
237568
|
|
|
BBD0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1686635565.000000000BBD0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BBD0000
|
| Size: |
233472
|
|
|
7FF4F2E8F000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383192202.00007FF4F2E8F000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2E8F000
|
| Size: |
53248
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1656164438.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1656597128.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
A2E3000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1376513291.000000000A2E3000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
A2E3000
|
| Size: |
28672
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1649897291.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1500149617.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
7FF4F2CC6000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382184065.00007FF4F2CC6000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2CC6000
|
| Size: |
28672
|
|
|
81C0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1676557509.00000000081C0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81C0000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1753897992.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1643638715.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
BFF8000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BFF8000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BFF8000
|
| Size: |
4096
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1497644412.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1730046876.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1747647863.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7FF4F32FC000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393414899.00007FF4F32FC000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F32FC000
|
| Size: |
4096
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1646088237.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1632266206.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
9CB8000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009CB8000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9CB8000
|
| Size: |
4096
|
|
|
7FF4F2FAB000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383621429.00007FF4F2FAB000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2FAB000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1413948835.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
241664
|
|
|
81E0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374277646.00000000081E0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81E0000
|
| Size: |
16384
|
|
|
400000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1394032080.0000000000400000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
400000
|
| Size: |
36864
|
|
|
9D08000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009D08000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9D08000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1629744276.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F2DA8000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382893460.00007FF4F2DA8000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2DA8000
|
| Size: |
16384
|
|
|
7FF4F307B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383974673.00007FF4F307B000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F307B000
|
| Size: |
114688
|
|
|
7320000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1373483423.0000000007320000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7320000
|
| Size: |
4096
|
|
|
7FF4F2CF7000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382204765.00007FF4F2CF7000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2CF7000
|
| Size: |
12288
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1772876997.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
229376
|
|
|
EEA8000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380671149.000000000EEA8000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
EEA8000
|
| Size: |
12288
|
|
|
6D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1621533017.00000000006D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6D0000
|
| Size: |
32768
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1651085076.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1652335763.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
7FF4F3196000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392449198.00007FF4F3196000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3196000
|
| Size: |
24576
|
|
|
420000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000005.00000002.1923634133.0000000000420000.00000002.00000001.01000000.00000005.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
420000
|
| Size: |
12288
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1741396641.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7FF4F3314000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393565192.00007FF4F3314000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3314000
|
| Size: |
12288
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1774056117.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1487701350.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
7FF4F2F33000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383397528.00007FF4F2F33000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2F33000
|
| Size: |
12288
|
|
|
7FF4F3205000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392717391.00007FF4F3205000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3205000
|
| Size: |
24576
|
|
|
7FF4F30EF000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1391883701.00007FF4F30EF000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F30EF000
|
| Size: |
4096
|
|
|
B83C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378067471.000000000B83C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B83C000
|
| Size: |
16384
|
|
|
4391000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372402282.0000000004391000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4391000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1621459955.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
5F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1926674200.00000000005F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F0000
|
| Size: |
4096
|
|
|
EEA0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380671149.000000000EEA0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
EEA0000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1456135268.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1651556326.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1758946674.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1421449147.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
241664
|
|
|
7FF4F30B7000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1384084633.00007FF4F30B7000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F30B7000
|
| Size: |
32768
|
|
|
6FDC000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.0000000006FDC000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6FDC000
|
| Size: |
16384
|
|
|
BD99000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BD99000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BD99000
|
| Size: |
36864
|
|
|
EBD0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1749131544.000000000EBD0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
EBD0000
|
| Size: |
233472
|
|
|
9C3D000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009C3D000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9C3D000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1395205859.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
249856
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1652387911.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
401000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000005.00000000.1861353871.0000000000401000.00000020.00000001.01000000.00000005.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
401000
|
| Size: |
36864
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1495197850.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1418949193.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
241664
|
|
|
9D15000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009D15000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9D15000
|
| Size: |
40960
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1757804134.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1703640252.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F2B98000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1381741658.00007FF4F2B98000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2B98000
|
| Size: |
8192
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1713896959.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1703740448.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1620978368.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1736603108.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
9CA8000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009CA8000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9CA8000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1405194306.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
241664
|
|
|
839E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374407330.000000000839E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
839E000
|
| Size: |
8192
|
|
|
600000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1621425223.0000000000600000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
600000
|
| Size: |
12288
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1682808389.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1715046854.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F32F4000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393414899.00007FF4F32F4000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F32F4000
|
| Size: |
4096
|
|
|
BD6D000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BD6D000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BD6D000
|
| Size: |
20480
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1496531164.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1703789401.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F30DD000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1384910165.00007FF4F30DD000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F30DD000
|
| Size: |
4096
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1413898210.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
7FF4F2D68000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382681391.00007FF4F2D68000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2D68000
|
| Size: |
40960
|
|
|
766E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1373706597.000000000766E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
766E000
|
| Size: |
8192
|
|
|
E4D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1771692297.000000000E4D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
E4D0000
|
| Size: |
229376
|
|
|
8979000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374602284.0000000008979000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8979000
|
| Size: |
86016
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
9B53000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009B53000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9B53000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1779888357.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
229376
|
|
|
7FF4F2C8C000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382058462.00007FF4F2C8C000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2C8C000
|
| Size: |
8192
|
|
|
2B59000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371865683.0000000002B59000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2B59000
|
| Size: |
28672
|
|
|
7FF4F32C8000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393242914.00007FF4F32C8000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F32C8000
|
| Size: |
4096
|
|
|
7FF4F30AD000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383974673.00007FF4F30AD000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F30AD000
|
| Size: |
12288
|
|
|
7FF4F2EDB000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383266268.00007FF4F2EDB000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2EDB000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1750205274.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1661707445.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
EBD0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1625204910.000000000EBD0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
EBD0000
|
| Size: |
233472
|
|
|
7FF4F318C000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392426080.00007FF4F318C000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F318C000
|
| Size: |
24576
|
|
|
610000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1926701326.0000000000610000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
610000
|
| Size: |
36864
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara signature match |
System Summary |
|
|
|
7FF4F32F0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393414899.00007FF4F32F0000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F32F0000
|
| Size: |
12288
|
|
|
1F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1923546003.00000000001F0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1F0000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1503947525.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
BBD0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1680374998.000000000BBD0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BBD0000
|
| Size: |
233472
|
|
|
7FF4F3149000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392282263.00007FF4F3149000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3149000
|
| Size: |
16384
|
|
|
7FF4F31CB000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392543672.00007FF4F31CB000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F31CB000
|
| Size: |
4096
|
|
|
7DF40CFC0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1381298703.00007DF40CFC0000.00000002.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7DF40CFC0000
|
| Size: |
4096
|
|
|
6E8000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.1621589048.00000000006E8000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
6E8000
|
| Size: |
57344
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara signature match |
System Summary |
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1772808261.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1706133180.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
610000
|
unclassified section
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1621443246.0000000000610000.00000004.10000000.00040000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page read and write
|
| Base address: |
610000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1627857015.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
87C0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374602284.00000000087C0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
87C0000
|
| Size: |
839680
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
5F0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1371240444.00000000005F0000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
5F0000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1639891366.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F31DE000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392639715.00007FF4F31DE000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F31DE000
|
| Size: |
32768
|
|
|
992F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375722885.000000000992F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
992F000
|
| Size: |
4096
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1405149121.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
7FF4F30D4000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1384776525.00007FF4F30D4000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F30D4000
|
| Size: |
16384
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1412742536.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
241664
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1747806289.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1498897979.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1661090402.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1787179763.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1722804028.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
7FF4F2E01000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383099590.00007FF4F2E01000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2E01000
|
| Size: |
8192
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1727806865.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1658643267.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1508896982.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1471140562.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
B9BA000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378143018.000000000B9BA000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B9BA000
|
| Size: |
24576
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1654116626.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
93F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1929457839.000000000093F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
93F000
|
| Size: |
4096
|
|
|
BEDC000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BEDC000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BEDC000
|
| Size: |
86016
|
|
|
2F8A000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372048913.0000000002F8A000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2F8A000
|
| Size: |
86016
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1640306058.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1709835601.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
411000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000000.00000000.1313923338.0000000000411000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
411000
|
| Size: |
61440
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1622181836.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
97AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375659622.00000000097AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
97AE000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1707537469.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
E4D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1774183202.000000000E4D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
E4D0000
|
| Size: |
229376
|
|
|
99AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375742747.00000000099AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
99AF000
|
| Size: |
4096
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1746555848.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7477000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1373548519.0000000007477000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7477000
|
| Size: |
20480
|
|
|
7FF4F31BE000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392543672.00007FF4F31BE000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F31BE000
|
| Size: |
16384
|
|
|
2F60000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372048913.0000000002F60000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2F60000
|
| Size: |
24576
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1751617542.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1777961163.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1665458336.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1633427464.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
4E79000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372847631.0000000004E79000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4E79000
|
| Size: |
4096
|
|
|
74D0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1373614524.00000000074D0000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
74D0000
|
| Size: |
8192
|
|
|
8971000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374602284.0000000008971000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8971000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1486446481.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
DD80000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1690528678.000000000DD80000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
DD80000
|
| Size: |
233472
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1663586654.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1750356981.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1620893300.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
423000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1923833465.0000000000423000.00000004.00000001.01000000.00000005.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
423000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1675369491.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1622648971.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
43F6000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372402282.00000000043F6000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
43F6000
|
| Size: |
36864
|
|
|
21D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1621678284.00000000021D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
21D0000
|
| Size: |
12288
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1768953733.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1401398180.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1432697990.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1650364596.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1449835410.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1440147791.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
CD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371524834.0000000000CD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
CD0000
|
| Size: |
16384
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1486398634.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
7480000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1373562560.0000000007480000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7480000
|
| Size: |
8192
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1412650286.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1660377717.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F313B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392190104.00007FF4F313B000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F313B000
|
| Size: |
8192
|
|
|
7160000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.0000000007160000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7160000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1454885026.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1440196782.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
DD4C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380158682.000000000DD4C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DD4C000
|
| Size: |
16384
|
|
|
A9BD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1377553662.000000000A9BD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A9BD000
|
| Size: |
12288
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1771494961.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
229376
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1402696020.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
245760
|
|
|
841F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374426917.000000000841F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
841F000
|
| Size: |
4096
|
|
|
2F10000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372048913.0000000002F10000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2F10000
|
| Size: |
36864
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1767707450.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
2F45000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372048913.0000000002F45000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2F45000
|
| Size: |
49152
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1621399430.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
5E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1394199839.00000000005E0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5E0000
|
| Size: |
36864
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara signature match |
System Summary |
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1722543617.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
4395000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372402282.0000000004395000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4395000
|
| Size: |
167936
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1742649232.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1703585863.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1783494031.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
229376
|
|
|
7FF4F2E5F000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383118697.00007FF4F2E5F000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2E5F000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1630367014.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
92F7000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375588334.00000000092F7000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
92F7000
|
| Size: |
36864
|
|
|
7FF4F30FF000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1391883701.00007FF4F30FF000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F30FF000
|
| Size: |
12288
|
|
|
4430000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372715351.0000000004430000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4430000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1724102192.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F2C32000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1381899345.00007FF4F2C32000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2C32000
|
| Size: |
8192
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1767804500.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
BBD0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1677890136.000000000BBD0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BBD0000
|
| Size: |
233472
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1476398267.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1443949156.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
8556000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374457982.0000000008556000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8556000
|
| Size: |
139264
|
|
|
83E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1929370718.000000000083E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
83E000
|
| Size: |
8192
|
|
|
899E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374602284.000000000899E000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
899E000
|
| Size: |
106496
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1708642521.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1726241778.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
862F000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374602284.000000000862F000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
862F000
|
| Size: |
339968
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1679053317.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
C19E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1379957721.000000000C19E000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
C19E000
|
| Size: |
135168
|
|
|
7FF4F2FC7000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383724699.00007FF4F2FC7000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2FC7000
|
| Size: |
4096
|
|
|
A366000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1376513291.000000000A366000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
A366000
|
| Size: |
12288
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1512699179.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1639835245.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7FF4F3133000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392147144.00007FF4F3133000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3133000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1728791931.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
74E0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1373628208.00000000074E0000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
74E0000
|
| Size: |
8192
|
|
|
7FF4F2D26000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382543339.00007FF4F2D26000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2D26000
|
| Size: |
8192
|
|
|
2120000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1929874662.0000000002120000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2120000
|
| Size: |
12288
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1501399614.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
AAF0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1377692038.000000000AAF0000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
AAF0000
|
| Size: |
8192
|
|
|
7FF4F2F89000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383488598.00007FF4F2F89000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2F89000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1702564099.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
4328000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372402282.0000000004328000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4328000
|
| Size: |
8192
|
|
|
AE40000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1750149660.000000000AE40000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
AE40000
|
| Size: |
65536
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1667996208.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1664054743.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
BBD0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1681644552.000000000BBD0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BBD0000
|
| Size: |
233472
|
|
|
7FF4F2714000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1381568388.00007FF4F2714000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2714000
|
| Size: |
12288
|
|
|
BEFF000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BEFF000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BEFF000
|
| Size: |
32768
|
|
|
4306000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372402282.0000000004306000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4306000
|
| Size: |
16384
|
|
|
BF16000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BF16000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BF16000
|
| Size: |
16384
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1708586966.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
7FF4F3111000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1391883701.00007FF4F3111000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3111000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1731609021.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F3374000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393753372.00007FF4F3374000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3374000
|
| Size: |
16384
|
|
|
580000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1621308399.0000000000580000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
580000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1676623866.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1681555625.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
898F000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374602284.000000000898F000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
898F000
|
| Size: |
4096
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1743899702.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1454836114.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
7FF4F2D93000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382838108.00007FF4F2D93000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2D93000
|
| Size: |
4096
|
|
|
8780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374602284.0000000008780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8780000
|
| Size: |
69632
|
|
|
C00000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1371471602.0000000000C00000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
C00000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1666761869.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1664837057.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
7FBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374224076.0000000007FBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7FBE000
|
| Size: |
8192
|
|
|
7FF4F30C2000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1384084633.00007FF4F30C2000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F30C2000
|
| Size: |
8192
|
|
|
9BD8000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009BD8000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9BD8000
|
| Size: |
208896
|
|
|
8A9B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375381976.0000000008A9B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8A9B000
|
| Size: |
20480
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1759100887.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F32ED000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393414899.00007FF4F32ED000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F32ED000
|
| Size: |
8192
|
|
|
2EF1000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372048913.0000000002EF1000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2EF1000
|
| Size: |
40960
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1632800284.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1458636743.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1711448192.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
900C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375517161.000000000900C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
900C000
|
| Size: |
16384
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1400153087.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
7FF4F316B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392282263.00007FF4F316B000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F316B000
|
| Size: |
8192
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1490150184.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1647947232.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1726294961.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1744029744.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
AE40000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1674058782.000000000AE40000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
AE40000
|
| Size: |
65536
|
|
|
8685000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374602284.0000000008685000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8685000
|
| Size: |
847872
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1732491764.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7FF4F313F000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392190104.00007FF4F313F000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F313F000
|
| Size: |
4096
|
|
|
AE40000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1749068379.000000000AE40000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
AE40000
|
| Size: |
65536
|
|
|
7FF4F312A000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392128724.00007FF4F312A000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F312A000
|
| Size: |
12288
|
|
|
2613000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371742883.0000000002613000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2613000
|
| Size: |
49152
|
|
|
4480000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372777330.0000000004480000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4480000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1466135174.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
490000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000000.1562548154.0000000000490000.00000002.00000001.01000000.00000005.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
490000
|
| Size: |
106496
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1407696420.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
241664
|
|
|
43C0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372402282.00000000043C0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
43C0000
|
| Size: |
8192
|
|
|
BDA7000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BDA7000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BDA7000
|
| Size: |
16384
|
|
|
4300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372402282.0000000004300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4300000
|
| Size: |
20480
|
|
|
6F6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1621607987.00000000006F6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6F6000
|
| Size: |
188416
|
|
|
7839000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1373782237.0000000007839000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7839000
|
| Size: |
28672
|
|
|
7FF4F2DEA000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383064710.00007FF4F2DEA000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2DEA000
|
| Size: |
32768
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1420199790.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
241664
|
|
|
74C0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1373601577.00000000074C0000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
74C0000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1406448818.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
241664
|
|
|
7FF4F2FA7000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383603748.00007FF4F2FA7000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2FA7000
|
| Size: |
8192
|
|
|
401000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000004.00000000.1562417488.0000000000401000.00000020.00000001.01000000.00000005.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
401000
|
| Size: |
36864
|
|
|
22A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1930052792.00000000022A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
22A0000
|
| Size: |
12288
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1408947964.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
241664
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1732571806.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1458585813.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1779258699.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
229376
|
|
|
2A10000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1371806690.0000000002A10000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
2A10000
|
| Size: |
8192
|
|
|
7FF4F2DCB000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382961740.00007FF4F2DCB000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2DCB000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1623489593.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1637879369.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1445144833.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
7FF4F316E000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392282263.00007FF4F316E000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F316E000
|
| Size: |
4096
|
|
|
9AAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375781522.0000000009AAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9AAE000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1491442952.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
BB4B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378306232.000000000BB4B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BB4B000
|
| Size: |
20480
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1432649716.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
7027000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.0000000007027000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7027000
|
| Size: |
16384
|
|
|
7FF4F3137000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392166957.00007FF4F3137000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3137000
|
| Size: |
8192
|
|
|
BCD0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BCD0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BCD0000
|
| Size: |
12288
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1729992021.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7E3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374134839.0000000007E3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7E3E000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1747698085.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1744099397.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F2C35000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1381899345.00007FF4F2C35000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2C35000
|
| Size: |
24576
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1777700159.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
229376
|
|
|
7FF4F30CA000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1384084633.00007FF4F30CA000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F30CA000
|
| Size: |
4096
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1646555640.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
7FF4F2C8F000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382058462.00007FF4F2C8F000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2C8F000
|
| Size: |
20480
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1780461860.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
423000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000000.00000000.1313970414.0000000000423000.00000008.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
423000
|
| Size: |
4096
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1453586069.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
2EFD000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372048913.0000000002EFD000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2EFD000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1634056182.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
E4D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1784747325.000000000E4D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
E4D0000
|
| Size: |
229376
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1784747458.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
229376
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1644061136.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7FF4F2FBD000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383691164.00007FF4F2FBD000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2FBD000
|
| Size: |
12288
|
|
|
7FF4F32CA000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393242914.00007FF4F32CA000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F32CA000
|
| Size: |
16384
|
|
|
4420000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372700471.0000000004420000.00000004.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4420000
|
| Size: |
4096
|
|
|
6E60000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372945317.0000000006E60000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6E60000
|
| Size: |
4096
|
|
|
7FF4F2D29000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382543339.00007FF4F2D29000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2D29000
|
| Size: |
4096
|
|
|
DF50000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1449887357.000000000DF50000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
DF50000
|
| Size: |
237568
|
|
|
96FC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375636702.00000000096FC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
96FC000
|
| Size: |
16384
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1755200221.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1640377619.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F2EA4000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383230501.00007FF4F2EA4000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2EA4000
|
| Size: |
12288
|
|
|
6FC7000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.0000000006FC7000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6FC7000
|
| Size: |
16384
|
|
|
4E63000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372847631.0000000004E63000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4E63000
|
| Size: |
4096
|
|
|
7FF4F2DC6000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382942683.00007FF4F2DC6000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2DC6000
|
| Size: |
8192
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1667335174.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1516401231.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
7FF4F2D9B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382838108.00007FF4F2D9B000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2D9B000
|
| Size: |
16384
|
|
|
7FF4F30F1000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1391883701.00007FF4F30F1000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F30F1000
|
| Size: |
4096
|
|
|
423000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000004.00000000.1562514748.0000000000423000.00000008.00000001.01000000.00000005.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
423000
|
| Size: |
4096
|
|
|
B170000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1687838321.000000000B170000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B170000
|
| Size: |
65536
|
|
|
7FF4F3254000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392927419.00007FF4F3254000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3254000
|
| Size: |
32768
|
|
|
4DE1000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372847631.0000000004DE1000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
E4D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1775517831.000000000E4D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
E4D0000
|
| Size: |
229376
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1686619083.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1464835159.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
6E35000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372911001.0000000006E35000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6E35000
|
| Size: |
45056
|
|
|
7430000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1373509862.0000000007430000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7430000
|
| Size: |
4096
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1459836066.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
BD80000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BD80000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BD80000
|
| Size: |
69632
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1775302946.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1717488691.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
BF36000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BF36000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BF36000
|
| Size: |
458752
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1762650286.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1664103404.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F2FD4000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383744197.00007FF4F2FD4000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2FD4000
|
| Size: |
12288
|
|
|
7DF40CFE1000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000002.00000000.1381391415.00007DF40CFE1000.00000020.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
7DF40CFE1000
|
| Size: |
4096
|
|
|
7FF4F30FB000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1391883701.00007FF4F30FB000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F30FB000
|
| Size: |
8192
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1759050730.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1425198362.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
241664
|
|
|
A2A0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1376513291.000000000A2A0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
A2A0000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1422688952.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
241664
|
|
|
7FF4F333D000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393650718.00007FF4F333D000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F333D000
|
| Size: |
20480
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1780928246.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
9274000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375557783.0000000009274000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9274000
|
| Size: |
16384
|
|
|
87B2000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374602284.00000000087B2000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
87B2000
|
| Size: |
32768
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1788430301.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
600000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1394238023.0000000000600000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
600000
|
| Size: |
16384
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1506453900.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
8B49000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375422163.0000000008B49000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8B49000
|
| Size: |
28672
|
|
|
7FF4F2E56000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383118697.00007FF4F2E56000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2E56000
|
| Size: |
12288
|
|
|
7FF4F3238000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392801759.00007FF4F3238000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3238000
|
| Size: |
12288
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1490215078.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
7FF4F2EA2000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383192202.00007FF4F2EA2000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2EA2000
|
| Size: |
4096
|
|
|
DD50000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1700073318.000000000DD50000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
DD50000
|
| Size: |
233472
|
|
|
7FF4E7E40000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1381451466.00007FF4E7E40000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4E7E40000
|
| Size: |
20480
|
|
|
4F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1924017891.00000000004F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4F0000
|
| Size: |
36864
|
|
|
9DB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371284804.00000000009DB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9DB000
|
| Size: |
20480
|
|
|
7FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1929280476.00000000007FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7FF000
|
| Size: |
4096
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1694210319.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
BEF2000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BEF2000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BEF2000
|
| Size: |
12288
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1777649141.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7F20000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374208851.0000000007F20000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7F20000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1721600844.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F31B1000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392519438.00007FF4F31B1000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F31B1000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1634737362.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
E4D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1507708070.000000000E4D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
E4D0000
|
| Size: |
237568
|
|
|
BD1C000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BD1C000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BD1C000
|
| Size: |
20480
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1517647498.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1680306043.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
9E0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371299557.00000000009E0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9E0000
|
| Size: |
24576
|
|
|
982C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375679574.000000000982C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
982C000
|
| Size: |
16384
|
|
|
7FF4F3278000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392927419.00007FF4F3278000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3278000
|
| Size: |
4096
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1676557492.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1718742866.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1511402323.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1431447005.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
2131000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1873084096.0000000002131000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2131000
|
| Size: |
217088
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1498949492.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
BEF6000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BEF6000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BEF6000
|
| Size: |
8192
|
|
|
257E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371712284.000000000257E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
257E000
|
| Size: |
8192
|
|
|
9C9B000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009C9B000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9C9B000
|
| Size: |
8192
|
|
|
7FF4F32BC000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393220765.00007FF4F32BC000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F32BC000
|
| Size: |
8192
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1767651499.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
420000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.1621096023.0000000000420000.00000002.00000001.01000000.00000005.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
420000
|
| Size: |
12288
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1742852733.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
423000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1394096626.0000000000423000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
423000
|
| Size: |
8192
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1466086619.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
423000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1621153639.0000000000423000.00000004.00000001.01000000.00000005.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
423000
|
| Size: |
8192
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1774056109.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1745148824.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1667435851.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1647413797.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
81F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374296180.00000000081F0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
81F0000
|
| Size: |
4096
|
|
|
CD5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371524834.0000000000CD5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
CD5000
|
| Size: |
40960
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1770352584.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1644119857.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1717856973.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
896B000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374602284.000000000896B000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
896B000
|
| Size: |
20480
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1398896431.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
6DA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1621533017.00000000006DA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6DA000
|
| Size: |
8192
|
|
|
6FF3000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.0000000006FF3000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6FF3000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1469884772.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1784679778.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7FF4F2DE7000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383030308.00007FF4F2DE7000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2DE7000
|
| Size: |
4096
|
|
|
438D000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372402282.000000000438D000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
438D000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1765196473.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
2D30000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371958317.0000000002D30000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2D30000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1681628682.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1690464018.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
7DF40CFB0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1381265299.00007DF40CFB0000.00000002.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7DF40CFB0000
|
| Size: |
4096
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1403903616.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1461085432.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1442698284.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1623898936.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
4340000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372402282.0000000004340000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4340000
|
| Size: |
4096
|
|
|
7FF4F2F13000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383343871.00007FF4F2F13000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2F13000
|
| Size: |
16384
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1459889351.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
7FF4F3367000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393753372.00007FF4F3367000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3367000
|
| Size: |
45056
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1787249633.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
229376
|
|
|
7FF4F2D01000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382402873.00007FF4F2D01000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2D01000
|
| Size: |
28672
|
|
|
7FF4F32D8000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393414899.00007FF4F32D8000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F32D8000
|
| Size: |
20480
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1744052017.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1766552568.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1699495436.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
6FC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.0000000006FC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6FC0000
|
| Size: |
24576
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1453634295.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
6FB6000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.0000000006FB6000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6FB6000
|
| Size: |
8192
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1423898542.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1746398423.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
9CB5000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009CB5000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9CB5000
|
| Size: |
4096
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1771398003.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B8B8000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378086808.000000000B8B8000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B8B8000
|
| Size: |
32768
|
|
|
A2FA000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1376513291.000000000A2FA000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
A2FA000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1652857669.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
98AC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375704665.00000000098AC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
98AC000
|
| Size: |
16384
|
|
|
411000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000000.00000002.1394055551.0000000000411000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
411000
|
| Size: |
61440
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1712488366.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1482647389.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1476449083.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
6FB9000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.0000000006FB9000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6FB9000
|
| Size: |
12288
|
|
|
8430000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374443797.0000000008430000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8430000
|
| Size: |
28672
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1641553780.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1776603271.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
229376
|
|
|
7FF4F2D1C000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382543339.00007FF4F2D1C000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2D1C000
|
| Size: |
8192
|
|
|
DD50000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1713944233.000000000DD50000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
DD50000
|
| Size: |
233472
|
|
|
E4D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1787250113.000000000E4D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
E4D0000
|
| Size: |
229376
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1441532619.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1747856916.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1702338679.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
9B75000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009B75000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9B75000
|
| Size: |
12288
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1493898877.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
81C0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1681557171.00000000081C0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81C0000
|
| Size: |
65536
|
|
|
19D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1620999467.000000000019D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
19D000
|
| Size: |
12288
|
|
|
7EF0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1374176453.0000000007EF0000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7EF0000
|
| Size: |
4096
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1417649986.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
7007000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.0000000007007000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7007000
|
| Size: |
122880
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1516462428.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1515198361.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
81C0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1679051577.00000000081C0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81C0000
|
| Size: |
65536
|
|
|
7FF4F3361000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393650718.00007FF4F3361000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3361000
|
| Size: |
8192
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1472628035.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1649054392.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1788425346.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
2F0E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372048913.0000000002F0E000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2F0E000
|
| Size: |
4096
|
|
|
85F0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374488455.00000000085F0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
85F0000
|
| Size: |
4096
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1739052772.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1770194701.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1741551378.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1725357675.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
EE50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380521718.000000000EE50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EE50000
|
| Size: |
4096
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1437648236.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
4CB0000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000002.00000000.1372794350.0000000004CB0000.00000008.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
4CB0000
|
| Size: |
286720
|
|
|
411000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000005.00000002.1923604603.0000000000411000.00000020.00000001.01000000.00000005.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
411000
|
| Size: |
61440
|
|
|
7FF4F32A4000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393135519.00007FF4F32A4000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F32A4000
|
| Size: |
4096
|
|
|
7FF4F3303000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393565192.00007FF4F3303000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3303000
|
| Size: |
12288
|
|
|
9A2F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375762469.0000000009A2F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9A2F000
|
| Size: |
4096
|
|
|
411000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000004.00000002.1621069629.0000000000411000.00000020.00000001.01000000.00000005.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
411000
|
| Size: |
61440
|
|
|
7FF4F2D0A000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382402873.00007FF4F2D0A000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2D0A000
|
| Size: |
24576
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1780513993.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
229376
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1694270306.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F3144000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392190104.00007FF4F3144000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3144000
|
| Size: |
8192
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1711241626.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
EEC2000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380671149.000000000EEC2000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
EEC2000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1680368038.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F3051000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383892297.00007FF4F3051000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3051000
|
| Size: |
16384
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1469835945.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
BBD0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1685383869.000000000BBD0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BBD0000
|
| Size: |
233472
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1654054045.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
DF50000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1451125730.000000000DF50000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
DF50000
|
| Size: |
237568
|
|
|
9BB3000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009BB3000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9BB3000
|
| Size: |
12288
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1770146501.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
2AD6000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371847701.0000000002AD6000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2AD6000
|
| Size: |
40960
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1686555347.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
BD5C000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BD5C000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BD5C000
|
| Size: |
12288
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1463585331.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1635304688.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7FF4F329F000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393135519.00007FF4F329F000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F329F000
|
| Size: |
16384
|
|
|
81C0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1686555357.00000000081C0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81C0000
|
| Size: |
65536
|
|
|
C07F000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000C07F000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
C07F000
|
| Size: |
4096
|
|
|
FF94000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380880109.000000000FF94000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
FF94000
|
| Size: |
229376
|
|
|
BCCF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378382265.000000000BCCF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BCCF000
|
| Size: |
4096
|
|
|
580000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1371065104.0000000000580000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
580000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1737703848.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8761000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374602284.0000000008761000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8761000
|
| Size: |
12288
|
|
|
AAE0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1377668523.000000000AAE0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
AAE0000
|
| Size: |
8192
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1766400088.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7FF4F2F6B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383415301.00007FF4F2F6B000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2F6B000
|
| Size: |
16384
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1784679776.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1467385035.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1446816771.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1648587161.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1778016247.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
229376
|
|
|
CC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371512098.0000000000CC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
CC0000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1401450070.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
245760
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1729051072.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1704835505.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
2280000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1394555491.0000000002280000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2280000
|
| Size: |
12288
|
|
|
7DF40CFC1000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000002.00000000.1381342699.00007DF40CFC1000.00000020.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
7DF40CFC1000
|
| Size: |
4096
|
|
|
A819000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1377435122.000000000A819000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A819000
|
| Size: |
28672
|
|
|
2610000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371742883.0000000002610000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2610000
|
| Size: |
8192
|
|
|
A355000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1376513291.000000000A355000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
A355000
|
| Size: |
57344
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1461134562.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1631554217.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7FF4F2FAF000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383639410.00007FF4F2FAF000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2FAF000
|
| Size: |
4096
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1692965952.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7FF4F3181000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392405620.00007FF4F3181000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3181000
|
| Size: |
8192
|
|
|
E84D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380464097.000000000E84D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E84D000
|
| Size: |
12288
|
|
|
2BDA000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371883094.0000000002BDA000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2BDA000
|
| Size: |
24576
|
|
|
4400000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372666272.0000000004400000.00000004.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4400000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1774183217.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
229376
|
|
|
7FF4F2B86000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1381704777.00007FF4F2B86000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2B86000
|
| Size: |
8192
|
|
|
7164000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.0000000007164000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7164000
|
| Size: |
307200
|
|
|
6FEF000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.0000000006FEF000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6FEF000
|
| Size: |
4096
|
|
|
6E40000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372931607.0000000006E40000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6E40000
|
| Size: |
4096
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1406398973.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1672444554.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
85D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374488455.00000000085D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
85D0000
|
| Size: |
126976
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1736451911.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
81C0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1682808381.00000000081C0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81C0000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1682884083.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1726557122.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1661147365.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1629140701.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1695703223.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F3343000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393650718.00007FF4F3343000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3343000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1436452074.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
AE40000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1750304767.000000000AE40000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
AE40000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1452383022.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1735301077.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1715193856.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1674057091.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
E4D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1782256899.000000000E4D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
E4D0000
|
| Size: |
229376
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1477649016.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
7FF4F30DB000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1384910165.00007FF4F30DB000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F30DB000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1679138031.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1756610037.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F30E3000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1391854651.00007FF4F30E3000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F30E3000
|
| Size: |
12288
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1716241781.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
9B37000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009B37000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9B37000
|
| Size: |
4096
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1630307959.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1685364180.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
9B20000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009B20000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9B20000
|
| Size: |
12288
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1637805256.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1518954218.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
29F0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1371792314.00000000029F0000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
29F0000
|
| Size: |
8192
|
|
|
AE40000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1627805037.000000000AE40000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
AE40000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1718795340.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
AE40000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1670409812.000000000AE40000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
AE40000
|
| Size: |
65536
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1487648740.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
423000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000005.00000000.1861459889.0000000000423000.00000008.00000001.01000000.00000005.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
423000
|
| Size: |
4096
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1724990859.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
4EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1923987754.00000000004EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4EE000
|
| Size: |
8192
|
|
|
7670000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1373720912.0000000007670000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7670000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1697220773.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
2F6F000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372048913.0000000002F6F000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2F6F000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1410193902.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
241664
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1481445169.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1433936290.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
7058000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.0000000007058000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7058000
|
| Size: |
49152
|
|
|
BF2E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BF2E000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BF2E000
|
| Size: |
4096
|
|
|
9CC2000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009CC2000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9CC2000
|
| Size: |
12288
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1677808272.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
7FF4F2E6B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383175994.00007FF4F2E6B000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2E6B000
|
| Size: |
4096
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1402648637.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1631601640.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
9B88000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009B88000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9B88000
|
| Size: |
4096
|
|
|
446A000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372762137.000000000446A000.00000004.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
446A000
|
| Size: |
12288
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1751464385.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1464883989.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
50A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1926631913.000000000050A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
50A000
|
| Size: |
184320
|
|
|
6FE1000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.0000000006FE1000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6FE1000
|
| Size: |
16384
|
|
|
7FF4F2FE3000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383744197.00007FF4F2FE3000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2FE3000
|
| Size: |
12288
|
|
|
2C60000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1371915246.0000000002C60000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
2C60000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
703A000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.000000000703A000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
703A000
|
| Size: |
77824
|
|
|
C0B3000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000C0B3000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
C0B3000
|
| Size: |
8192
|
|
|
9CAB000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009CAB000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9CAB000
|
| Size: |
4096
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1471088335.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
E4D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1786006378.000000000E4D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
E4D0000
|
| Size: |
229376
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1783429292.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1656551348.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
420000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000005.00000000.1861424710.0000000000420000.00000002.00000001.01000000.00000005.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
420000
|
| Size: |
12288
|
|
|
4379000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372402282.0000000004379000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4379000
|
| Size: |
8192
|
|
|
7FF4F2FA3000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383576837.00007FF4F2FA3000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2FA3000
|
| Size: |
4096
|
|
|
7FF4F2D4C000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382681391.00007FF4F2D4C000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2D4C000
|
| Size: |
12288
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1754104067.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F2FEB000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383819373.00007FF4F2FEB000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2FEB000
|
| Size: |
8192
|
|
|
EEA2000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380671149.000000000EEA2000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
EEA2000
|
| Size: |
12288
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1395152655.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
85FC000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374488455.00000000085FC000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
85FC000
|
| Size: |
12288
|
|
|
C1EB000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380069419.000000000C1EB000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
C1EB000
|
| Size: |
786432
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1761595577.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1757764056.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
DE49000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380198126.000000000DE49000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DE49000
|
| Size: |
28672
|
|
|
E4D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1689238152.000000000E4D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
E4D0000
|
| Size: |
233472
|
|
|
BC4C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378351315.000000000BC4C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BC4C000
|
| Size: |
16384
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1408897536.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1462332815.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
1001B000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380880109.000000001001B000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
1001B000
|
| Size: |
188416
|
|
|
7FF4F320C000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392717391.00007FF4F320C000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F320C000
|
| Size: |
32768
|
|
|
B2BB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1377994319.000000000B2BB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B2BB000
|
| Size: |
20480
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1772808263.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
EE52000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380521718.000000000EE52000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EE52000
|
| Size: |
24576
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1760348664.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1758894795.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1428898082.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
490000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000005.00000002.1923884656.0000000000490000.00000002.00000001.01000000.00000005.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
490000
|
| Size: |
106496
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1711349182.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F2CBF000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382134130.00007FF4F2CBF000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2CBF000
|
| Size: |
4096
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1468583934.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1733885470.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1442649525.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1639052206.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7FF4F32F6000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393414899.00007FF4F32F6000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F32F6000
|
| Size: |
20480
|
|
|
7FF4F2BA0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1381807254.00007FF4F2BA0000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2BA0000
|
| Size: |
8192
|
|
|
9008000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375517161.0000000009008000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9008000
|
| Size: |
12288
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1646142140.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F2C29000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1381880420.00007FF4F2C29000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2C29000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1722857401.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
6FF5000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.0000000006FF5000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6FF5000
|
| Size: |
69632
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1767858017.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
78B9000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1373803175.00000000078B9000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
78B9000
|
| Size: |
28672
|
|
|
FF69000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380880109.000000000FF69000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
FF69000
|
| Size: |
151552
|
|
|
876F000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374602284.000000000876F000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
876F000
|
| Size: |
4096
|
|
|
C145000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1379905377.000000000C145000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
C145000
|
| Size: |
360448
|
|
|
EBD0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1748949947.000000000EBD0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
EBD0000
|
| Size: |
233472
|
|
|
490000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1313997668.0000000000490000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
490000
|
| Size: |
106496
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1396399949.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1755352135.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1745203178.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F2F91000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383556049.00007FF4F2F91000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2F91000
|
| Size: |
28672
|
|
|
CE0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1371560907.0000000000CE0000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
CE0000
|
| Size: |
36864
|
|
|
6FE9000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.0000000006FE9000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6FE9000
|
| Size: |
20480
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1481397903.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
BBCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378327080.000000000BBCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BBCE000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1403950548.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
245760
|
|
|
8190000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1374261217.0000000008190000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
8190000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1782279283.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
229376
|
|
|
6FB0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.0000000006FB0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6FB0000
|
| Size: |
16384
|
|
|
82D0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1374390717.00000000082D0000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
82D0000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1785934503.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1728741766.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
DFCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380291831.000000000DFCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DFCE000
|
| Size: |
8192
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1507651343.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
875000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371256109.0000000000875000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
875000
|
| Size: |
45056
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1757848705.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1689132716.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
A01000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1371329711.0000000000A01000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
A01000
|
| Size: |
12288
|
|
|
7FF4F32DE000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393414899.00007FF4F32DE000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F32DE000
|
| Size: |
36864
|
|
|
9D0D000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009D0D000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9D0D000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1445190163.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1677871013.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1778742363.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1430148836.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
8220000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374349659.0000000008220000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8220000
|
| Size: |
4096
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1661556588.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
7FF4F30C5000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1384084633.00007FF4F30C5000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F30C5000
|
| Size: |
12288
|
|
|
2180000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1394524173.0000000002180000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2180000
|
| Size: |
53248
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1398944331.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
245760
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1441399751.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
7FF4F32C4000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393242914.00007FF4F32C4000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F32C4000
|
| Size: |
4096
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1770300974.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7541000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1373661175.0000000007541000.00000004.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7541000
|
| Size: |
200704
|
|
|
7FF4F3294000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393112193.00007FF4F3294000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3294000
|
| Size: |
8192
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1783429293.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1765148981.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7FF4F32C6000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393242914.00007FF4F32C6000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F32C6000
|
| Size: |
4096
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1733741635.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1633485026.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
A2E0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1376513291.000000000A2E0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
A2E0000
|
| Size: |
8192
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1670286971.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1629681807.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1659149100.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1645301650.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
E74E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380425192.000000000E74E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E74E000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1637409707.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1436398597.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1513897966.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
7FF4F3068000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383974673.00007FF4F3068000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3068000
|
| Size: |
57344
|
|
|
2C59000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371899319.0000000002C59000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2C59000
|
| Size: |
28672
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1623959701.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1630929333.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1782177943.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1642852642.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
2E90000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1372035056.0000000002E90000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
2E90000
|
| Size: |
8192
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1657818502.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1511452758.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
AAD0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1377638415.000000000AAD0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
AAD0000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1737864913.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8602000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374488455.0000000008602000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8602000
|
| Size: |
4096
|
|
|
880000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371270441.0000000000880000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
880000
|
| Size: |
4096
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1740304554.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8210000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374329231.0000000008210000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8210000
|
| Size: |
20480
|
|
|
7FF4F2D79000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382763444.00007FF4F2D79000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2D79000
|
| Size: |
32768
|
|
|
7150000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.0000000007150000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7150000
|
| Size: |
61440
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1731553061.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
DD50000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1698027413.000000000DD50000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
DD50000
|
| Size: |
233472
|
|
|
DF50000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1447309951.000000000DF50000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
DF50000
|
| Size: |
237568
|
|
|
7FF4F327C000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392927419.00007FF4F327C000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F327C000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1684122808.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F3284000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393064586.00007FF4F3284000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3284000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1701141283.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1428948334.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
241664
|
|
|
7FF4F30F6000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1391883701.00007FF4F30F6000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F30F6000
|
| Size: |
12288
|
|
|
7FF4F30CC000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1384084633.00007FF4F30CC000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F30CC000
|
| Size: |
20480
|
|
|
624000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1873131640.0000000000624000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
624000
|
| Size: |
4096
|
|
|
5CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1621356275.00000000005CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5CE000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1501455443.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1655368961.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1740211699.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
9B9F000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009B9F000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9B9F000
|
| Size: |
73728
|
|
|
76A0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1373737934.00000000076A0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
76A0000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1693030307.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1712650291.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
702C000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.000000000702C000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
702C000
|
| Size: |
12288
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1394015425.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
249856
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1517703106.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1433898785.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1760302762.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1515144713.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
2A20000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1371822022.0000000002A20000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
2A20000
|
| Size: |
8192
|
|
|
401000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000000.00000000.1313923338.0000000000401000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
401000
|
| Size: |
36864
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1707489675.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
7FF4F31C5000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392543672.00007FF4F31C5000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F31C5000
|
| Size: |
12288
|
|
|
420000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000000.1562474231.0000000000420000.00000002.00000001.01000000.00000005.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
420000
|
| Size: |
12288
|
|
|
BF1B000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BF1B000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BF1B000
|
| Size: |
53248
|
|
|
10016000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380880109.0000000010016000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
10016000
|
| Size: |
16384
|
|
|
7FF4F2CEC000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382204765.00007FF4F2CEC000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2CEC000
|
| Size: |
16384
|
|
|
7490000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1373575632.0000000007490000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7490000
|
| Size: |
4096
|
|
|
2F1A000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372048913.0000000002F1A000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2F1A000
|
| Size: |
118784
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1727887220.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8759000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374602284.0000000008759000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8759000
|
| Size: |
8192
|
|
|
7730000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1373768830.0000000007730000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7730000
|
| Size: |
4096
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1666082230.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
2E70000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372014056.0000000002E70000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E70000
|
| Size: |
65536
|
|
|
7FF4F2701000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1381568388.00007FF4F2701000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2701000
|
| Size: |
24576
|
|
|
BCD4000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BCD4000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BCD4000
|
| Size: |
274432
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1761551913.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1657914663.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
2D10000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1371929303.0000000002D10000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
2D10000
|
| Size: |
16384
|
|
|
DDCB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380176004.000000000DDCB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DDCB000
|
| Size: |
20480
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1642804517.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
9B92000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009B92000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9B92000
|
| Size: |
45056
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1779209092.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7FF4F3039000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383892297.00007FF4F3039000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3039000
|
| Size: |
61440
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1654886337.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
630000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1621460101.0000000000630000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
630000
|
| Size: |
16384
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1513950126.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
7FF4F3336000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393650718.00007FF4F3336000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3336000
|
| Size: |
24576
|
|
|
444A000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372728519.000000000444A000.00000004.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
444A000
|
| Size: |
12288
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1723738575.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1650306455.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
19D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1393971082.000000000019D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
19D000
|
| Size: |
12288
|
|
|
7FF4F302B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383872437.00007FF4F302B000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F302B000
|
| Size: |
28672
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1425150159.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1438898584.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1685308128.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
2D20000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371944040.0000000002D20000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2D20000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1664981289.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
BFAB000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BFAB000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BFAB000
|
| Size: |
28672
|
|
|
7EA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1394380524.00000000007EA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7EA000
|
| Size: |
8192
|
|
|
7FF4F3273000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392927419.00007FF4F3273000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3273000
|
| Size: |
12288
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1721297353.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F31A5000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392494722.00007FF4F31A5000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F31A5000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1485193154.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1505222341.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1467338393.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1477692291.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1716475659.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
AE40000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1675304106.000000000AE40000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
AE40000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1708792668.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1720304251.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1721552471.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
81C0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1677805069.00000000081C0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81C0000
|
| Size: |
65536
|
|
|
DD50000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1693030711.000000000DD50000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
DD50000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1637346799.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1407648940.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
4393000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372402282.0000000004393000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4393000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1427685676.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
241664
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1741597795.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
EE60000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380627588.000000000EE60000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
EE60000
|
| Size: |
184320
|
|
|
7FF4F31FE000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392639715.00007FF4F31FE000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F31FE000
|
| Size: |
4096
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1656088641.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1668977942.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
EBD0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1626539324.000000000EBD0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
EBD0000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1731298073.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F2CE7000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382204765.00007FF4F2CE7000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2CE7000
|
| Size: |
12288
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1485147569.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1646614738.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F2DE3000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383030308.00007FF4F2DE3000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2DE3000
|
| Size: |
8192
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1704992895.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1735144067.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1644834704.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1647345775.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1622231909.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1720353862.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8921000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374602284.0000000008921000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8921000
|
| Size: |
294912
|
|
|
81C0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1680306209.00000000081C0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81C0000
|
| Size: |
65536
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1518897276.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
7FF4F2DF3000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383064710.00007FF4F2DF3000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2DF3000
|
| Size: |
8192
|
|
|
7FF4F2DD5000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382979540.00007FF4F2DD5000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2DD5000
|
| Size: |
16384
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1502644232.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
7FF4F321A000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392717391.00007FF4F321A000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F321A000
|
| Size: |
12288
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1443899216.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
BBD0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1672823024.000000000BBD0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BBD0000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1785930187.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1775459274.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1654836635.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
7FF4F2D48000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382641743.00007FF4F2D48000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2D48000
|
| Size: |
4096
|
|
|
B170000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1691709091.000000000B170000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B170000
|
| Size: |
65536
|
|
|
4410000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372684080.0000000004410000.00000004.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4410000
|
| Size: |
4096
|
|
|
9C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1620968207.000000000009C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9C000
|
| Size: |
16384
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1670724642.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
88E6000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374602284.00000000088E6000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
88E6000
|
| Size: |
233472
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1757650051.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
2EA0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372048913.0000000002EA0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2EA0000
|
| Size: |
315392
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1648643764.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1724052222.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1752645406.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7FF4F2CF1000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382204765.00007FF4F2CF1000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2CF1000
|
| Size: |
16384
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1746457204.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1709991245.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
7FF4F2FB4000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383657047.00007FF4F2FB4000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2FB4000
|
| Size: |
4096
|
|
|
B939000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378114771.000000000B939000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B939000
|
| Size: |
28672
|
|
|
876D000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374602284.000000000876D000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
876D000
|
| Size: |
4096
|
|
|
7FF4F2D2D000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382641743.00007FF4F2D2D000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2D2D000
|
| Size: |
81920
|
|
|
B206000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1377967089.000000000B206000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B206000
|
| Size: |
40960
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1709954170.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
EE9D000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380671149.000000000EE9D000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
EE9D000
|
| Size: |
8192
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1730304526.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1497686863.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
AE40000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1748899685.000000000AE40000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
AE40000
|
| Size: |
65536
|
|
|
2461000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1570350852.0000000002461000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2461000
|
| Size: |
233472
|
|
|
7052000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.0000000007052000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7052000
|
| Size: |
4096
|
|
|
7FF4F3121000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392101871.00007FF4F3121000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3121000
|
| Size: |
16384
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1665304572.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1655306202.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
7FF4F2B94000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1381741658.00007FF4F2B94000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2B94000
|
| Size: |
12288
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1714991972.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
AE40000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1625926633.000000000AE40000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
AE40000
|
| Size: |
65536
|
|
|
A71D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1377372129.000000000A71D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A71D000
|
| Size: |
12288
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1462371630.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
AE40000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1627179565.000000000AE40000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
AE40000
|
| Size: |
65536
|
|
|
29DA000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371775837.00000000029DA000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
29DA000
|
| Size: |
24576
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1393953711.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8C80000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1375440976.0000000008C80000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
8C80000
|
| Size: |
8192
|
|
|
7FF4F325F000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392927419.00007FF4F325F000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F325F000
|
| Size: |
49152
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1463637190.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1478954565.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
7FF4F3307000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393565192.00007FF4F3307000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3307000
|
| Size: |
49152
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1760148625.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
A9E0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1377577805.000000000A9E0000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
A9E0000
|
| Size: |
8192
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1478903040.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1726608419.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1735193231.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1651136078.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
DD80000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1689226600.000000000DD80000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
DD80000
|
| Size: |
233472
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1725304958.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
E7CD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380445214.000000000E7CD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E7CD000
|
| Size: |
12288
|
|
|
7FF4F2F01000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383285690.00007FF4F2F01000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2F01000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1488955889.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1636617778.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
445A000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372746292.000000000445A000.00000004.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
445A000
|
| Size: |
12288
|
|
|
7FF4F2FD2000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383744197.00007FF4F2FD2000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2FD2000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1430201255.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1762802605.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
A8BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1377479883.000000000A8BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A8BF000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1740358801.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1662389559.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
5CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1394180548.00000000005CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5CE000
|
| Size: |
8192
|
|
|
B170000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1689140080.000000000B170000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B170000
|
| Size: |
65536
|
|
|
BBD0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1674127578.000000000BBD0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BBD0000
|
| Size: |
233472
|
|
|
BBD0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1676624198.000000000BBD0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BBD0000
|
| Size: |
233472
|
|
|
AB00000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1377729210.000000000AB00000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
AB00000
|
| Size: |
4096
|
|
|
A2FE000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1376513291.000000000A2FE000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
A2FE000
|
| Size: |
4096
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1658585578.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
C123000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000C123000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
C123000
|
| Size: |
135168
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1638653136.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
AE40000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1626398693.000000000AE40000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
AE40000
|
| Size: |
65536
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1675306094.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1738959038.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
FF52000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380880109.000000000FF52000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
FF52000
|
| Size: |
28672
|
|
|
BD75000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BD75000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BD75000
|
| Size: |
4096
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1491394295.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
7FF4F2B6E000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1381642931.00007FF4F2B6E000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2B6E000
|
| Size: |
12288
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1496400741.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
BBD0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1669044985.000000000BBD0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BBD0000
|
| Size: |
233472
|
|
|
7FF4F32B6000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393201132.00007FF4F32B6000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F32B6000
|
| Size: |
12288
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1711399497.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1649105056.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
BFA7000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BFA7000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BFA7000
|
| Size: |
8192
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1771556489.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1697089609.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
BBD0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1675372237.000000000BBD0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BBD0000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1643585320.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
24FA000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371692330.00000000024FA000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
24FA000
|
| Size: |
24576
|
|
|
7FF4F2B8F000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1381704777.00007FF4F2B8F000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2B8F000
|
| Size: |
8192
|
|
|
7FF4F3058000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383956071.00007FF4F3058000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3058000
|
| Size: |
12288
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1775394476.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
229376
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1702390191.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1435148447.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1719991385.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1699531218.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
AAC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1377607337.000000000AAC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
AAC0000
|
| Size: |
4096
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1629052948.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
9B3A000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009B3A000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9B3A000
|
| Size: |
94208
|
|
|
7FF4F23D0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1381548787.00007FF4F23D0000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F23D0000
|
| Size: |
4096
|
|
|
B14C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1377886363.000000000B14C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B14C000
|
| Size: |
16384
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1764099499.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
EE91000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380627588.000000000EE91000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
EE91000
|
| Size: |
24576
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1452334728.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1690529398.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
C1D4000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1379992755.000000000C1D4000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
C1D4000
|
| Size: |
90112
|
|
|
7FF4F2DE0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382996796.00007FF4F2DE0000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2DE0000
|
| Size: |
4096
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1787179785.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
2F52000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372048913.0000000002F52000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2F52000
|
| Size: |
12288
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1503899606.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
9B33000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009B33000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9B33000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1641136011.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F2F19000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383343871.00007FF4F2F19000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2F19000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1745359543.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1475199546.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
8996000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374602284.0000000008996000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8996000
|
| Size: |
24576
|
|
|
BDAF000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BDAF000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BDAF000
|
| Size: |
49152
|
|
|
22A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1621697484.00000000022A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
22A0000
|
| Size: |
8192
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1666710431.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1708740015.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
7FF4F2FC4000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383707770.00007FF4F2FC4000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2FC4000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1480182884.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
9F0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371314875.00000000009F0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9F0000
|
| Size: |
8192
|
|
|
7FF4F2DDD000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382996796.00007FF4F2DDD000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2DDD000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1417699975.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
241664
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1636068161.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1431397067.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
9B8C000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009B8C000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9B8C000
|
| Size: |
4096
|
|
|
2D60000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371984753.0000000002D60000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2D60000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1704888983.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
70F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1394262086.000000000070F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
70F000
|
| Size: |
4096
|
|
|
4FC000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1926600113.00000000004FC000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
4FC000
|
| Size: |
57344
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara signature match |
System Summary |
|
|
|
400000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1313908306.0000000000400000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
400000
|
| Size: |
4096
|
|
|
2F38000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372048913.0000000002F38000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2F38000
|
| Size: |
49152
|
|
|
7FF4F30AB000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383974673.00007FF4F30AB000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F30AB000
|
| Size: |
4096
|
|
|
490000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000002.1394127036.0000000000490000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
490000
|
| Size: |
106496
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1779835350.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1756450530.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1415148242.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
8796000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374602284.0000000008796000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8796000
|
| Size: |
110592
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
7DF40CFF1000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000002.00000000.1381432433.00007DF40CFF1000.00000020.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
7DF40CFF1000
|
| Size: |
4096
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1776553659.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1684056014.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1653644107.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
78C0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1373825353.00000000078C0000.00000004.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
78C0000
|
| Size: |
5242880
|
|
|
957D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375612294.000000000957D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
957D000
|
| Size: |
12288
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1764053734.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1495148051.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1662800712.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1457333100.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
7FF4F2D50000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382681391.00007FF4F2D50000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2D50000
|
| Size: |
73728
|
|
|
2F56000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372048913.0000000002F56000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2F56000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1730414217.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F30B2000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1384084633.00007FF4F30B2000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F30B2000
|
| Size: |
16384
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1695555407.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
7FF4F2F05000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383285690.00007FF4F2F05000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2F05000
|
| Size: |
4096
|
|
|
FFD3000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380880109.000000000FFD3000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
FFD3000
|
| Size: |
217088
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1737808779.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7065000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.0000000007065000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7065000
|
| Size: |
704512
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1734137188.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1510148951.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
2F58000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372048913.0000000002F58000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2F58000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1729100886.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1500199902.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
7440000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1373522449.0000000007440000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7440000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1645355558.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F2709000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1381568388.00007FF4F2709000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2709000
|
| Size: |
36864
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1644885230.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1727582123.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
4344000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372402282.0000000004344000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4344000
|
| Size: |
12288
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1631007855.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1483897780.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
20F0000
|
unclassified section
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1929668745.00000000020F0000.00000004.10000000.00040000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page read and write
|
| Base address: |
20F0000
|
| Size: |
8192
|
|
|
A20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371343247.0000000000A20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A20000
|
| Size: |
28672
|
|
|
826F000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374366659.000000000826F000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
826F000
|
| Size: |
36864
|
|
|
B0CB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1377847718.000000000B0CB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B0CB000
|
| Size: |
20480
|
|
|
E4D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1687909913.000000000E4D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
E4D0000
|
| Size: |
233472
|
|
|
7460000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1373535757.0000000007460000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
7460000
|
| Size: |
8192
|
|
|
E4D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1508953919.000000000E4D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
E4D0000
|
| Size: |
237568
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1722492234.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
7DF40CFD0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1381359522.00007DF40CFD0000.00000002.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7DF40CFD0000
|
| Size: |
4096
|
|
|
7FF4F2DA4000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382893460.00007FF4F2DA4000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2DA4000
|
| Size: |
12288
|
|
|
A799000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1377395989.000000000A799000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A799000
|
| Size: |
28672
|
|
|
7FF4F2FD0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383744197.00007FF4F2FD0000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2FD0000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1762702850.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
E510000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380317384.000000000E510000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E510000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1666126645.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
6FD0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.0000000006FD0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6FD0000
|
| Size: |
8192
|
|
|
604000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1320236102.0000000000604000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
604000
|
| Size: |
4096
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1635930340.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
590000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1371221683.0000000000590000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
590000
|
| Size: |
4096
|
|
|
7FF4F3240000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392879285.00007FF4F3240000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3240000
|
| Size: |
16384
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1788481794.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
229376
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1435199427.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1632856633.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
74E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1394282785.000000000074E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
74E000
|
| Size: |
8192
|
|
|
490000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000002.1621265169.0000000000490000.00000002.00000001.01000000.00000005.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
490000
|
| Size: |
106496
|
|
|
7B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1394361802.00000000007B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7B0000
|
| Size: |
12288
|
|
|
9C83000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009C83000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9C83000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1713857032.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
80C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1320272322.000000000080C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
80C000
|
| Size: |
180224
|
|
|
7FF4F2D82000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382763444.00007FF4F2D82000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2D82000
|
| Size: |
36864
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1707335126.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1659836550.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1423947296.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
241664
|
|
|
88BB000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374602284.00000000088BB000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
88BB000
|
| Size: |
172032
|
|
|
C50000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1371495634.0000000000C50000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
C50000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1622701907.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
DD80000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1687890966.000000000DD80000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
DD80000
|
| Size: |
233472
|
|
|
EEBF000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380671149.000000000EEBF000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
EEBF000
|
| Size: |
8192
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1480144222.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1623432141.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
400000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.1621045496.0000000000400000.00000040.00000001.01000000.00000005.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
400000
|
| Size: |
36864
|
|
|
19D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1923518898.000000000019D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
19D000
|
| Size: |
12288
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1659055214.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
74A0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1373589169.00000000074A0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
74A0000
|
| Size: |
4096
|
|
|
2460000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1621716048.0000000002460000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2460000
|
| Size: |
53248
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1472679619.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
2130000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1929934528.0000000002130000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2130000
|
| Size: |
53248
|
|
|
9C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1393935100.000000000009C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9C000
|
| Size: |
16384
|
|
|
420000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000002.1394078268.0000000000420000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
420000
|
| Size: |
12288
|
|
|
7FF4F3020000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383854369.00007FF4F3020000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3020000
|
| Size: |
24576
|
|
|
888E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374602284.000000000888E000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
888E000
|
| Size: |
176128
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
8E08000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375467729.0000000008E08000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8E08000
|
| Size: |
32768
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1712534312.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F3178000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392358051.00007FF4F3178000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3178000
|
| Size: |
4096
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1512649085.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1416472769.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
241664
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1411449413.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
241664
|
|
|
2DFC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371998306.0000000002DFC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2DFC000
|
| Size: |
16384
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1756552864.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1740149631.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1720047149.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8180000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1374241862.0000000008180000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
8180000
|
| Size: |
8192
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1763899166.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1422644958.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
7E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1394380524.00000000007E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7E0000
|
| Size: |
32768
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1752848382.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
DD50000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1694289271.000000000DD50000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
DD50000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1755147482.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B180000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1377929201.000000000B180000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B180000
|
| Size: |
8192
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1506398577.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
FF5B000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380880109.000000000FF5B000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
FF5B000
|
| Size: |
40960
|
|
|
E4D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1788498361.000000000E4D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
E4D0000
|
| Size: |
135168
|
|
|
7FF4F328E000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393085501.00007FF4F328E000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F328E000
|
| Size: |
8192
|
|
|
B9B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371451795.0000000000B9B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B9B000
|
| Size: |
20480
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1768900343.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
9B8F000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009B8F000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9B8F000
|
| Size: |
8192
|
|
|
400000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000005.00000000.1861323156.0000000000400000.00000002.00000001.01000000.00000005.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
400000
|
| Size: |
4096
|
|
|
490000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000005.00000000.1861495677.0000000000490000.00000002.00000001.01000000.00000005.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
490000
|
| Size: |
106496
|
|
|
10094000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380880109.0000000010094000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
10094000
|
| Size: |
229376
|
|
|
7DF40CFB1000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000002.00000000.1381281465.00007DF40CFB1000.00000020.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
7DF40CFB1000
|
| Size: |
4096
|
|
|
420000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1313957442.0000000000420000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
420000
|
| Size: |
12288
|
|
|
EE5A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380521718.000000000EE5A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EE5A000
|
| Size: |
20480
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1635359935.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
6FF1000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.0000000006FF1000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6FF1000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1719104224.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8200000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374311467.0000000008200000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8200000
|
| Size: |
20480
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1492748556.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
BBD0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1682883644.000000000BBD0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BBD0000
|
| Size: |
233472
|
|
|
400000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000000.1562394850.0000000000400000.00000002.00000001.01000000.00000005.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
400000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1674118762.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1702495934.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
A44000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371343247.0000000000A44000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A44000
|
| Size: |
897024
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
AC30000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1377760639.000000000AC30000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
AC30000
|
| Size: |
4096
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1641084996.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7FF4F30F3000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1391883701.00007FF4F30F3000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F30F3000
|
| Size: |
8192
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1706084916.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1735345504.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1742704444.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1636556069.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1766462327.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1727492455.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1712726782.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1732919711.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
9BD6000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375805377.0000000009BD6000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
9BD6000
|
| Size: |
4096
|
|
|
433C000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372402282.000000000433C000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
433C000
|
| Size: |
4096
|
|
|
BFB3000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BFB3000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BFB3000
|
| Size: |
8192
|
|
|
7FF4F331B000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393565192.00007FF4F331B000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F331B000
|
| Size: |
32768
|
|
|
9DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1394484134.00000000009DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9DF000
|
| Size: |
4096
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1715146653.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
7FF4F2CB6000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382114592.00007FF4F2CB6000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2CB6000
|
| Size: |
12288
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1657334570.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1736398056.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
6DE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1621533017.00000000006DE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6DE000
|
| Size: |
40960
|
|
|
A28000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371343247.0000000000A28000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A28000
|
| Size: |
110592
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1717805615.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
DD50000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1710047227.000000000DD50000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
DD50000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1761399709.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1457377951.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1451082631.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7FF4F2D95000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382838108.00007FF4F2D95000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2D95000
|
| Size: |
16384
|
|
|
C0B9000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000C0B9000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
C0B9000
|
| Size: |
20480
|
|
|
C1C0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1379992755.000000000C1C0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
C1C0000
|
| Size: |
53248
|
|
|
7EE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1394380524.00000000007EE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7EE000
|
| Size: |
45056
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1769103660.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1418897904.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1642385817.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
7FF4F3245000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392879285.00007FF4F3245000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3245000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1663667095.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1731243550.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
BD69000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BD69000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BD69000
|
| Size: |
12288
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1502686732.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
89B9000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374602284.00000000089B9000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
89B9000
|
| Size: |
90112
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1694218330.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7DF40CFD1000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000002.00000000.1381375687.00007DF40CFD1000.00000020.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
7DF40CFD1000
|
| Size: |
4096
|
|
|
7FF4F31C3000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392543672.00007FF4F31C3000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F31C3000
|
| Size: |
4096
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1647810889.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
1F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1394001677.00000000001F0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1F0000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1760200780.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
89DC000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375345240.00000000089DC000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
89DC000
|
| Size: |
229376
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1456086599.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
400000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1923575244.0000000000400000.00000040.00000001.01000000.00000005.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
400000
|
| Size: |
36864
|
|
|
2D50000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371970349.0000000002D50000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2D50000
|
| Size: |
4096
|
|
|
7FF4F2D74000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1382681391.00007FF4F2D74000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2D74000
|
| Size: |
16384
|
|
|
216F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1621660353.000000000216F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
216F000
|
| Size: |
4096
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1411399121.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
C30000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1371484514.0000000000C30000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
C30000
|
| Size: |
4096
|
|
|
6FD4000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.0000000006FD4000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6FD4000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1697479419.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1741491105.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
BBD0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1679138184.000000000BBD0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BBD0000
|
| Size: |
233472
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1420150187.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
A301000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1376513291.000000000A301000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
A301000
|
| Size: |
98304
|
|
|
C079000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000C079000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
C079000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1437698331.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
7FF4F2F78000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383415301.00007FF4F2F78000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2F78000
|
| Size: |
4096
|
|
|
BEC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BEC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BEC0000
|
| Size: |
110592
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1753954411.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
81C0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1684056057.00000000081C0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81C0000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1397696576.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
245760
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1732803258.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
7FF4F3231000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392801759.00007FF4F3231000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3231000
|
| Size: |
24576
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1410145720.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
75C0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1373690335.00000000075C0000.00000002.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
75C0000
|
| Size: |
4096
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1624687031.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1719054032.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
8AC0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1662333645.0000000008AC0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AC0000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1672713279.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1766600590.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
10054000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380880109.0000000010054000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
10054000
|
| Size: |
229376
|
|
|
8280000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1473897000.0000000008280000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8280000
|
| Size: |
65536
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1662917065.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
DD80000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1691771377.000000000DD80000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
DD80000
|
| Size: |
233472
|
|
|
772D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1373753156.000000000772D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
772D000
|
| Size: |
12288
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1482699460.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
7FF4F2F71000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383415301.00007FF4F2F71000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2F71000
|
| Size: |
24576
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1483957537.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
AE40000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1751398536.000000000AE40000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
AE40000
|
| Size: |
65536
|
|
|
B2C0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1378024610.000000000B2C0000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B2C0000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1396455911.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
245760
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1778794448.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
229376
|
|
|
750000
|
unclassified section
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1394303025.0000000000750000.00000004.10000000.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page read and write
|
| Base address: |
750000
|
| Size: |
8192
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1762854439.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
411000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000005.00000000.1861353871.0000000000411000.00000020.00000001.01000000.00000005.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
411000
|
| Size: |
61440
|
|
|
43C4000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372402282.00000000043C4000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
43C4000
|
| Size: |
90112
|
|
|
8E89000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1375492284.0000000008E89000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8E89000
|
| Size: |
28672
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1426446995.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
241664
|
|
|
7FF4F2F0F000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383343871.00007FF4F2F0F000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2F0F000
|
| Size: |
12288
|
|
|
9C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1923485118.000000000009C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9C000
|
| Size: |
16384
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1782122580.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
DF4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380274319.000000000DF4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DF4E000
|
| Size: |
8192
|
|
|
7FF4F3142000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392190104.00007FF4F3142000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F3142000
|
| Size: |
4096
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1634679102.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1754054266.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1695563883.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
E4D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1783494153.000000000E4D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
E4D0000
|
| Size: |
229376
|
|
|
7FF4F31E7000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1392639715.00007FF4F31E7000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F31E7000
|
| Size: |
49152
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1716296508.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
5E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.1621377161.00000000005E0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5E0000
|
| Size: |
36864
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara signature match |
System Summary |
|
|
|
634000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1570419516.0000000000634000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
634000
|
| Size: |
4096
|
|
|
7F9000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1394439940.00000000007F9000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
7F9000
|
| Size: |
57344
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara signature match |
System Summary |
|
|
|
8300000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1738899305.0000000008300000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
65536
|
|
|
B74F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378044636.000000000B74F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B74F000
|
| Size: |
4096
|
|
|
4356000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372402282.0000000004356000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4356000
|
| Size: |
20480
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1438946332.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1668102122.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1761452668.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
4FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1924017891.00000000004FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4FB000
|
| Size: |
4096
|
|
|
B04A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1377818644.000000000B04A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B04A000
|
| Size: |
24576
|
|
|
AECF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1377790178.000000000AECF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
AECF000
|
| Size: |
4096
|
|
|
81D0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1701241855.00000000081D0000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
81D0000
|
| Size: |
65536
|
|
|
8765000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1374602284.0000000008765000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8765000
|
| Size: |
16384
|
|
|
7FF4F2E50000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1383118697.00007FF4F2E50000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F2E50000
|
| Size: |
20480
|
|
|
7FF4F32AC000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393180737.00007FF4F32AC000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F32AC000
|
| Size: |
8192
|
|
|
6FCC000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1372960910.0000000006FCC000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6FCC000
|
| Size: |
12288
|
|
|
7FF4F32D1000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1393393836.00007FF4F32D1000.00000002.00000001.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
7FF4F32D1000
|
| Size: |
12288
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1468626278.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
237568
|
|
|
1F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.1621024269.00000000001F0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1F0000
|
| Size: |
4096
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1765345823.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1746605919.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1752698364.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
B780000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1641611890.000000000B780000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B780000
|
| Size: |
233472
|
|
|
DECF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1380222132.000000000DECF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DECF000
|
| Size: |
4096
|
|
|
BF0A000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000000.1378415259.000000000BF0A000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
BF0A000
|
| Size: |
4096
|
|
