|
AE1000
|
unkown
|
page execute and read and write
|
 |
|
|
| Name: |
00000000.00000002.1727519069.0000000000AE1000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
AE1000
|
| Size: |
393216
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found malware configuration |
AV Detection |
|
| Yara detected Amadeys stealer DLL |
Stealing of Sensitive Information |
|
| Sample uses string decryption to hide its real strings |
AV Detection |
|
|
|
3C1000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1757338610.00000000003C1000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
3C1000
|
| Size: |
393216
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys stealer DLL |
Stealing of Sensitive Information |
|
|
|
3C1000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.4138010336.00000000003C1000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
3C1000
|
| Size: |
393216
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys stealer DLL |
Stealing of Sensitive Information |
|
|
|
5B6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1757404779.00000000005B6000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
5B6000
|
| Size: |
888832
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2178033124.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
46BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729169126.00000000046BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
46BE000
|
| Size: |
8192
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2160024490.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
394000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1716058345.0000000000394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
394000
|
| Size: |
4096
|
|
|
306E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4140773266.000000000306E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
306E000
|
| Size: |
8192
|
|
|
4D90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2154301902.0000000004D90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4D90000
|
| Size: |
53248
|
|
|
137E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1706416737.000000000137E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
137E000
|
| Size: |
12288
|
|
|
3ECE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758728989.0000000003ECE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3ECE000
|
| Size: |
8192
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2160177356.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
6D4000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000005.00000000.2148749981.00000000006D4000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
6D4000
|
| Size: |
1691648
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1694209236.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
42B000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1757404779.000000000042B000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
42B000
|
| Size: |
1605632
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689729266.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1690353317.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
537F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4143863535.000000000537F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
537F000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177166371.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177758891.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1690021345.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
8192
|
|
|
367E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728693188.000000000367E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
367E000
|
| Size: |
8192
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2176443821.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2160293644.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1690193686.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
6BE000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1757404779.00000000006BE000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
6BE000
|
| Size: |
28672
|
|
|
429000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1757390762.0000000000429000.00000004.00000001.01000000.00000008.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
429000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1694748365.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
5180000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1687526890.0000000005180000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5180000
|
| Size: |
4096
|
|
|
320F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758356891.000000000320F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
320F000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2153591929.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689918673.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
6C6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.4138177961.00000000006C6000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
6C6000
|
| Size: |
36864
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1691403551.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
4950000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.1717302640.0000000004950000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4950000
|
| Size: |
4096
|
|
|
4D90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2154826433.0000000004D90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4D90000
|
| Size: |
53248
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1694624838.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
2F1F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728439896.0000000002F1F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2F1F000
|
| Size: |
4096
|
|
|
53CC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4144228243.00000000053CC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
53CC000
|
| Size: |
16384
|
|
|
4D90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2156413547.0000000004D90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4D90000
|
| Size: |
53248
|
|
|
137C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1695092616.000000000137C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
137C000
|
| Size: |
61440
|
|
|
990000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1714960359.0000000000990000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
990000
|
| Size: |
53248
|
|
|
53C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.2158394953.00000000053C0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53C0000
|
| Size: |
4096
|
|
|
3FCF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142375945.0000000003FCF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3FCF000
|
| Size: |
4096
|
|
|
4391000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1718651249.0000000004391000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4391000
|
| Size: |
49152
|
|
|
394000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1718683383.0000000000394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
394000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177007725.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
43CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142579034.00000000043CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
43CE000
|
| Size: |
8192
|
|
|
4DA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4143085720.0000000004DA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA0000
|
| Size: |
4096
|
|
|
484E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758883723.000000000484E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
484E000
|
| Size: |
8192
|
|
|
3D8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142251550.0000000003D8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3D8E000
|
| Size: |
8192
|
|
|
4970000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.1717152543.0000000004970000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4970000
|
| Size: |
8192
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2160157705.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1690247269.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1682626186.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
64E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729782737.00000000064E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64E5000
|
| Size: |
8192
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2176086775.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
38E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1757293251.000000000038E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38E000
|
| Size: |
8192
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177461101.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1690078632.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
8192
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2153573700.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
42B000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.4138177961.000000000042B000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
42B000
|
| Size: |
1605632
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1694280885.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
2E4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758244277.0000000002E4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E4F000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177227692.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
990000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1712759752.0000000000990000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
990000
|
| Size: |
53248
|
|
|
2FAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4140545399.0000000002FAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2FAE000
|
| Size: |
8192
|
|
|
4A10000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1759074001.0000000004A10000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4A10000
|
| Size: |
4096
|
|
|
157F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728403334.000000000157F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
157F000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1682509121.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
49152
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1694377478.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
5D1E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4145258791.0000000005D1E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5D1E000
|
| Size: |
8192
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1696407374.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
4D90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2156879471.0000000004D90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4D90000
|
| Size: |
53248
|
|
|
6B05000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729935920.0000000006B05000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B05000
|
| Size: |
4096
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689744984.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
12BA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728077380.00000000012BA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12BA000
|
| Size: |
8192
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177918140.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
4C4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142957060.0000000004C4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C4F000
|
| Size: |
4096
|
|
|
53B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.2158486864.00000000053B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53B0000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2176030330.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
130D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728077380.000000000130D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
130D000
|
| Size: |
262144
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1690166844.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
284F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758078087.000000000284F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
284F000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177512867.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
1290000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1683371659.0000000001290000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1290000
|
| Size: |
53248
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1690955957.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
394000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1718702350.0000000000394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
394000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1691103636.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
363F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728676916.000000000363F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
363F000
|
| Size: |
4096
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1686443530.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
39CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758576177.00000000039CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
39CE000
|
| Size: |
8192
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1697248571.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
353E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728658815.000000000353E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
353E000
|
| Size: |
8192
|
|
|
9B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1757797733.00000000009B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9B0000
|
| Size: |
16384
|
|
|
555B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4144710580.000000000555B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
555B000
|
| Size: |
20480
|
|
|
5A8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4144986167.0000000005A8F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5A8F000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2176368693.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2159714643.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
49152
|
|
|
4BA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729293770.0000000004BA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BA0000
|
| Size: |
77824
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689636381.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1690296710.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
51A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1729455180.00000000051A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51A0000
|
| Size: |
4096
|
|
|
5150000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729428102.0000000005150000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5150000
|
| Size: |
4096
|
|
|
1376000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728334460.0000000001376000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1376000
|
| Size: |
24576
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1694966622.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
4D90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2153847293.0000000004D90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4D90000
|
| Size: |
53248
|
|
|
48CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142790777.00000000048CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
48CE000
|
| Size: |
8192
|
|
|
3087000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4140905981.0000000003087000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3087000
|
| Size: |
12288
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689711279.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
137E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728334460.000000000137E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
137E000
|
| Size: |
12288
|
|
|
B42000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1727519069.0000000000B42000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B42000
|
| Size: |
20480
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2159934193.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
6D5000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000005.00000002.4138888327.00000000006D5000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
6D5000
|
| Size: |
1679360
|
|
|
DBE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1757931455.0000000000DBE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DBE000
|
| Size: |
65536
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1695031686.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
4A7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729255932.0000000004A7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A7E000
|
| Size: |
8192
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1682641011.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1694116755.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
3A3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728804238.0000000003A3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A3E000
|
| Size: |
8192
|
|
|
453F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729120837.000000000453F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
453F000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1690320889.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
5258000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729565721.0000000005258000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5258000
|
| Size: |
32768
|
|
|
1379000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1695279653.0000000001379000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1379000
|
| Size: |
12288
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2176721902.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
F8F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1727982766.0000000000F8F000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
F8F000
|
| Size: |
8192
|
|
|
990000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1715761538.0000000000990000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
990000
|
| Size: |
53248
|
|
|
4B80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729293770.0000000004B80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B80000
|
| Size: |
40960
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1696987759.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2159819008.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
144A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4139586451.000000000144A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
144A000
|
| Size: |
28672
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
5430000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.4144494000.0000000005430000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5430000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1688933116.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
49152
|
|
|
DE6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1727589507.0000000000DE6000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
DE6000
|
| Size: |
36864
|
|
|
32BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728585312.00000000032BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
32BE000
|
| Size: |
8192
|
|
|
137C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1698357997.000000000137C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
137C000
|
| Size: |
4096
|
|
|
539C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729597308.000000000539C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
539C000
|
| Size: |
16384
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177630006.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2160040851.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1690220979.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
394000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1712145856.0000000000394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
394000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1692242411.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
49A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1758945132.00000000049A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
49A0000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2176483674.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
3070000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4140826413.0000000003070000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3070000
|
| Size: |
4096
|
|
|
DB3000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1727589507.0000000000DB3000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
DB3000
|
| Size: |
102400
|
|
|
3D4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142221310.0000000003D4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3D4F000
|
| Size: |
4096
|
|
|
1290000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1683575344.0000000001290000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1290000
|
| Size: |
53248
|
|
|
6920000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729876186.0000000006920000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6920000
|
| Size: |
4096
|
|
|
1290000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1686062687.0000000001290000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1290000
|
| Size: |
53248
|
|
|
5390000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.2158504529.0000000005390000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5390000
|
| Size: |
4096
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689771617.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
388E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4141832397.000000000388E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
388E000
|
| Size: |
8192
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177280284.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
67EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729845471.00000000067EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
67EF000
|
| Size: |
4096
|
|
|
1300000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728077380.0000000001300000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1300000
|
| Size: |
45056
|
|
|
35CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4141488008.00000000035CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
35CF000
|
| Size: |
4096
|
|
|
137C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1695234729.000000000137C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
137C000
|
| Size: |
86016
|
|
|
527B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4143463291.000000000527B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
527B000
|
| Size: |
20480
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2178110903.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177435859.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1691260703.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2176982803.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2157195705.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
237568
|
|
|
1290000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1686313739.0000000001290000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1290000
|
| Size: |
53248
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177139718.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1696320447.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
51B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1729468038.00000000051B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51B0000
|
| Size: |
4096
|
|
|
FAC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4139361755.0000000000FAC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
FAC000
|
| Size: |
16384
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2175953812.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
2F20000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1686991350.0000000002F20000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2F20000
|
| Size: |
53248
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689619813.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
D3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1757881157.0000000000D3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
D3E000
|
| Size: |
8192
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1691598673.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
1290000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1685326404.0000000001290000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1290000
|
| Size: |
53248
|
|
|
3C0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4137973488.00000000003C0000.00000004.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
3C0000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2175785420.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
A20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1727436626.0000000000A20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A20000
|
| Size: |
8192
|
|
|
302E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4140745538.000000000302E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
302E000
|
| Size: |
8192
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2175987059.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
990000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1712537672.0000000000990000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
990000
|
| Size: |
53248
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1688988510.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689822847.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
34FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728639897.00000000034FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34FF000
|
| Size: |
4096
|
|
|
310E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758337231.000000000310E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
310E000
|
| Size: |
8192
|
|
|
5B6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.4138177961.00000000005B6000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
5B6000
|
| Size: |
888832
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
49CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142822834.00000000049CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
49CF000
|
| Size: |
4096
|
|
|
38BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728752000.00000000038BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38BF000
|
| Size: |
4096
|
|
|
86F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.4139307416.000000000086F000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
86F000
|
| Size: |
8192
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1682551052.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
12B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728077380.00000000012B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12B0000
|
| Size: |
36864
|
|
|
9AA000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1727405463.00000000009AA000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9AA000
|
| Size: |
24576
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2157299980.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177487427.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
DDE000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1727589507.0000000000DDE000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
DDE000
|
| Size: |
28672
|
|
|
1375000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1706416737.0000000001375000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1375000
|
| Size: |
28672
|
|
|
990000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1714444335.0000000000990000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
990000
|
| Size: |
53248
|
|
|
97F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1757764109.000000000097F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
97F000
|
| Size: |
4096
|
|
|
3C0F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758642769.0000000003C0F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C0F000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2178221233.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1693887727.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
3C1000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000005.00000000.2148671351.00000000003C1000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
3C1000
|
| Size: |
393216
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1692429588.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
4D90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2154518973.0000000004D90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4D90000
|
| Size: |
53248
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689273151.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
488F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142756039.000000000488F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
488F000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1692295213.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
422000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000005.00000000.2148671351.0000000000422000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
422000
|
| Size: |
16384
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2176870078.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
377F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728708315.000000000377F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
377F000
|
| Size: |
4096
|
|
|
6D4000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1757404779.00000000006D4000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
6D4000
|
| Size: |
4096
|
|
|
1367000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1695121644.0000000001367000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1367000
|
| Size: |
86016
|
|
|
2F30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728472959.0000000002F30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2F30000
|
| Size: |
20480
|
|
|
870C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1730118285.000000000870C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
870C000
|
| Size: |
16384
|
|
|
5BDC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4145102181.0000000005BDC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5BDC000
|
| Size: |
16384
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1682531965.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1691176502.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
478E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142735915.000000000478E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
478E000
|
| Size: |
8192
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1690508238.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2175892183.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2160310084.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
DA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.1717367725.0000000000DA0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
DA0000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2159980530.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2159788978.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
410F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758780287.000000000410F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
410F000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1690375756.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
1290000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1684574258.0000000001290000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1290000
|
| Size: |
53248
|
|
|
990000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1712973277.0000000000990000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
990000
|
| Size: |
53248
|
|
|
5C1D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4145232432.0000000005C1D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5C1D000
|
| Size: |
12288
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1696357507.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177543315.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
4D90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2155638619.0000000004D90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4D90000
|
| Size: |
53248
|
|
|
414E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142466494.000000000414E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
414E000
|
| Size: |
8192
|
|
|
328F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4141266942.000000000328F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
4096
|
|
|
549F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729690223.000000000549F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
549F000
|
| Size: |
4096
|
|
|
274F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758060204.000000000274F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
274F000
|
| Size: |
4096
|
|
|
990000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1713623743.0000000000990000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
990000
|
| Size: |
53248
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1691076576.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
6F8B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1730045438.0000000006F8B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6F8B000
|
| Size: |
20480
|
|
|
5230000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2157771147.0000000005230000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5230000
|
| Size: |
53248
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1696432336.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
384F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4141788490.000000000384F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
384F000
|
| Size: |
4096
|
|
|
4B4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142924203.0000000004B4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4B4E000
|
| Size: |
8192
|
|
|
394000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1711984556.0000000000394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
394000
|
| Size: |
4096
|
|
|
457E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729134786.000000000457E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
457E000
|
| Size: |
8192
|
|
|
5420000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.4144455516.0000000005420000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5420000
|
| Size: |
4096
|
|
|
429000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000001.00000000.1704909118.0000000000429000.00000008.00000001.01000000.00000008.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
429000
|
| Size: |
4096
|
|
|
39FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728787861.00000000039FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
39FF000
|
| Size: |
4096
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689088788.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2159917841.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
424F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758813247.000000000424F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
424F000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177032777.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
428E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758837167.000000000428E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
428E000
|
| Size: |
8192
|
|
|
3C4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142179261.0000000003C4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C4E000
|
| Size: |
8192
|
|
|
422000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.4138010336.0000000000422000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
422000
|
| Size: |
20480
|
|
|
47FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729198466.00000000047FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47FE000
|
| Size: |
8192
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2159743704.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1682596438.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
474F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142716062.000000000474F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
474F000
|
| Size: |
4096
|
|
|
3080000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4140905981.0000000003080000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3080000
|
| Size: |
16384
|
|
|
6D7C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1730028906.0000000006D7C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6D7C000
|
| Size: |
16384
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689199946.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1693773707.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
591F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4144848084.000000000591F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
591F000
|
| Size: |
4096
|
|
|
2BCF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758170881.0000000002BCF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2BCF000
|
| Size: |
4096
|
|
|
2A8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758131756.0000000002A8F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2A8F000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1692141346.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2159767794.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
14C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4140346570.00000000014C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14C0000
|
| Size: |
8192
|
|
|
709F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1706343927.000000000709F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
709F000
|
| Size: |
118784
|
|
|
338F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4141307183.000000000338F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
338F000
|
| Size: |
4096
|
|
|
1290000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1683988137.0000000001290000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1290000
|
| Size: |
53248
|
|
|
51D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1729493390.00000000051D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51D0000
|
| Size: |
4096
|
|
|
334F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758392588.000000000334F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
334F000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2157280176.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2153639343.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
51C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1729480717.00000000051C0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51C0000
|
| Size: |
4096
|
|
|
B42000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000000.00000000.1677293644.0000000000B42000.00000080.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
B42000
|
| Size: |
16384
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1694490592.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
69D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729891052.00000000069D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
69D0000
|
| Size: |
8192
|
|
|
DB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1757931455.0000000000DB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DB0000
|
| Size: |
32768
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1686394762.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
249856
|
|
|
5150000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1687692682.0000000005150000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5150000
|
| Size: |
4096
|
|
|
13F2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4139586451.00000000013F2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13F2000
|
| Size: |
4096
|
|
|
1392000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1698357997.0000000001392000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1392000
|
| Size: |
40960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
69C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729891052.00000000069C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
69C0000
|
| Size: |
8192
|
|
|
298E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758114135.000000000298E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
298E000
|
| Size: |
8192
|
|
|
370F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4141666694.000000000370F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
370F000
|
| Size: |
4096
|
|
|
12BE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728077380.00000000012BE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12BE000
|
| Size: |
159744
|
|
|
4D90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2155265754.0000000004D90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4D90000
|
| Size: |
53248
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2178006280.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689247698.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
86F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1757746205.000000000086F000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
86F000
|
| Size: |
8192
|
|
|
4B90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729293770.0000000004B90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B90000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2160193950.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689943016.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
327F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728569925.000000000327F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
327F000
|
| Size: |
4096
|
|
|
5230000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4143280448.0000000005230000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5230000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2175722224.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
990000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1713416441.0000000000990000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
990000
|
| Size: |
53248
|
|
|
4C8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4143000891.0000000004C8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C8E000
|
| Size: |
8192
|
|
|
493E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729227924.000000000493E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
493E000
|
| Size: |
8192
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1696614294.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
12FD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4139429306.00000000012FD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
12FD000
|
| Size: |
12288
|
|
|
3F3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728954160.0000000003F3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F3E000
|
| Size: |
8192
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1691649009.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
2FCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758295530.0000000002FCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2FCE000
|
| Size: |
8192
|
|
|
5170000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1687677174.0000000005170000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5170000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1694314434.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2160139178.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
400E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142403682.000000000400E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
400E000
|
| Size: |
8192
|
|
|
438F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758852987.000000000438F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
438F000
|
| Size: |
4096
|
|
|
CD6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1727589507.0000000000CD6000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
CD6000
|
| Size: |
888832
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
5ADD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4145021351.0000000005ADD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5ADD000
|
| Size: |
12288
|
|
|
303F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728514346.000000000303F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
303F000
|
| Size: |
4096
|
|
|
464E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142693324.000000000464E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
464E000
|
| Size: |
8192
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2178166822.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
641B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729715520.000000000641B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
641B000
|
| Size: |
20480
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1682567914.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
4B7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729279135.0000000004B7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4B7F000
|
| Size: |
4096
|
|
|
4BB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1698221456.0000000004BB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BB0000
|
| Size: |
4096
|
|
|
53C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.2158373186.00000000053C0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53C0000
|
| Size: |
4096
|
|
|
450E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142639815.000000000450E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
450E000
|
| Size: |
8192
|
|
|
4D90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2154067234.0000000004D90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4D90000
|
| Size: |
53248
|
|
|
1368000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728077380.0000000001368000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1368000
|
| Size: |
4096
|
|
|
4B0F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142898073.0000000004B0F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4B0F000
|
| Size: |
4096
|
|
|
66EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729829941.00000000066EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
66EF000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2160341010.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
6BE000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.4138177961.00000000006BE000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
6BE000
|
| Size: |
28672
|
|
|
390000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1757308499.0000000000390000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
390000
|
| Size: |
16384
|
|
|
990000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1713203965.0000000000990000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
990000
|
| Size: |
53248
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2160325305.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
64E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729782737.00000000064E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64E0000
|
| Size: |
8192
|
|
|
1437000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4139586451.0000000001437000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1437000
|
| Size: |
69632
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
5230000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2158091898.0000000005230000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5230000
|
| Size: |
53248
|
|
|
4D90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2156647944.0000000004D90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4D90000
|
| Size: |
53248
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2160247413.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
417F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729014533.000000000417F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
417F000
|
| Size: |
4096
|
|
|
DF5000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000000.00000002.1727851931.0000000000DF5000.00000080.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
DF5000
|
| Size: |
1679360
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2153516154.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
708C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1730061350.000000000708C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
708C000
|
| Size: |
16384
|
|
|
1310000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4139473643.0000000001310000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1310000
|
| Size: |
4096
|
|
|
2F37000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728472959.0000000002F37000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2F37000
|
| Size: |
32768
|
|
|
13C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4139586451.00000000013C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13C0000
|
| Size: |
24576
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1693960038.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
49B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1758960128.00000000049B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
49B0000
|
| Size: |
4096
|
|
|
1392000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1695092616.0000000001392000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1392000
|
| Size: |
4096
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689119235.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
167E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728421032.000000000167E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
167E000
|
| Size: |
8192
|
|
|
990000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1713833579.0000000000990000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
990000
|
| Size: |
53248
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2160000796.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
6C3D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729997459.0000000006C3D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6C3D000
|
| Size: |
12288
|
|
|
5180000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1687622193.0000000005180000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5180000
|
| Size: |
4096
|
|
|
3C0F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142158877.0000000003C0F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C0F000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1692691336.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
4960000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.1717348947.0000000004960000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4960000
|
| Size: |
4096
|
|
|
3ACF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142109277.0000000003ACF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3ACF000
|
| Size: |
4096
|
|
|
49F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1759031620.00000000049F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
49F0000
|
| Size: |
4096
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689035117.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1690446620.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
AE0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1727503542.0000000000AE0000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
AE0000
|
| Size: |
4096
|
|
|
4D90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2155045194.0000000004D90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4D90000
|
| Size: |
53248
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1686428640.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
3E8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142289846.0000000003E8F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3E8F000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2176226930.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1686495250.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
A10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1727419837.0000000000A10000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A10000
|
| Size: |
4096
|
|
|
4D90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2155886633.0000000004D90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4D90000
|
| Size: |
53248
|
|
|
467F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729154562.000000000467F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
467F000
|
| Size: |
4096
|
|
|
12F5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728077380.00000000012F5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12F5000
|
| Size: |
20480
|
|
|
4DA4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4143085720.0000000004DA4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA4000
|
| Size: |
4096
|
|
|
9C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1757192563.000000000009C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9C000
|
| Size: |
16384
|
|
|
8C10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1730135093.0000000008C10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8C10000
|
| Size: |
4096
|
|
|
5190000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1729441338.0000000005190000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5190000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1691214203.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
127E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728044914.000000000127E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
127E000
|
| Size: |
8192
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1694996524.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689968835.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689412663.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
49E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1759014402.00000000049E0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
49E0000
|
| Size: |
4096
|
|
|
A8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1727452592.0000000000A8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A8E000
|
| Size: |
8192
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1695066327.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
443E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729105662.000000000443E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
443E000
|
| Size: |
8192
|
|
|
4FC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1684283508.0000000004FC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4FC0000
|
| Size: |
184320
|
|
|
1382000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728334460.0000000001382000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1382000
|
| Size: |
184320
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689600229.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
12E6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728077380.00000000012E6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12E6000
|
| Size: |
57344
|
|
|
1290000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1685565965.0000000001290000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1290000
|
| Size: |
53248
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1690890197.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
123B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728024629.000000000123B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
123B000
|
| Size: |
20480
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1694344750.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
8192
|
|
|
990000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1715428359.0000000000990000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
990000
|
| Size: |
53248
|
|
|
14D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4140388876.00000000014D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D0000
|
| Size: |
16384
|
|
|
1382000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1706416737.0000000001382000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1382000
|
| Size: |
184320
|
|
|
B49000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1727574976.0000000000B49000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B49000
|
| Size: |
4096
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689290769.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
6B08000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729935920.0000000006B08000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B08000
|
| Size: |
12288
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177088366.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
294F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758095830.000000000294F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
294F000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2160104819.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1696532803.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689792307.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
134D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1706077606.000000000134D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
134D000
|
| Size: |
4096
|
|
|
3C0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000005.00000000.2148655426.00000000003C0000.00000002.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
3C0000
|
| Size: |
4096
|
|
|
44CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142606729.00000000044CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
44CF000
|
| Size: |
4096
|
|
|
324E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758374956.000000000324E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
324E000
|
| Size: |
8192
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1692966447.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2176058789.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
5160000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1687663101.0000000005160000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5160000
|
| Size: |
4096
|
|
|
64DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729767686.00000000064DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
64DE000
|
| Size: |
8192
|
|
|
DBA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1757931455.0000000000DBA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DBA000
|
| Size: |
8192
|
|
|
422000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1757338610.0000000000422000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
422000
|
| Size: |
20480
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2176540217.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
1351000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1706077606.0000000001351000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1351000
|
| Size: |
77824
|
|
|
DD8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1757931455.0000000000DD8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DD8000
|
| Size: |
45056
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1690400201.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
2F20000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1687243446.0000000002F20000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2F20000
|
| Size: |
53248
|
|
|
70A1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1730093769.00000000070A1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
70A1000
|
| Size: |
110592
|
|
|
33BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728601468.00000000033BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
33BF000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177331484.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1682610569.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
B4B000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1727589507.0000000000B4B000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B4B000
|
| Size: |
1605632
|
|
|
394000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1711819097.0000000000394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
394000
|
| Size: |
4096
|
|
|
7090000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1730077022.0000000007090000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7090000
|
| Size: |
61440
|
|
|
34E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1757275821.000000000034E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34E000
|
| Size: |
8192
|
|
|
D80000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1716658372.0000000000D80000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
D80000
|
| Size: |
53248
|
|
|
65EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729812924.00000000065EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
65EE000
|
| Size: |
8192
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177060679.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
B49000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000000.00000000.1677353657.0000000000B49000.00000008.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
B49000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1696564470.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
FFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728004128.0000000000FFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
FFE000
|
| Size: |
8192
|
|
|
4A0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142861602.0000000004A0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A0E000
|
| Size: |
8192
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177944196.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
4980000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1758915057.0000000004980000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4980000
|
| Size: |
4096
|
|
|
370F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758494159.000000000370F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
370F000
|
| Size: |
4096
|
|
|
1382000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1706077606.0000000001382000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1382000
|
| Size: |
184320
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2178273594.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
438F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142551113.000000000438F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
438F000
|
| Size: |
4096
|
|
|
394000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1712199114.0000000000394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
394000
|
| Size: |
4096
|
|
|
8AB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1727386695.00000000008AB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8AB000
|
| Size: |
20480
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2153608096.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
348F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4141386414.000000000348F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
348F000
|
| Size: |
4096
|
|
|
693000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1757404779.0000000000693000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
693000
|
| Size: |
102400
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2153495290.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
49152
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2176756139.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
51F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1729523070.00000000051F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51F0000
|
| Size: |
4096
|
|
|
980000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1757780882.0000000000980000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
980000
|
| Size: |
4096
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689052504.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
2ACE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758149074.0000000002ACE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2ACE000
|
| Size: |
8192
|
|
|
6D3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1730013738.0000000006D3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6D3E000
|
| Size: |
8192
|
|
|
33FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728618908.00000000033FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
33FE000
|
| Size: |
8192
|
|
|
308D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4140905981.000000000308D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
308D000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1693706322.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177577102.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
35CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758461908.00000000035CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
35CF000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1694086001.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
43FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729090854.00000000043FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
43FF000
|
| Size: |
4096
|
|
|
1368000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1706077606.0000000001368000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1368000
|
| Size: |
4096
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1686457708.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2176670908.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
394000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1711425021.0000000000394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
394000
|
| Size: |
4096
|
|
|
5180000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1687551386.0000000005180000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5180000
|
| Size: |
4096
|
|
|
34CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4141465383.00000000034CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34CE000
|
| Size: |
8192
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1691548947.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1696508066.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177977951.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
407E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728998002.000000000407E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
407E000
|
| Size: |
8192
|
|
|
136E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1706077606.000000000136E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
136E000
|
| Size: |
57344
|
|
|
AE1000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000000.00000000.1677293644.0000000000AE1000.00000080.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
AE1000
|
| Size: |
393216
|
|
|
428E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142519376.000000000428E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
428E000
|
| Size: |
8192
|
|
|
348F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758427339.000000000348F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
348F000
|
| Size: |
4096
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689343477.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1688961590.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1693857409.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
38FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728769457.00000000038FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38FE000
|
| Size: |
8192
|
|
|
3E8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758710233.0000000003E8F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3E8F000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1696480575.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
4970000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.1717224047.0000000004970000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4970000
|
| Size: |
4096
|
|
|
2F8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758278424.0000000002F8F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2F8F000
|
| Size: |
4096
|
|
|
1351000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728077380.0000000001351000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1351000
|
| Size: |
77824
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689680679.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
4970000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.1717245808.0000000004970000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4970000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2160056105.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
394000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1711666623.0000000000394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
394000
|
| Size: |
4096
|
|
|
1290000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1682840330.0000000001290000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1290000
|
| Size: |
53248
|
|
|
398F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758560767.000000000398F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
398F000
|
| Size: |
4096
|
|
|
709D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1700576329.000000000709D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
709D000
|
| Size: |
24576
|
|
|
49D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1758998199.00000000049D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
49D0000
|
| Size: |
4096
|
|
|
2D0F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758208010.0000000002D0F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D0F000
|
| Size: |
4096
|
|
|
16AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4140466266.00000000016AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
16AE000
|
| Size: |
8192
|
|
|
4970000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.1717281086.0000000004970000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4970000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2176928948.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1691313081.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
51E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1729509044.00000000051E0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51E0000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1694151126.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
403F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728978233.000000000403F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
403F000
|
| Size: |
4096
|
|
|
581E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4144754152.000000000581E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
581E000
|
| Size: |
8192
|
|
|
AD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1727486104.0000000000AD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD0000
|
| Size: |
16384
|
|
|
CFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1757865570.0000000000CFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
CFE000
|
| Size: |
8192
|
|
|
394000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1711508994.0000000000394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
394000
|
| Size: |
4096
|
|
|
4A3F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729242200.0000000004A3F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A3F000
|
| Size: |
4096
|
|
|
136E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728077380.000000000136E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
136E000
|
| Size: |
28672
|
|
|
70A4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1700576329.00000000070A4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
70A4000
|
| Size: |
495616
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2159881400.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
4970000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.1717201074.0000000004970000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4970000
|
| Size: |
4096
|
|
|
4FD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729363699.0000000004FD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4FD4000
|
| Size: |
12288
|
|
|
3FCF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758746252.0000000003FCF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3FCF000
|
| Size: |
4096
|
|
|
53A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.2158471386.00000000053A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53A0000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2160278511.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
429000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000005.00000000.2148734380.0000000000429000.00000008.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
429000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177603048.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
5400000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.4144351014.0000000005400000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5400000
|
| Size: |
4096
|
|
|
2E8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758260765.0000000002E8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E8E000
|
| Size: |
8192
|
|
|
51E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4143255776.00000000051E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
51E0000
|
| Size: |
4096
|
|
|
394000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1716118899.0000000000394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
394000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2160434579.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1696381459.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
53C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.2158450850.00000000053C0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53C0000
|
| Size: |
4096
|
|
|
990000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1714720145.0000000000990000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
990000
|
| Size: |
53248
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1690047360.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
8192
|
|
|
2E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1757259800.00000000002E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E0000
|
| Size: |
4096
|
|
|
388E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758545232.000000000388E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
388E000
|
| Size: |
8192
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2160263598.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1690423665.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689664263.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177201052.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
1290000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1685815623.0000000001290000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1290000
|
| Size: |
53248
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2160210180.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1686476342.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
460E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142662682.000000000460E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
460E000
|
| Size: |
8192
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2160230765.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
3B0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758624285.0000000003B0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B0E000
|
| Size: |
8192
|
|
|
69CE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729891052.00000000069CE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
69CE000
|
| Size: |
4096
|
|
|
3C7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728861642.0000000003C7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C7F000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177660425.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
5450000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.4144625466.0000000005450000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5450000
|
| Size: |
4096
|
|
|
47D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1713909616.00000000047D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
47D0000
|
| Size: |
188416
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177254866.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
4D90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2156177716.0000000004D90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4D90000
|
| Size: |
53248
|
|
|
990000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1714201367.0000000000990000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
990000
|
| Size: |
53248
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2160356493.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
3C1000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000001.00000000.1704777545.00000000003C1000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
3C1000
|
| Size: |
393216
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2175688475.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689104655.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1695161220.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
313F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728531559.000000000313F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
313F000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2153624360.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
422000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000001.00000000.1704777545.0000000000422000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
422000
|
| Size: |
16384
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2160452332.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
4BA8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1698221456.0000000004BA8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BA8000
|
| Size: |
8192
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689157860.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
5200000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1729536203.0000000005200000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5200000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2176831411.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1693921367.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
4DC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4143085720.0000000004DC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC0000
|
| Size: |
8192
|
|
|
5440000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.4144519204.0000000005440000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5440000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2178300003.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
384F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758528760.000000000384F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
384F000
|
| Size: |
4096
|
|
|
1366000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1706077606.0000000001366000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1366000
|
| Size: |
4096
|
|
|
2D4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758224785.0000000002D4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D4E000
|
| Size: |
8192
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2160393549.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
5180000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1687641761.0000000005180000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5180000
|
| Size: |
4096
|
|
|
645E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729732935.000000000645E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
645E000
|
| Size: |
8192
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1693987575.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
DF4000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000000.00000000.1677371450.0000000000DF4000.00000080.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
DF4000
|
| Size: |
1691648
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2153536382.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
3C0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1757324351.00000000003C0000.00000004.00000001.01000000.00000008.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
3C0000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2159837506.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
394000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1716075003.0000000000394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
394000
|
| Size: |
4096
|
|
|
374E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4141707716.000000000374E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
374E000
|
| Size: |
8192
|
|
|
142E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4139586451.000000000142E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
142E000
|
| Size: |
12288
|
|
|
990000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1715198637.0000000000990000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
990000
|
| Size: |
53248
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2176788847.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
1290000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1684814753.0000000001290000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1290000
|
| Size: |
53248
|
|
|
414E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758796801.000000000414E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
414E000
|
| Size: |
8192
|
|
|
3C0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000001.00000000.1704758752.00000000003C0000.00000002.00000001.01000000.00000008.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
3C0000
|
| Size: |
4096
|
|
|
338E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758409381.000000000338E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
338E000
|
| Size: |
8192
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1682581335.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
360E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4141588898.000000000360E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
360E000
|
| Size: |
8192
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689695989.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689890068.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
3B3F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728825638.0000000003B3F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B3F000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1691022560.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
17AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4140512478.00000000017AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
17AF000
|
| Size: |
4096
|
|
|
4990000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1758930273.0000000004990000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4990000
|
| Size: |
4096
|
|
|
5180000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1687577336.0000000005180000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5180000
|
| Size: |
4096
|
|
|
AE0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1677280075.0000000000AE0000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
AE0000
|
| Size: |
4096
|
|
|
394000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1712176790.0000000000394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
394000
|
| Size: |
4096
|
|
|
3D4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758677709.0000000003D4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3D4F000
|
| Size: |
4096
|
|
|
513F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729413889.000000000513F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
513F000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2160374686.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
137E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4139505144.000000000137E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
137E000
|
| Size: |
8192
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2157228263.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1694583019.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
317E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728550505.000000000317E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
317E000
|
| Size: |
8192
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689581147.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2153553834.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2178059208.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1690143310.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1693657472.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
4970000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.1717265078.0000000004970000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4970000
|
| Size: |
4096
|
|
|
5210000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1729551021.0000000005210000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5210000
|
| Size: |
4096
|
|
|
D80000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1757915617.0000000000D80000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
D80000
|
| Size: |
4096
|
|
|
3C4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758661725.0000000003C4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C4E000
|
| Size: |
8192
|
|
|
53D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.4144277336.00000000053D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53D0000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1690468825.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2157245240.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2157262034.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2178084952.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
1280000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728059466.0000000001280000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1280000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689858609.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689546268.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
D80000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1716905509.0000000000D80000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
D80000
|
| Size: |
53248
|
|
|
4390000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758868205.0000000004390000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4390000
|
| Size: |
4096
|
|
|
4DB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4143085720.0000000004DB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DB0000
|
| Size: |
40960
|
|
|
ACE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1727470464.0000000000ACE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
ACE000
|
| Size: |
8192
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2178192976.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1691237273.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
37BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728727840.00000000037BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
37BE000
|
| Size: |
8192
|
|
|
360E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758477188.000000000360E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
360E000
|
| Size: |
8192
|
|
|
394000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1716093759.0000000000394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
394000
|
| Size: |
4096
|
|
|
9B7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1757797733.00000000009B7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9B7000
|
| Size: |
8192
|
|
|
6B03000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729935920.0000000006B03000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B03000
|
| Size: |
4096
|
|
|
137E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1706077606.000000000137E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
137E000
|
| Size: |
12288
|
|
|
53E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.4144303392.00000000053E0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53E0000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1696454189.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
53C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.2158434465.00000000053C0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53C0000
|
| Size: |
4096
|
|
|
200000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1757243402.0000000000200000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
200000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1693800740.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1690925442.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
13BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4139532427.00000000013BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
13BE000
|
| Size: |
8192
|
|
|
13F8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4139586451.00000000013F8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13F8000
|
| Size: |
143360
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689016150.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
4B98000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729293770.0000000004B98000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B98000
|
| Size: |
8192
|
|
|
6C6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1757404779.00000000006C6000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
6C6000
|
| Size: |
36864
|
|
|
DCF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1757931455.0000000000DCF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DCF000
|
| Size: |
24576
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1691285977.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
3ECE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142327784.0000000003ECE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3ECE000
|
| Size: |
8192
|
|
|
4391000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1711271717.0000000004391000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4391000
|
| Size: |
49152
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689995237.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
429000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4138141318.0000000000429000.00000004.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
429000
|
| Size: |
4096
|
|
|
394000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1716144186.0000000000394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
394000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2176956745.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
3CBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728884387.0000000003CBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3CBE000
|
| Size: |
8192
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177113877.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
4D90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2157121154.0000000004D90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4D90000
|
| Size: |
53248
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689454159.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
398F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4141890352.000000000398F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
398F000
|
| Size: |
4096
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689435099.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
6B00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729935920.0000000006B00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B00000
|
| Size: |
8192
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2160080681.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177715629.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
503E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729399834.000000000503E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
503E000
|
| Size: |
8192
|
|
|
DF4000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1727589507.0000000000DF4000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
DF4000
|
| Size: |
4096
|
|
|
400E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758763193.000000000400E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
400E000
|
| Size: |
8192
|
|
|
318F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4141184556.000000000318F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
318F000
|
| Size: |
4096
|
|
|
693000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.4138177961.0000000000693000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
693000
|
| Size: |
102400
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177876669.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177785815.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
374E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758510614.000000000374E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
374E000
|
| Size: |
8192
|
|
|
3D8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758694419.0000000003D8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3D8E000
|
| Size: |
8192
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177306314.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
51E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2155342710.00000000051E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
51E0000
|
| Size: |
176128
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1690106427.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
8192
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177382674.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
3B0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142136412.0000000003B0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B0E000
|
| Size: |
8192
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1690987595.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
3B7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728842567.0000000003B7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B7E000
|
| Size: |
8192
|
|
|
42FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729075133.00000000042FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
42FE000
|
| Size: |
8192
|
|
|
13C7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4139586451.00000000013C7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13C7000
|
| Size: |
172032
|
|
|
598E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4144883424.000000000598E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
598E000
|
| Size: |
8192
|
|
|
3DFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728917053.0000000003DFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3DFE000
|
| Size: |
8192
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177356936.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
4D8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4143052013.0000000004D8F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4D8F000
|
| Size: |
4096
|
|
|
1393000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1695265890.0000000001393000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1393000
|
| Size: |
36864
|
|
|
141E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4139586451.000000000141E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
141E000
|
| Size: |
61440
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
494F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758899366.000000000494F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
494F000
|
| Size: |
4096
|
|
|
1366000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728077380.0000000001366000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1366000
|
| Size: |
4096
|
|
|
1290000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1683780690.0000000001290000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1290000
|
| Size: |
53248
|
|
|
47BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729183935.00000000047BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47BF000
|
| Size: |
4096
|
|
|
3ACF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758599963.0000000003ACF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3ACF000
|
| Size: |
4096
|
|
|
53C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.2158414850.00000000053C0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53C0000
|
| Size: |
4096
|
|
|
5410000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.4144379324.0000000005410000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5410000
|
| Size: |
4096
|
|
|
42BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729056704.00000000042BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
42BE000
|
| Size: |
8192
|
|
|
1290000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1683050449.0000000001290000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1290000
|
| Size: |
53248
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1694660349.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
53F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.4144326149.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53F0000
|
| Size: |
4096
|
|
|
6D5000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000001.00000002.1757632972.00000000006D5000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
6D5000
|
| Size: |
1679360
|
|
|
424F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142496179.000000000424F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
424F000
|
| Size: |
4096
|
|
|
9FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1757848100.00000000009FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9FE000
|
| Size: |
8192
|
|
|
4FD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729363699.0000000004FD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4FD0000
|
| Size: |
8192
|
|
|
2FEC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4140653627.0000000002FEC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2FEC000
|
| Size: |
16384
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2175833639.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
53C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.2158334438.00000000053C0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53C0000
|
| Size: |
8192
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1693737066.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2178247419.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
308B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4140905981.000000000308B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
308B000
|
| Size: |
4096
|
|
|
1392000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1695234729.0000000001392000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1392000
|
| Size: |
40960
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177688897.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2178139235.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
3EFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728935662.0000000003EFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3EFF000
|
| Size: |
4096
|
|
|
D7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1757897868.0000000000D7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
D7E000
|
| Size: |
8192
|
|
|
2F20000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728457632.0000000002F20000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2F20000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2159856967.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689069023.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
6D4000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000001.00000000.1704951745.00000000006D4000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
6D4000
|
| Size: |
1691648
|
|
|
34CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758444832.00000000034CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34CE000
|
| Size: |
8192
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1690532927.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
1290000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1684192973.0000000001290000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1290000
|
| Size: |
53248
|
|
|
6D4000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.4138177961.00000000006D4000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
6D4000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2159901970.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2177408052.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
48FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729213841.00000000048FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
48FF000
|
| Size: |
4096
|
|
|
410F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4142427518.000000000410F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
410F000
|
| Size: |
4096
|
|
|
535B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729582157.000000000535B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
535B000
|
| Size: |
20480
|
|
|
4A00000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1759050211.0000000004A00000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4A00000
|
| Size: |
4096
|
|
|
649E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729749899.000000000649E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
649E000
|
| Size: |
8192
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1694046419.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
3DBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1728900912.0000000003DBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3DBF000
|
| Size: |
4096
|
|
|
DD6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1757931455.0000000000DD6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DD6000
|
| Size: |
4096
|
|
|
19D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1757226660.000000000019D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
19D000
|
| Size: |
12288
|
|
|
5180000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1687483308.0000000005180000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5180000
|
| Size: |
8192
|
|
|
4B81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1690273884.0000000004B81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B81000
|
| Size: |
4096
|
|
|
4DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2175924278.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DA1000
|
| Size: |
4096
|
|
|
4391000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1716012544.0000000004391000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4391000
|
| Size: |
253952
|
|
|
30CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758319884.00000000030CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
30CF000
|
| Size: |
4096
|
|
|
49C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.1758980913.00000000049C0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
49C0000
|
| Size: |
4096
|
|
|
14D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.2160412939.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14D4000
|
| Size: |
4096
|
|
|
39CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.4141988707.00000000039CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
39CE000
|
| Size: |
8192
|
|
|
2C0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1758189366.0000000002C0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2C0E000
|
| Size: |
8192
|
|
|
41BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729037421.00000000041BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
41BE000
|
| Size: |
8192
|
|
|
AD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1689225633.0000000000AD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD4000
|
| Size: |
4096
|
|
|
68EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1729860312.00000000068EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
68EF000
|
| Size: |
4096
|
|
