Automated Malware Analysis IOC Report for

Details

Name:	0000001C.00000002.2360212907.0000000000400000.00000040.00000400.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	remote allocation
Protect:	page execute and read and write
Base address:	400000
Size:	327680

Signature Hits	Behavior Group	Mitre Attack
Yara detected LummaC Stealer	Stealing of Sensitive Information, Remote Access Functionality

Details

Name:	00000021.00000002.3826493901.00000000005D2000.00000040.00000400.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	remote allocation
Protect:	page execute and read and write
Base address:	5D2000
Size:	45056

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected AsyncRAT	Key, Mouse, Clipboard, Microphone and Screen Capturing, Boot Survival, Malware Analysis System Evasion, Lowering of HIPS / PFW / Operating System Security Settings	Scheduled Task/Job Obfuscated Files or Information
Sample uses string decryption to hide its real strings	AV Detection
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)	Malware Analysis System Evasion	Security Software Discovery
Yara signature match	System Summary
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000022.00000000.2383752799.0000000000E42000.00000002.00000001.01000000.00000012.sdmp
TargetID:	34
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	E42000
Size:	77824

Signature Hits	Behavior Group	Mitre Attack
Yara detected PureLog Stealer	Stealing of Sensitive Information, Remote Access Functionality
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000021.00000002.3850144625.00000000037F7000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	37F7000
Size:	4775936

Signature Hits	Behavior Group	Mitre Attack
Yara detected PureLog Stealer	Stealing of Sensitive Information, Remote Access Functionality

Details

Name:	00000022.00000002.2441813803.0000000004289000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4289000
Size:	1081344

Signature Hits	Behavior Group	Mitre Attack
Found malware configuration	AV Detection
Yara detected LummaC Stealer	Stealing of Sensitive Information, Remote Access Functionality
Yara detected PureLog Stealer	Stealing of Sensitive Information, Remote Access Functionality
Sample uses string decryption to hide its real strings	AV Detection
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000023.00000002.2495523874.0000000000400000.00000040.00000400.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	remote allocation
Protect:	page execute and read and write
Base address:	400000
Size:	327680

Signature Hits	Behavior Group	Mitre Attack
Yara detected LummaC Stealer	Stealing of Sensitive Information, Remote Access Functionality

Details

Name:	00000015.00000003.2367943062.0000000000D5D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	D5D000
Size:	12288

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected AsyncRAT	Key, Mouse, Clipboard, Microphone and Screen Capturing, Boot Survival, Malware Analysis System Evasion, Lowering of HIPS / PFW / Operating System Security Settings	Scheduled Task/Job Obfuscated Files or Information
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)	Malware Analysis System Evasion	Security Software Discovery
Yara signature match	System Summary

Details

Name:	00000021.00000002.3845410116.00000000027F1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	27F1000
Size:	241664

Signature Hits	Behavior Group	Mitre Attack
Found malware configuration	AV Detection
URLs found in memory or binary data	Networking

Details

Name:	00000015.00000003.2364999913.000000000357D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	357D000
Size:	90112

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected AsyncRAT	Key, Mouse, Clipboard, Microphone and Screen Capturing, Boot Survival, Malware Analysis System Evasion, Lowering of HIPS / PFW / Operating System Security Settings	Scheduled Task/Job Obfuscated Files or Information
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)	Malware Analysis System Evasion	Security Software Discovery
Yara signature match	System Summary

Details

Name:	0000001B.00000000.2235967496.00000000006D2000.00000002.00000001.01000000.0000000E.sdmp
TargetID:	27
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	6D2000
Size:	61440

Signature Hits	Behavior Group	Mitre Attack
Yara detected PureLog Stealer	Stealing of Sensitive Information, Remote Access Functionality
Found many strings related to Crypto-Wallets (likely being stolen)	Stealing of Sensitive Information	Data from Local System
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000015.00000003.2368010607.0000000000D53000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	D53000
Size:	40960

Signature Hits	Behavior Group	Mitre Attack
Yara detected AsyncRAT	Key, Mouse, Clipboard, Microphone and Screen Capturing, Boot Survival, Malware Analysis System Evasion, Lowering of HIPS / PFW / Operating System Security Settings	Scheduled Task/Job Obfuscated Files or Information

Details

Name:	00000015.00000003.2304989721.0000000000D3C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	D3C000
Size:	110592

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected AsyncRAT	Key, Mouse, Clipboard, Microphone and Screen Capturing, Boot Survival, Malware Analysis System Evasion, Lowering of HIPS / PFW / Operating System Security Settings	Scheduled Task/Job Obfuscated Files or Information
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)	Malware Analysis System Evasion	Security Software Discovery
Yara signature match	System Summary

Details

Name:	00000021.00000002.3863094921.0000000006650000.00000004.08000000.00040000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library section
Protect:	page read and write
Base address:	6650000
Size:	376832

Signature Hits	Behavior Group	Mitre Attack
Yara detected PureLog Stealer	Stealing of Sensitive Information, Remote Access Functionality

Details

Name:	00000001.00000002.1453160328.0000000000A41000.00000040.00000001.01000000.00000003.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	A41000
Size:	393216

Signature Hits	Behavior Group	Mitre Attack
Found malware configuration	AV Detection
Yara detected Amadeys stealer DLL	Stealing of Sensitive Information
Sample uses string decryption to hide its real strings	AV Detection

Details

Name:	00000015.00000003.2364999913.0000000003561000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3561000
Size:	45056

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected AsyncRAT	Key, Mouse, Clipboard, Microphone and Screen Capturing, Boot Survival, Malware Analysis System Evasion, Lowering of HIPS / PFW / Operating System Security Settings	Scheduled Task/Job Obfuscated Files or Information
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)	Malware Analysis System Evasion	Security Software Discovery
Yara signature match	System Summary

Details

Name:	00000015.00000003.2304907487.0000000003561000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3561000
Size:	368640

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected AsyncRAT	Key, Mouse, Clipboard, Microphone and Screen Capturing, Boot Survival, Malware Analysis System Evasion, Lowering of HIPS / PFW / Operating System Security Settings	Scheduled Task/Job Obfuscated Files or Information
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)	Malware Analysis System Evasion	Security Software Discovery
Yara signature match	System Summary

Details

Name:	00000015.00000003.2364999913.000000000356D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	356D000
Size:	45056

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected AsyncRAT	Key, Mouse, Clipboard, Microphone and Screen Capturing, Boot Survival, Malware Analysis System Evasion, Lowering of HIPS / PFW / Operating System Security Settings	Scheduled Task/Job Obfuscated Files or Information
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)	Malware Analysis System Evasion	Security Software Discovery
Yara signature match	System Summary

Details

Name:	00000015.00000003.2304833110.00000000035BB000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	35BB000
Size:	102400

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected AsyncRAT	Key, Mouse, Clipboard, Microphone and Screen Capturing, Boot Survival, Malware Analysis System Evasion, Lowering of HIPS / PFW / Operating System Security Settings	Scheduled Task/Job Obfuscated Files or Information
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)	Malware Analysis System Evasion	Security Software Discovery
Yara signature match	System Summary

Details

Name:	00000015.00000003.2367752148.0000000000D3C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	D3C000
Size:	147456

Signature Hits	Behavior Group	Mitre Attack
Malicious sample detected (through community Yara rule)	System Summary
Yara detected AsyncRAT	Key, Mouse, Clipboard, Microphone and Screen Capturing, Boot Survival, Malware Analysis System Evasion, Lowering of HIPS / PFW / Operating System Security Settings	Scheduled Task/Job Obfuscated Files or Information
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)	Malware Analysis System Evasion	Security Software Discovery
Yara signature match	System Summary

Details

Name:	00000015.00000003.2371054112.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	D54000
Size:	36864

Signature Hits	Behavior Group	Mitre Attack
Yara detected AsyncRAT	Key, Mouse, Clipboard, Microphone and Screen Capturing, Boot Survival, Malware Analysis System Evasion, Lowering of HIPS / PFW / Operating System Security Settings	Scheduled Task/Job Obfuscated Files or Information

Details

Name:	00000002.00000002.1465365653.00000000002F1000.00000040.00000001.01000000.00000007.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2F1000
Size:	393216

Signature Hits	Behavior Group	Mitre Attack
Yara detected Amadeys stealer DLL	Stealing of Sensitive Information

Details

Name:	00000006.00000002.3826362038.00000000002F1000.00000040.00000001.01000000.00000007.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	2F1000
Size:	393216

Signature Hits	Behavior Group	Mitre Attack
Yara detected Amadeys stealer DLL	Stealing of Sensitive Information

Details

Name:	0000001B.00000002.2415043769.00000000039F9000.00000004.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	39F9000
Size:	749568

Signature Hits	Behavior Group	Mitre Attack
Yara detected LummaC Stealer	Stealing of Sensitive Information, Remote Access Functionality
Yara detected PureLog Stealer	Stealing of Sensitive Information, Remote Access Functionality
Binary contains paths to debug symbols	Compliance, System Summary

Details

Name:	00000021.00000002.3844022032.0000000000AF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	AF0000
Size:	4096

Details

Name:	00000021.00000002.3864693514.00000000FEEC0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	FEEC0000
Size:	4096

Details

Name:	00000021.00000002.3844094540.0000000000B3E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	B3E000
Size:	8192

Details

Name:	00000021.00000002.3845410116.00000000028F1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	28F1000
Size:	4096

Details

Name:	00000022.00000002.2438822818.000000000322E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	322E000
Size:	8192

Details

Name:	00000009.00000002.1927158234.0000000002BAE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2BAE000
Size:	8192

Details

Name:	0000001C.00000002.2360481255.0000000001461000.00000004.00000020.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1461000
Size:	102400

Signature Hits	Behavior Group	Mitre Attack
Found many strings related to Crypto-Wallets (likely being stolen)	Stealing of Sensitive Information	Data from Local System
AV process strings found (often used to terminate AV products)	Lowering of HIPS / PFW / Operating System Security Settings	Security Software Discovery
URLs found in memory or binary data	Networking

Details

Name:	00000001.00000000.1355092501.0000000000A40000.00000002.00000001.01000000.00000003.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	A40000
Size:	4096

Details

Name:	00000015.00000002.2377769551.0000000002EB4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2EB4000
Size:	8192

Details

Name:	00000015.00000003.2374538332.0000000000A58000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A58000
Size:	20480

Details

Name:	00000002.00000002.1466334656.0000000002C5E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2C5E000
Size:	8192

Details

Name:	00000015.00000002.2377881064.00000000032B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	32B1000
Size:	4096

Details

Name:	00000001.00000003.1413993401.00000000016B5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16B5000
Size:	53248

Details

Name:	00000001.00000003.1413993401.00000000016AD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16AD000
Size:	4096

Details

Name:	00000021.00000002.3863578482.0000000006750000.00000040.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	6750000
Size:	12288

Details

Name:	00000001.00000003.1408686683.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000001.00000003.1409638512.00000000016EF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16EF000
Size:	4096

Details

Name:	00000019.00000002.1981551736.000002CA67591000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CA67591000
Size:	28672

Details

Name:	00000001.00000003.1363262457.00000000014B0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	14B0000
Size:	53248

Details

Name:	00000023.00000002.2498155053.0000000003B14000.00000004.00000800.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3B14000
Size:	4096

Details

Name:	00000019.00000002.1981551736.000002CA67570000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CA67570000
Size:	28672

Details

Name:	00000006.00000003.1864589437.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000002.00000003.1424358066.0000000000A00000.00000004.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	A00000
Size:	53248

Details

Name:	00000006.00000003.1864290850.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000011.00000003.1947693412.000000000281B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	281B000
Size:	8192

Details

Name:	00000001.00000002.1460733636.000000000690F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	690F000
Size:	4096

Details

Name:	00000023.00000002.2495864729.0000000001150000.00000004.00000020.00040000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1150000
Size:	4096

Details

Name:	00000015.00000003.2372166004.0000000000BA9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	BA9000
Size:	77824

Details

Name:	00000001.00000002.1453301756.0000000000D60000.00000040.00000001.01000000.00000003.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	D60000
Size:	32768

Details

Name:	00000022.00000002.2438586272.00000000018B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	18B0000
Size:	8192

Details

Name:	00000006.00000003.1840660996.0000000001270000.00000004.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1270000
Size:	53248

Details

Name:	00000002.00000002.1466666330.000000000375F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	375F000
Size:	4096

Details

Name:	00000021.00000002.3862880605.00000000061EE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	61EE000
Size:	8192

Details

Name:	00000009.00000002.1926074543.000000000068A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	68A000
Size:	8192

Details

Name:	00000006.00000000.1834036900.0000000000627000.00000080.00000001.01000000.00000007.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and write copy
Base address:	627000
Size:	1794048

Details

Name:	00000022.00000002.2438297701.00000000017EE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	17EE000
Size:	8192

Details

Name:	0000001C.00000002.2361690700.0000000003DB3000.00000004.00000800.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3DB3000
Size:	4096

Details

Name:	00000006.00000002.3846015366.0000000003E9F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3E9F000
Size:	4096

Details

Name:	00000001.00000002.1460349443.000000000527B000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	527B000
Size:	20480

Details

Name:	00000002.00000002.1465173173.00000000000CC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	CC000
Size:	16384

Details

Name:	00000015.00000003.1953178028.00000000009DF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	9DF000
Size:	131072

Details

Name:	00000001.00000003.1408446179.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000006.00000003.1865023004.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000021.00000002.3845410116.000000000290E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	290E000
Size:	4096

Details

Name:	00000021.00000002.3863997944.00000000067D0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	67D0000
Size:	65536

Details

Name:	00000015.00000003.2371922437.0000000000C1C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C1C000
Size:	8192

Details

Name:	0000000E.00000002.1943091019.0000000002440000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2440000
Size:	28672

Details

Name:	00000011.00000002.1948173877.0000000002802000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2802000
Size:	81920

Details

Name:	00000001.00000002.1460853253.0000000006B4F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6B4F000
Size:	4096

Details

Name:	00000015.00000003.2371079757.0000000000CB6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	CB6000
Size:	40960

Details

Name:	00000006.00000002.3826911779.0000000000610000.00000040.00000001.01000000.00000007.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	610000
Size:	32768

Details

Name:	00000015.00000003.2372733725.0000000000B79000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B79000
Size:	8192

Details

Name:	00000015.00000000.1952053511.0000000000113000.00000002.00000001.01000000.0000000B.sdmp
TargetID:	21
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	113000
Size:	40960

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	00000006.00000003.1846514285.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000001.00000003.1413267045.00000000016C6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16C6000
Size:	4096

Details

Name:	0000001A.00000002.3832424121.0000000000DFD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	DFD000
Size:	53248

Details

Name:	00000006.00000002.3847415461.0000000005180000.00000040.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5180000
Size:	4096

Details

Name:	00000001.00000003.1413426593.00000000016C3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16C3000
Size:	8192

Details

Name:	00000015.00000003.2375688403.00000000009D8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	9D8000
Size:	20480

Details

Name:	00000001.00000003.1368746391.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	49152

Details

Name:	00000009.00000002.1927373763.00000000042A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	42A0000
Size:	4096

Details

Name:	0000001A.00000000.1977385254.0000000000733000.00000002.00000001.01000000.0000000D.sdmp
TargetID:	26
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	733000
Size:	40960

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	00000015.00000002.2377499893.0000000000CFB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	CFB000
Size:	45056

Details

Name:	00000009.00000000.1915525480.0000000000500000.00000002.00000001.01000000.00000009.sdmp
TargetID:	9
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	500000
Size:	65536

Details

Name:	00000001.00000002.1454398038.000000000143E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	143E000
Size:	8192

Details

Name:	0000001B.00000002.2413339072.00000000027C0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	27C0000
Size:	4096

Details

Name:	00000009.00000002.1926193177.00000000006F1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6F1000
Size:	20480

Details

Name:	00000015.00000003.1958467380.000000000372E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	372E000
Size:	45056

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	00000001.00000002.1461121410.000000000887F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	887F000
Size:	4096

Details

Name:	00000001.00000003.1408714175.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000015.00000003.2372495001.0000000000B52000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B52000
Size:	73728

Details

Name:	00000022.00000000.2383824979.0000000000E56000.00000002.00000001.01000000.00000012.sdmp
TargetID:	34
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	E56000
Size:	4096

Details

Name:	00000001.00000002.1460100391.00000000048BE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	48BE000
Size:	8192

Details

Name:	00000021.00000002.3826493901.00000000005DE000.00000040.00000400.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	remote allocation
Protect:	page execute and read and write
Base address:	5DE000
Size:	4096

Details

Name:	00000011.00000002.1948011514.000000000067C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	67C000
Size:	16384

Details

Name:	0000000C.00000002.1937864134.0000000002F4E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2F4E000
Size:	8192

Details

Name:	00000001.00000002.1456132249.000000000161E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	161E000
Size:	221184

Details

Name:	00000002.00000002.1466182113.0000000002797000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2797000
Size:	8192

Details

Name:	00000001.00000003.1368790616.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000009.00000002.1926675282.00000000021C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	21C0000
Size:	12288

Details

Name:	00000022.00000002.2442625612.00000000056E9000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	56E9000
Size:	4096

Details

Name:	0000001A.00000003.1996172627.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000015.00000003.2375740265.0000000000C5B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C5B000
Size:	16384

Details

Name:	0000001A.00000003.1982671384.0000000000CF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CF0000
Size:	159744

Details

Name:	00000002.00000002.1466165321.000000000278E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	278E000
Size:	8192

Details

Name:	00000002.00000002.1466182113.0000000002790000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2790000
Size:	16384

Details

Name:	00000015.00000003.2375309069.00000000009A4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	9A4000
Size:	8192

Details

Name:	00000022.00000000.2383850835.0000000000E5A000.00000002.00000001.01000000.00000012.sdmp
TargetID:	34
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	E5A000
Size:	335872

Details

Name:	00000001.00000003.1408470985.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000016.00000002.2104925818.000000000453E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	22
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	453E000
Size:	8192

Details

Name:	00000015.00000003.1956905890.0000000000864000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	864000
Size:	4096

Details

Name:	00000015.00000003.1955601700.0000000003560000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3560000
Size:	159744

Details

Name:	00000001.00000003.1371171984.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000016.00000002.2104716123.000000000084C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	22
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	84C000
Size:	16384

Details

Name:	00000015.00000003.2373051678.0000000000B2D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B2D000
Size:	4096

Details

Name:	00000006.00000002.3845571218.000000000389E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	389E000
Size:	8192

Details

Name:	00000001.00000002.1461141783.00000000089EB000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	89EB000
Size:	20480

Details

Name:	00000006.00000003.1863232208.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000001.00000003.1371614770.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000002.00000002.1467035071.00000000043DF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	43DF000
Size:	4096

Details

Name:	00000021.00000002.3863714435.0000000006770000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6770000
Size:	131072

Details

Name:	00000001.00000003.1373235586.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000023.00000002.2497457549.000000000378F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	378F000
Size:	4096

Details

Name:	0000001A.00000002.3826458056.0000000000120000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	120000
Size:	16384

Details

Name:	00000001.00000002.1458722003.00000000016B5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	16B5000
Size:	53248

Details

Name:	00000015.00000003.2372038511.0000000000BF6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	BF6000
Size:	12288

Details

Name:	00000006.00000003.1845620829.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	49152

Details

Name:	00000009.00000002.1925564744.0000000000510000.00000004.00000020.00040000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	510000
Size:	4096

Details

Name:	0000001A.00000002.3838468500.0000000000F1B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	F1B000
Size:	172032

Details

Name:	0000000C.00000002.1937995805.0000000003070000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3070000
Size:	20480

Details

Name:	00000006.00000002.3846183212.000000000401E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	401E000
Size:	8192

Details

Name:	00000015.00000003.2371286403.0000000000CAC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	CAC000
Size:	40960

Details

Name:	00000002.00000002.1466222749.000000000289F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	289F000
Size:	4096

Details

Name:	00000022.00000002.2443067158.0000000005710000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5710000
Size:	32768

Details

Name:	0000001A.00000003.1978608135.00000000004F6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4F6000
Size:	954368

Details

Name:	00000001.00000003.1371511344.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	0000001C.00000002.2361281551.0000000003A50000.00000004.00000020.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3A50000
Size:	4096

Details

Name:	00000006.00000003.1846216189.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000001.00000003.1360985868.00000000014B0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	14B0000
Size:	53248

Details

Name:	00000015.00000003.2373001754.0000000000AFE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	AFE000
Size:	45056

Details

Name:	00000015.00000002.2376853575.0000000000B8C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	B8C000
Size:	4096

Details

Name:	00000015.00000003.2374538332.0000000000A6E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A6E000
Size:	8192

Details

Name:	00000002.00000003.1430372733.0000000000214000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	214000
Size:	4096

Details

Name:	00000009.00000002.1926835751.000000000220E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	220E000
Size:	8192

Details

Name:	00000006.00000003.1863282236.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000006.00000003.1838864347.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000002.00000002.1466313771.0000000002C1F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2C1F000
Size:	4096

Details

Name:	00000022.00000002.2437850701.00000000015FA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	15FA000
Size:	8192

Details

Name:	00000006.00000003.1845996125.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000001.00000002.1459020180.00000000016DB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	16DB000
Size:	49152

Details

Name:	00000006.00000002.3845636903.000000000399F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	399F000
Size:	4096

Details

Name:	00000009.00000002.1927084824.00000000027CF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	27CF000
Size:	4096

Details

Name:	00000015.00000003.2373949423.0000000000A5D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A5D000
Size:	8192

Details

Name:	00000002.00000002.1466594704.00000000034DF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	34DF000
Size:	4096

Details

Name:	00000021.00000002.3862800382.0000000005A7C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5A7C000
Size:	16384

Details

Name:	00000006.00000003.1846193556.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000015.00000002.2376696757.0000000000A6E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	A6E000
Size:	8192

Details

Name:	00000001.00000003.1367290991.00000000053C0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	53C0000
Size:	4096

Details

Name:	00000021.00000002.3826276887.000000000049C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	49C000
Size:	16384

Details

Name:	00000019.00000002.1981359241.000000DB1F1FF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	DB1F1FF000
Size:	4096

Details

Name:	00000006.00000003.1864258570.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000015.00000003.2374141162.0000000000A48000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A48000
Size:	12288

Details

Name:	0000001B.00000002.2412343720.0000000000CB3000.00000040.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	CB3000
Size:	4096

Details

Name:	00000002.00000003.1425265147.00000000049D0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	49D0000
Size:	4096

Details

Name:	00000019.00000002.1982212416.000002CA69000000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CA69000000
Size:	4096

Details

Name:	00000001.00000003.1413063860.000000000716E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	716E000
Size:	4096

Details

Name:	00000021.00000002.3826955675.0000000000816000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	816000
Size:	12288

Details

Name:	00000002.00000002.1466449709.000000000301E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	301E000
Size:	8192

Details

Name:	00000022.00000002.2442931244.0000000005709000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5709000
Size:	4096

Details

Name:	00000002.00000003.1425566621.00000000049B0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	49B0000
Size:	4096

Details

Name:	0000001B.00000002.2413247219.0000000000F80000.00000004.00000020.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	F80000
Size:	12288

Details

Name:	00000006.00000002.3846474153.00000000043DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	43DE000
Size:	8192

Details

Name:	00000021.00000002.3842345096.0000000000AC6000.00000040.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	AC6000
Size:	12288

Details

Name:	00000021.00000002.3862297343.000000000587E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	587E000
Size:	8192

Details

Name:	00000016.00000002.2104759397.00000000028D0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	22
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	28D0000
Size:	24576

Details

Name:	00000015.00000003.2373549660.0000000000AAC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	AAC000
Size:	8192

Details

Name:	0000001B.00000002.2413099585.0000000000F20000.00000040.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	F20000
Size:	32768

Details

Name:	00000022.00000002.2438917292.0000000003240000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3240000
Size:	12288

Details

Name:	00000001.00000003.1410149393.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	0000001C.00000002.2360212907.0000000000459000.00000040.00000400.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	remote allocation
Protect:	page execute and read and write
Base address:	459000
Size:	16384

Details

Name:	00000015.00000003.2374593434.0000000000A0C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A0C000
Size:	4096

Details

Name:	00000015.00000002.2377533209.0000000000D0F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	D0F000
Size:	40960

Details

Name:	00000023.00000002.2496241414.0000000001442000.00000004.00000020.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1442000
Size:	98304

Signature Hits	Behavior Group	Mitre Attack
AV process strings found (often used to terminate AV products)	Lowering of HIPS / PFW / Operating System Security Settings	Security Software Discovery
URLs found in memory or binary data	Networking

Details

Name:	00000006.00000003.1846275607.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000001.00000002.1456132249.000000000161A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	161A000
Size:	8192

Details

Name:	0000001A.00000002.3838653073.0000000000F46000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	F46000
Size:	339968

Details

Name:	0000000E.00000002.1943746496.00000000027A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	27A0000
Size:	20480

Details

Name:	0000001A.00000002.3836088537.0000000000EA0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	EA0000
Size:	53248

Details

Name:	0000001A.00000003.1984393735.0000000000CF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CF0000
Size:	159744

Details

Name:	00000021.00000002.3844234802.0000000000B80000.00000040.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	B80000
Size:	65536

Details

Name:	00000021.00000002.3845410116.0000000002912000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2912000
Size:	4096

Details

Name:	00000021.00000002.3862000384.00000000056FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	56FE000
Size:	8192

Details

Name:	00000015.00000002.2376671563.0000000000A2B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	A2B000
Size:	8192

Details

Name:	00000002.00000003.1423636218.00000000043E1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	43E1000
Size:	233472

Details

Name:	00000006.00000002.3845678310.00000000039DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	39DE000
Size:	8192

Details

Name:	00000015.00000003.1954442976.00000000033B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	33B0000
Size:	155648

Details

Name:	00000021.00000002.3850144625.00000000037F1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	37F1000
Size:	20480

Details

Name:	0000001A.00000002.3830455831.0000000000B2F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	B2F000
Size:	4096

Details

Name:	00000001.00000002.1458971075.00000000016D5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	16D5000
Size:	16384

Details

Name:	00000001.00000003.1409848722.00000000016EF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16EF000
Size:	4096

Details

Name:	00000006.00000003.1864078434.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000002.00000003.1424746985.0000000000A00000.00000004.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	A00000
Size:	53248

Details

Name:	00000001.00000003.1407424621.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000009.00000002.1925417627.0000000000420000.00000004.00000001.01000000.00000009.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	420000
Size:	36864

Details

Name:	0000001B.00000002.2412652452.0000000000CFA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	CFA000
Size:	8192

Details

Name:	00000019.00000002.1982054369.000002CA676E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CA676E0000
Size:	16384

Details

Name:	00000001.00000000.1355107346.0000000000AA2000.00000080.00000001.01000000.00000003.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and write copy
Base address:	AA2000
Size:	16384

Details

Name:	0000001B.00000002.2412652452.0000000000D33000.00000004.00000020.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	D33000
Size:	266240

Details

Name:	0000001A.00000003.1995362055.0000000000124000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	124000
Size:	4096

Details

Name:	00000015.00000003.1972774250.00000000032B2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	32B2000
Size:	4096

Details

Name:	00000002.00000002.1467185972.0000000004A20000.00000040.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4A20000
Size:	4096

Details

Name:	00000006.00000002.3846514671.00000000044DF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	44DF000
Size:	4096

Details

Name:	00000006.00000003.1864881995.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000021.00000002.3840350143.0000000000AC0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	AC0000
Size:	4096

Details

Name:	00000001.00000003.1371026595.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000023.00000002.2498080864.0000000003AFC000.00000004.00000800.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3AFC000
Size:	8192

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000001.00000003.1367428112.00000000053B0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	53B0000
Size:	4096

Details

Name:	00000023.00000002.2495898581.000000000126E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	126E000
Size:	8192

Details

Name:	00000001.00000002.1460690486.00000000067CE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	67CE000
Size:	8192

Details

Name:	0000001A.00000003.1982208175.0000000000CF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CF0000
Size:	159744

Details

Name:	00000002.00000003.1421132627.00000000007E0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	7E0000
Size:	53248

Details

Name:	00000002.00000003.1425309746.00000000049D0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	49D0000
Size:	4096

Details

Name:	00000015.00000002.2376151686.00000000001C9000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	1C9000
Size:	28672

Details

Name:	00000019.00000002.1982249520.000002CA69350000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CA69350000
Size:	4096

Details

Name:	0000001A.00000003.1995479994.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000022.00000002.2438471353.0000000001850000.00000004.00000020.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1850000
Size:	12288

Details

Name:	0000001A.00000003.1979568106.0000000000CF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CF0000
Size:	159744

Details

Name:	0000000C.00000002.1938235987.0000000004DF0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4DF0000
Size:	4096

Details

Name:	00000001.00000003.1371710820.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	0000001A.00000003.1978314619.0000000000D63000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	D63000
Size:	307200

Details

Name:	00000015.00000003.1973098507.00000000032B2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	32B2000
Size:	4096

Details

Name:	00000023.00000002.2496241414.000000000143A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	143A000
Size:	20480

Details

Name:	0000000C.00000002.1938151768.0000000004D9E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4D9E000
Size:	8192

Details

Name:	00000002.00000003.1430412286.0000000000214000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	214000
Size:	4096

Details

Name:	0000000C.00000002.1937935111.0000000002FCF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2FCF000
Size:	4096

Details

Name:	00000015.00000003.2375446858.0000000000990000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	990000
Size:	24576

Details

Name:	00000015.00000003.1958066782.0000000000D2C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	D2C000
Size:	131072

Details

Name:	00000002.00000003.1425095086.00000000049D0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	49D0000
Size:	8192

Details

Name:	00000001.00000003.1413177296.0000000007160000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	7160000
Size:	4096

Details

Name:	0000001B.00000002.2411891311.0000000000AF9000.00000004.00000010.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	AF9000
Size:	28672

Details

Name:	0000001A.00000003.1996537243.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000001.00000002.1459421714.00000000036FF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	36FF000
Size:	4096

Details

Name:	00000015.00000003.2305499526.00000000032B2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	32B2000
Size:	4096

Details

Name:	00000001.00000003.1408800856.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000015.00000003.1959624140.00000000032B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	32B1000
Size:	212992

Details

Name:	00000001.00000003.1409128491.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000009.00000002.1925639829.0000000000580000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	580000
Size:	16384

Details

Name:	0000000E.00000002.1944003036.00000000044CF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	44CF000
Size:	4096

Details

Name:	00000022.00000002.2437850701.00000000015F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	15F0000
Size:	32768

Details

Name:	00000021.00000002.3838732910.0000000000ABD000.00000040.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	ABD000
Size:	4096

Details

Name:	00000023.00000002.2498155053.0000000003B12000.00000004.00000800.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3B12000
Size:	4096

Details

Name:	00000019.00000003.1979655163.000002CA675A7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675A7000
Size:	32768

Details

Name:	00000006.00000003.1864768817.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000002.00000002.1467146719.0000000004A00000.00000040.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4A00000
Size:	4096

Details

Name:	00000015.00000002.2376533581.0000000000995000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	995000
Size:	4096

Details

Name:	00000021.00000002.3845410116.0000000002902000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2902000
Size:	4096

Details

Name:	00000015.00000003.1973005555.00000000032B2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	32B2000
Size:	4096

Details

Name:	00000015.00000003.2373491233.0000000000A97000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A97000
Size:	94208

Details

Name:	00000001.00000003.1409248112.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000021.00000002.3843947076.0000000000ADB000.00000040.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	ADB000
Size:	4096

Details

Name:	00000015.00000002.2377404495.0000000000CBD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	CBD000
Size:	12288

Details

Name:	0000001B.00000002.2415043769.00000000039F5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	39F5000
Size:	4096

Details

Name:	00000023.00000002.2497379973.000000000361F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	361F000
Size:	4096

Details

Name:	00000023.00000002.2498896588.0000000003B8F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3B8F000
Size:	24576

Details

Name:	00000006.00000003.1863792206.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000015.00000003.1953216718.0000000000995000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	995000
Size:	303104

Details

Name:	00000015.00000003.2374111318.0000000000A47000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A47000
Size:	16384

Details

Name:	0000000C.00000002.1938082753.0000000004D1E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4D1E000
Size:	8192

Details

Name:	00000021.00000002.3863613549.0000000006762000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6762000
Size:	57344

Details

Name:	00000001.00000002.1460281066.0000000004DA0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4DA0000
Size:	40960

Details

Name:	00000001.00000000.1355178229.0000000000D77000.00000080.00000001.01000000.00000003.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and write copy
Base address:	D77000
Size:	1794048

Details

Name:	00000021.00000002.3844963807.00000000025E0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	25E0000
Size:	20480

Details

Name:	00000015.00000003.2364999913.0000000003579000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3579000
Size:	4096

Details

Name:	00000015.00000003.2372941452.0000000000B18000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B18000
Size:	57344

Details

Name:	00000001.00000002.1459815840.00000000040FF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	40FF000
Size:	4096

Details

Name:	0000000E.00000002.1943682044.000000000275E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	275E000
Size:	8192

Details

Name:	00000006.00000002.3843876236.00000000012F6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	12F6000
Size:	147456

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery
URLs found in memory or binary data	Networking

Details

Name:	0000001B.00000002.2415572797.0000000004F50000.00000004.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4F50000
Size:	36864

Details

Name:	00000002.00000002.1465792252.0000000000628000.00000080.00000001.01000000.00000007.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and write copy
Base address:	628000
Size:	1773568

Details

Name:	00000023.00000002.2497574324.00000000038FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	38FE000
Size:	8192

Details

Name:	00000006.00000003.1846357146.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000015.00000002.2377459093.0000000000CF1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	CF1000
Size:	36864

Details

Name:	0000001A.00000003.1996391764.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000015.00000002.2377717072.00000000013EE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	13EE000
Size:	8192

Details

Name:	00000015.00000003.2364999913.00000000035BA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	35BA000
Size:	4096

Details

Name:	00000001.00000003.1367451162.0000000005390000.00000040.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5390000
Size:	4096

Details

Name:	00000001.00000002.1454187315.0000000000F29000.00000040.00000001.01000000.00000003.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	F29000
Size:	8192

Details

Name:	00000001.00000003.1374845042.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000015.00000003.2374593434.0000000000A2B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A2B000
Size:	8192

Details

Name:	00000015.00000003.1957151302.0000000003560000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3560000
Size:	159744

Details

Name:	00000011.00000002.1948521192.00000000042A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	42A0000
Size:	8192

Details

Name:	00000001.00000003.1410417812.0000000001704000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1704000
Size:	4096

Details

Name:	00000015.00000003.2375619184.0000000000B24000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B24000
Size:	4096

Details

Name:	00000021.00000002.3832402685.00000000008E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	8E0000
Size:	28672

Details

Name:	00000001.00000003.1372957299.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000006.00000002.3846554063.000000000451E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	451E000
Size:	8192

Details

Name:	0000001C.00000002.2361461712.0000000003D91000.00000004.00000800.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3D91000
Size:	12288

Details

Name:	0000001A.00000003.1978377544.0000000000DCD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	DCD000
Size:	4096

Details

Name:	00000015.00000002.2377377795.0000000000CB3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	CB3000
Size:	12288

Details

Name:	00000021.00000002.3832402685.0000000000915000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	915000
Size:	4096

Details

Name:	00000015.00000003.2371110886.0000000000C87000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C87000
Size:	192512

Details

Name:	00000015.00000002.2376565813.00000000009A4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	9A4000
Size:	8192

Details

Name:	00000001.00000003.1413219582.0000000006800000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6800000
Size:	8192

Details

Name:	00000006.00000002.3847439069.0000000005190000.00000040.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5190000
Size:	4096

Details

Name:	00000001.00000003.1364521275.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	0000000E.00000002.1942949995.000000000218C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	218C000
Size:	16384

Details

Name:	00000015.00000003.2372443123.0000000000B88000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B88000
Size:	20480

Details

Name:	00000006.00000003.1846418028.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000002.00000002.1467231057.0000000004A40000.00000040.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4A40000
Size:	4096

Details

Name:	00000015.00000003.1956958914.0000000000864000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	864000
Size:	4096

Details

Name:	00000015.00000003.2375473449.0000000000D19000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	D19000
Size:	69632

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	0000001A.00000003.1996208436.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000001.00000003.1407453792.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000015.00000003.1954247646.0000000000864000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	864000
Size:	4096

Details

Name:	00000015.00000003.2373674358.0000000000A90000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A90000
Size:	28672

Details

Name:	00000022.00000002.2437091811.0000000001446000.00000004.00000020.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1446000
Size:	12288

Details

Name:	0000001A.00000002.3844102127.00000000010EA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	10EA000
Size:	32768

Details

Name:	00000015.00000003.2374899846.00000000009D8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	9D8000
Size:	20480

Details

Name:	00000006.00000002.3826911779.000000000035B000.00000040.00000001.01000000.00000007.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	35B000
Size:	1683456

Details

Name:	00000009.00000000.1915482380.000000000040C000.00000008.00000001.01000000.00000009.sdmp
TargetID:	9
Dumpstage:	process new
Regiontype:	unkown
Protect:	page write copy
Base address:	40C000
Size:	4096

Details

Name:	0000001B.00000002.2411851099.00000000007CC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7CC000
Size:	16384

Details

Name:	00000002.00000003.1423014282.00000000007E0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	7E0000
Size:	53248

Details

Name:	00000006.00000003.1839743674.0000000001270000.00000004.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1270000
Size:	53248

Details

Name:	00000001.00000003.1407522554.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000001.00000003.1407943092.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	0000001A.00000002.3826912895.0000000000671000.00000020.00000001.01000000.0000000D.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute read
Base address:	671000
Size:	638976

Details

Name:	00000006.00000002.3838755715.0000000001110000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1110000
Size:	8192

Details

Name:	0000001A.00000003.1981946828.0000000000124000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	124000
Size:	4096

Details

Name:	00000001.00000003.1361628054.00000000014B0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	14B0000
Size:	53248

Details

Name:	00000011.00000002.1948599557.0000000006670000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6670000
Size:	4096

Details

Name:	00000006.00000002.3846937597.0000000004B20000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B20000
Size:	40960

Details

Name:	00000022.00000002.2439095636.00000000034E7000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	34E7000
Size:	2781184

Details

Name:	00000006.00000003.1863851469.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000015.00000003.2371777378.0000000000BC5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	BC5000
Size:	151552

Details

Name:	00000001.00000002.1459909579.000000000437F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	437F000
Size:	4096

Details

Name:	0000001A.00000000.1977276966.0000000000670000.00000002.00000001.01000000.0000000D.sdmp
TargetID:	26
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	670000
Size:	4096

Details

Name:	00000001.00000002.1458722003.00000000016B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	16B1000
Size:	12288

Details

Name:	0000001A.00000003.1982465396.0000000000CF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CF0000
Size:	159744

Details

Name:	0000000E.00000002.1943091019.000000000248C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	248C000
Size:	16384

Details

Name:	00000006.00000002.3846717910.000000000479E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	479E000
Size:	8192

Details

Name:	00000009.00000002.1926193177.000000000071F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	71F000
Size:	12288

Details

Name:	00000002.00000003.1419440309.0000000000214000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	214000
Size:	4096

Details

Name:	00000019.00000002.1981091936.000000DB1EDFF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	DB1EDFF000
Size:	4096

Details

Name:	0000001A.00000002.3830455831.0000000000B4F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	B4F000
Size:	4096

Details

Name:	00000015.00000002.2377934090.00000000035BA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	35BA000
Size:	4096

Details

Name:	00000002.00000002.1465365653.0000000000352000.00000040.00000001.01000000.00000007.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	352000
Size:	20480

Details

Name:	00000001.00000003.1408498013.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000021.00000002.3857875920.0000000005476000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5476000
Size:	4096

Details

Name:	00000002.00000002.1466612502.000000000351E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	351E000
Size:	8192

Details

Name:	00000019.00000003.1978631302.000002CA675D8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675D8000
Size:	20480

Details

Name:	00000023.00000002.2497417506.000000000368E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	368E000
Size:	8192

Details

Name:	00000015.00000003.1973257264.00000000032B2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	32B2000
Size:	4096

Details

Name:	0000001C.00000002.2361782298.0000000003E2C000.00000004.00000800.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3E2C000
Size:	16384

Details

Name:	00000015.00000003.2373674358.0000000000A87000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A87000
Size:	32768

Details

Name:	00000015.00000003.2372038511.0000000000C02000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C02000
Size:	73728

Details

Name:	00000001.00000002.1459888143.000000000427E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	427E000
Size:	8192

Details

Name:	00000001.00000002.1459503380.000000000387E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	387E000
Size:	8192

Details

Name:	00000023.00000002.2497301577.000000000341D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	341D000
Size:	12288

Details

Name:	0000001B.00000002.2412491434.0000000000CDA000.00000040.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	CDA000
Size:	4096

Details

Name:	00000022.00000002.2437632213.00000000015C4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	15C4000
Size:	24576

Details

Name:	00000015.00000003.2375085990.00000000035BA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	35BA000
Size:	4096

Details

Name:	00000001.00000003.1371421603.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000019.00000003.1978317414.000002CA675A7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675A7000
Size:	221184

Details

Name:	0000001A.00000003.1996136707.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000002.00000002.1465979879.0000000000A2E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	A2E000
Size:	151552

Details

Name:	00000011.00000002.1948060972.00000000027B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	27B0000
Size:	4096

Details

Name:	00000009.00000002.1926193177.00000000006F7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6F7000
Size:	61440

Details

Name:	00000022.00000002.2436900847.0000000000F8C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	F8C000
Size:	16384

Details

Name:	00000006.00000003.1863765920.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	0000001A.00000002.3826593044.00000000004E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4E0000
Size:	12288

Details

Name:	00000021.00000002.3845410116.0000000002914000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2914000
Size:	4096

Details

Name:	00000002.00000002.1467072281.000000000489E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	489E000
Size:	8192

Details

Name:	00000019.00000003.1979458395.000002CA675DC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675DC000
Size:	4096

Details

Name:	0000001A.00000002.3836197640.0000000000EAE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	EAE000
Size:	57344

Details

Name:	00000001.00000002.1459743981.0000000003EBE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3EBE000
Size:	8192

Details

Name:	00000006.00000003.1864952335.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000006.00000003.1846035907.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000015.00000003.2373001754.0000000000AF5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	AF5000
Size:	32768

Details

Name:	00000015.00000003.2373336099.0000000000ACF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	ACF000
Size:	4096

Details

Name:	0000001B.00000002.2412652452.0000000000CFE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	CFE000
Size:	110592

Details

Name:	00000006.00000002.3845462644.000000000375E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	375E000
Size:	8192

Details

Name:	00000006.00000003.1841074537.0000000001270000.00000004.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1270000
Size:	53248

Details

Name:	0000001C.00000002.2361782298.0000000003E20000.00000004.00000800.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3E20000
Size:	8192

Details

Name:	00000001.00000002.1460924404.0000000008502000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	8502000
Size:	8192

Details

Name:	00000019.00000003.1979170300.000002CA675D5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675D5000
Size:	12288

Details

Name:	00000015.00000003.2371365124.0000000000C54000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C54000
Size:	49152

Details

Name:	00000015.00000003.2374030014.0000000000A4B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A4B000
Size:	73728

Details

Name:	00000015.00000002.2377624084.0000000000D51000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	D51000
Size:	8192

Details

Name:	00000001.00000002.1459138042.00000000030EC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	30EC000
Size:	16384

Details

Name:	00000011.00000003.1947504850.0000000006678000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6678000
Size:	45056

Details

Name:	00000019.00000003.1978436084.000002CA675DE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675DE000
Size:	4096

Details

Name:	0000001A.00000002.3843971828.00000000010AB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	10AB000
Size:	253952

Details

Name:	00000006.00000003.1861763124.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000006.00000003.1864163073.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000001.00000002.1454350181.00000000013D0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	13D0000
Size:	8192

Details

Name:	00000002.00000000.1413222423.00000000002F1000.00000080.00000001.01000000.00000007.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and write copy
Base address:	2F1000
Size:	393216

Details

Name:	00000021.00000002.3838602555.0000000000AB0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	AB0000
Size:	40960

Details

Name:	00000001.00000002.1460371160.000000000537F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	537F000
Size:	4096

Details

Name:	00000001.00000003.1363030365.00000000014B0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	14B0000
Size:	53248

Details

Name:	0000001C.00000002.2361461712.0000000003DA3000.00000004.00000800.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3DA3000
Size:	4096

Details

Name:	00000015.00000003.2373607456.0000000000A90000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A90000
Size:	28672

Details

Name:	00000006.00000002.3835542162.0000000000628000.00000080.00000001.01000000.00000007.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and write copy
Base address:	628000
Size:	1773568

Details

Name:	0000001A.00000003.1982019100.0000000000124000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	124000
Size:	4096

Details

Name:	00000021.00000002.3854501022.0000000004C2E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4C2E000
Size:	8192

Details

Name:	00000015.00000002.2378087875.0000000003EFF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3EFF000
Size:	4096

Details

Name:	00000006.00000000.1833951138.00000000002F1000.00000080.00000001.01000000.00000007.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and write copy
Base address:	2F1000
Size:	393216

Details

Name:	00000001.00000003.1409848722.00000000016DB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16DB000
Size:	36864

Details

Name:	00000001.00000003.1371564370.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000015.00000003.2374141162.0000000000A46000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A46000
Size:	4096

Details

Name:	00000002.00000003.1427619457.00000000043E1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	43E1000
Size:	49152

Details

Name:	00000002.00000002.1465454592.0000000000619000.00000040.00000001.01000000.00000007.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	619000
Size:	36864

Details

Name:	00000001.00000003.1413267045.00000000016E8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16E8000
Size:	159744

Details

Name:	00000006.00000003.1862073583.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000001.00000002.1459291500.000000000337E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	337E000
Size:	8192

Details

Name:	0000001B.00000002.2415420314.0000000004F45000.00000004.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4F45000
Size:	36864

Details

Name:	00000006.00000002.3845733861.0000000003ADF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3ADF000
Size:	4096

Details

Name:	0000001C.00000002.2361375571.0000000003CF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3CF0000
Size:	45056

Signature Hits	Behavior Group	Mitre Attack
AV process strings found (often used to terminate AV products)	Lowering of HIPS / PFW / Operating System Security Settings	Security Software Discovery
URLs found in memory or binary data	Networking

Details

Name:	00000021.00000002.3862989394.0000000006630000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6630000
Size:	65536

Details

Name:	00000015.00000003.2374593434.0000000000A1C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A1C000
Size:	12288

Details

Name:	00000021.00000002.3862704766.00000000059FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	59FE000
Size:	8192

Details

Name:	00000015.00000003.2375309069.000000000099F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	99F000
Size:	12288

Details

Name:	00000015.00000002.2376119357.0000000000125000.00000002.00000001.01000000.0000000B.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	125000
Size:	90112

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	0000001C.00000002.2361333706.0000000003BBE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3BBE000
Size:	8192

Details

Name:	0000000C.00000002.1937685885.0000000002E63000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2E63000
Size:	4096

Details

Name:	0000000E.00000002.1943975414.000000000448E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	448E000
Size:	8192

Details

Name:	00000006.00000002.3836239359.00000000007D9000.00000040.00000001.01000000.00000007.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	7D9000
Size:	8192

Details

Name:	00000002.00000003.1419264250.0000000000214000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	214000
Size:	4096

Details

Name:	00000022.00000002.2442625612.00000000056D4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	56D4000
Size:	8192

Details

Name:	00000006.00000002.3843810786.00000000012A0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	12A0000
Size:	4096

Details

Name:	00000019.00000003.1978490160.000002CA675CA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675CA000
Size:	28672

Details

Name:	0000001A.00000002.3844102127.00000000010FA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	10FA000
Size:	90112

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	0000001B.00000002.2412652452.0000000000D24000.00000004.00000020.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	D24000
Size:	24576

Details

Name:	00000009.00000003.1925081526.0000000000707000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	707000
Size:	86016

Details

Name:	00000006.00000003.1844069991.0000000005110000.00000040.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5110000
Size:	8192

Details

Name:	00000002.00000002.1466088822.0000000000E2F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	E2F000
Size:	4096

Details

Name:	00000021.00000002.3830460885.00000000008C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	8C0000
Size:	8192

Details

Name:	00000015.00000002.2376399644.0000000000960000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	960000
Size:	12288

Details

Name:	0000001A.00000003.1996712731.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000023.00000002.2495778930.0000000000DEB000.00000004.00000010.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	DEB000
Size:	20480

Details

Name:	0000000E.00000002.1944096740.0000000004530000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4530000
Size:	4096

Details

Name:	00000006.00000002.3847465123.00000000051A0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	51A0000
Size:	4096

Details

Name:	00000009.00000002.1925417627.000000000042C000.00000004.00000001.01000000.00000009.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	42C000
Size:	4096

Details

Name:	00000015.00000003.1957051670.0000000003560000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3560000
Size:	159744

Details

Name:	00000019.00000003.1978744147.000002CA675D4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675D4000
Size:	16384

Details

Name:	00000015.00000003.2372528143.0000000000B79000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B79000
Size:	8192

Details

Name:	00000006.00000003.1863365189.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	0000000C.00000002.1937563730.0000000002CC6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CC6000
Size:	8192

Details

Name:	0000001A.00000002.3836555366.0000000000F01000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	F01000
Size:	102400

Details

Name:	00000021.00000002.3836030384.0000000000958000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	958000
Size:	16384

Details

Name:	00000021.00000002.3843498934.0000000000ACA000.00000040.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	ACA000
Size:	12288

Details

Name:	0000000C.00000002.1937563730.0000000002CC0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CC0000
Size:	16384

Details

Name:	00000006.00000003.1841850799.0000000001270000.00000004.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1270000
Size:	53248

Details

Name:	0000001A.00000003.1996097791.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000006.00000002.3845829518.0000000003C1F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3C1F000
Size:	4096

Details

Name:	00000021.00000002.3856423124.0000000005110000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5110000
Size:	12288

Details

Name:	0000001C.00000002.2361052194.00000000034FF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	34FF000
Size:	4096

Details

Name:	00000015.00000003.1959307242.0000000003660000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3660000
Size:	159744

Details

Name:	00000001.00000003.1413426593.00000000016B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16B1000
Size:	12288

Details

Name:	00000011.00000003.1947693412.00000000027F7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	27F7000
Size:	126976

Details

Name:	00000001.00000002.1459692433.0000000003D7E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3D7E000
Size:	8192

Details

Name:	00000001.00000002.1461074432.000000000873C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	873C000
Size:	16384

Details

Name:	00000002.00000002.1465454592.000000000035B000.00000040.00000001.01000000.00000007.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	35B000
Size:	1683456

Details

Name:	0000001A.00000003.1982091935.0000000000CF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CF0000
Size:	159744

Details

Name:	0000001A.00000003.1983672197.0000000000CF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CF0000
Size:	159744

Details

Name:	00000006.00000003.2149363866.000000000137A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	137A000
Size:	8192

Details

Name:	00000015.00000000.1951952171.0000000000051000.00000020.00000001.01000000.0000000B.sdmp
TargetID:	21
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute read
Base address:	51000
Size:	638976

Details

Name:	00000015.00000003.2374811945.00000000009D2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	9D2000
Size:	45056

Details

Name:	00000021.00000002.3845410116.00000000028ED000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	28ED000
Size:	4096

Details

Name:	00000009.00000002.1925336630.000000000019B000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	19B000
Size:	20480

Details

Name:	00000002.00000002.1467051525.00000000043E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	43E0000
Size:	4096

Details

Name:	0000001C.00000002.2361303661.0000000003B5E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3B5E000
Size:	8192

Details

Name:	00000001.00000003.1413817140.00000000016C3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16C3000
Size:	8192

Details

Name:	00000006.00000003.1846398958.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000001.00000003.1364002778.00000000014B0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	14B0000
Size:	53248

Details

Name:	00000019.00000002.1981867410.000002CA675CB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675CB000
Size:	8192

Details

Name:	00000011.00000002.1948313675.000000000293E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	293E000
Size:	8192

Details

Name:	00000002.00000003.1423521460.00000000007E0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	7E0000
Size:	53248

Details

Name:	0000001A.00000003.1979425790.0000000000CF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CF0000
Size:	159744

Details

Name:	00000006.00000003.1863626702.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	0000001A.00000003.1996289406.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000015.00000002.2377430995.0000000000CD3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	CD3000
Size:	12288

Details

Name:	00000006.00000002.3847535633.00000000052BB000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	52BB000
Size:	20480

Details

Name:	00000015.00000002.2377305438.0000000000C8D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	C8D000
Size:	69632

Details

Name:	00000001.00000003.1407277544.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000006.00000002.3845230342.00000000034DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	34DE000
Size:	8192

Details

Name:	00000019.00000002.1980866088.000000DB1E9FF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	DB1E9FF000
Size:	4096

Details

Name:	00000006.00000002.3836421496.00000000007DB000.00000080.00000001.01000000.00000007.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and write copy
Base address:	7DB000
Size:	8192

Details

Name:	00000002.00000002.1466109275.000000000260E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	260E000
Size:	8192

Details

Name:	0000001C.00000002.2361200434.00000000038FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	38FE000
Size:	8192

Details

Name:	00000001.00000003.1408368288.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000009.00000003.1920979912.00000000006E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6E0000
Size:	8192

Details

Name:	00000011.00000003.1947817287.00000000027FF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	27FF000
Size:	94208

Details

Name:	00000001.00000003.1367385408.00000000053C0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	53C0000
Size:	4096

Details

Name:	00000001.00000003.1371254739.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000015.00000003.1958013824.0000000003561000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3561000
Size:	471040

Details

Name:	00000015.00000003.2375421274.0000000000C45000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C45000
Size:	12288

Details

Name:	00000006.00000002.3843876236.0000000001348000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1348000
Size:	331776

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000006.00000003.1842768489.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000001.00000002.1460514068.0000000005410000.00000040.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5410000
Size:	4096

Details

Name:	0000001C.00000002.2361461712.0000000003D89000.00000004.00000800.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3D89000
Size:	28672

Details

Name:	00000001.00000003.1413219582.0000000006806000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6806000
Size:	4096

Details

Name:	00000009.00000002.1925538930.0000000000500000.00000002.00000001.01000000.00000009.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	500000
Size:	65536

Details

Name:	00000015.00000003.1958467380.000000000373C000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	373C000
Size:	102400

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000001.00000003.1372126062.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000015.00000003.1972956861.00000000032B2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	32B2000
Size:	4096

Details

Name:	00000011.00000002.1948173877.0000000002817000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2817000
Size:	12288

Details

Name:	0000001C.00000002.2360981999.0000000002F9E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2F9E000
Size:	8192

Details

Name:	00000006.00000002.3845023863.000000000325E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	325E000
Size:	8192

Details

Name:	00000006.00000003.1845694396.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000023.00000002.2495956680.0000000001295000.00000004.00000020.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1295000
Size:	12288

Details

Name:	0000001A.00000003.1996616738.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000019.00000003.1978709013.000002CA67598000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2CA67598000
Size:	57344

Details

Name:	00000001.00000002.1460492215.0000000005400000.00000040.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5400000
Size:	4096

Details

Name:	00000006.00000003.1863591833.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000006.00000002.3843876236.00000000012F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	12F0000
Size:	4096

Details

Name:	00000021.00000002.3845410116.00000000028DF000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	28DF000
Size:	4096

Details

Name:	00000015.00000000.1952053511.00000000000ED000.00000002.00000001.01000000.0000000B.sdmp
TargetID:	21
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	ED000
Size:	151552

Details

Name:	00000019.00000002.1981551736.000002CA67578000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CA67578000
Size:	81920

Details

Name:	00000019.00000002.1982054369.000002CA676EC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CA676EC000
Size:	12288

Details

Name:	00000002.00000002.1466534536.000000000329E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	329E000
Size:	8192

Details

Name:	00000001.00000002.1459445767.000000000373E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	373E000
Size:	8192

Details

Name:	00000006.00000002.3847152682.00000000050DF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	50DF000
Size:	4096

Details

Name:	00000015.00000003.1956868640.0000000000864000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	864000
Size:	4096

Details

Name:	00000019.00000002.1981023862.000000DB1ECFF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	DB1ECFF000
Size:	4096

Details

Name:	00000001.00000003.1413668398.00000000016B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16B1000
Size:	12288

Details

Name:	00000001.00000003.1375349916.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000015.00000002.2377182595.0000000000C5D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	C5D000
Size:	8192

Details

Name:	00000001.00000003.1372416251.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	0000001B.00000002.2415607820.0000000004F60000.00000004.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4F60000
Size:	8192

Details

Name:	00000015.00000003.2373336099.0000000000AD2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	AD2000
Size:	45056

Details

Name:	00000021.00000002.3859340977.0000000005490000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5490000
Size:	4096

Details

Name:	00000022.00000002.2439095636.000000000328A000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	328A000
Size:	2473984

Details

Name:	0000001A.00000002.3836005757.0000000000E8D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	E8D000
Size:	73728

Details

Name:	00000006.00000002.3844895842.00000000030DF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	30DF000
Size:	4096

Details

Name:	00000021.00000002.3845410116.00000000028D3000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	28D3000
Size:	4096

Details

Name:	0000001C.00000002.2360830106.0000000001530000.00000004.00000020.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1530000
Size:	16384

Details

Name:	0000001C.00000002.2361080040.00000000035FF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	35FF000
Size:	4096

Details

Name:	00000015.00000003.1973219035.00000000032B2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	32B2000
Size:	4096

Details

Name:	00000015.00000003.2373521974.0000000000AAA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	AAA000
Size:	16384

Details

Name:	00000023.00000002.2497048930.0000000002DEE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2DEE000
Size:	8192

Details

Name:	0000000C.00000002.1938274648.0000000004E20000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4E20000
Size:	4096

Details

Name:	00000001.00000003.1372253247.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000002.00000002.1466760053.0000000003A1D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3A1D000
Size:	12288

Details

Name:	00000002.00000003.1420631997.00000000007E0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	7E0000
Size:	53248

Details

Name:	0000001B.00000002.2413364460.00000000027D0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	27D0000
Size:	32768

Details

Name:	00000006.00000003.1838890943.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000015.00000003.2364999913.0000000003597000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3597000
Size:	126976

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000015.00000003.2372528143.0000000000B5B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B5B000
Size:	36864

Details

Name:	00000006.00000003.1863558360.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000006.00000003.1862143954.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	0000000E.00000002.1942983775.00000000021E0000.00000004.00000020.00040000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	21E0000
Size:	4096

Details

Name:	00000001.00000003.1414059531.00000000016E8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16E8000
Size:	159744

Details

Name:	00000001.00000003.1372583500.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000001.00000002.1459866426.000000000423F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	423F000
Size:	4096

Details

Name:	0000001A.00000003.1997042384.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	0000001A.00000003.1979142233.0000000000CF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CF0000
Size:	159744

Details

Name:	00000002.00000002.1467165433.0000000004A10000.00000040.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4A10000
Size:	4096

Details

Name:	00000006.00000003.1846336643.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000002.00000002.1466392587.0000000002E9F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2E9F000
Size:	4096

Details

Name:	00000001.00000003.1407720069.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000002.00000003.1420879793.00000000007E0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	7E0000
Size:	53248

Details

Name:	00000002.00000003.1421863868.00000000007E0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	7E0000
Size:	53248

Details

Name:	00000001.00000002.1453301756.0000000000D77000.00000040.00000001.01000000.00000003.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	D77000
Size:	4096

Details

Name:	00000015.00000002.2376423052.0000000000970000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	970000
Size:	24576

Details

Name:	00000001.00000002.1456132249.0000000001610000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1610000
Size:	36864

Details

Name:	0000000C.00000002.1937685885.0000000002E4A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2E4A000
Size:	73728

Details

Name:	00000006.00000003.1845871806.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000006.00000002.3843510155.0000000001287000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1287000
Size:	32768

Details

Name:	00000015.00000003.2371740152.0000000000C14000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C14000
Size:	40960

Details

Name:	00000001.00000002.1456132249.0000000001655000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1655000
Size:	16384

Details

Name:	0000000E.00000002.1943652621.000000000270F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	270F000
Size:	4096

Details

Name:	00000009.00000002.1926614991.0000000002160000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2160000
Size:	4096

Details

Name:	00000015.00000003.2371110886.0000000000C7E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C7E000
Size:	32768

Details

Name:	00000019.00000003.1978549381.000002CA675A7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675A7000
Size:	86016

Details

Name:	00000001.00000002.1458722003.0000000001699000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1699000
Size:	81920

Details

Name:	00000011.00000003.1947817287.0000000002817000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2817000
Size:	12288

Details

Name:	0000001C.00000002.2361103163.000000000363D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	363D000
Size:	12288

Details

Name:	0000001C.00000002.2360830106.0000000001535000.00000004.00000020.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1535000
Size:	12288

Details

Name:	00000022.00000002.2441813803.0000000004285000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4285000
Size:	4096

Details

Name:	0000001C.00000002.2360407625.0000000001437000.00000004.00000020.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1437000
Size:	65536

Details

Name:	00000001.00000002.1460822247.0000000006A4E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6A4E000
Size:	8192

Details

Name:	00000002.00000003.1419467970.0000000000214000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	214000
Size:	4096

Details

Name:	00000015.00000003.2371671152.0000000000C02000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C02000
Size:	114688

Details

Name:	00000023.00000002.2497174548.0000000002EAE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2EAE000
Size:	8192

Details

Name:	00000006.00000002.3843876236.000000000139A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	139A000
Size:	16384

Details

Name:	00000001.00000003.1407312912.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000019.00000003.1978521866.000002CA675BC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675BC000
Size:	57344

Details

Name:	00000009.00000002.1925417627.000000000040C000.00000004.00000001.01000000.00000009.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	40C000
Size:	4096

Details

Name:	00000002.00000002.1467211548.0000000004A30000.00000040.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4A30000
Size:	4096

Details

Name:	00000009.00000002.1926463783.000000000087F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	87F000
Size:	4096

Details

Name:	00000001.00000002.1459237460.000000000323E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	323E000
Size:	8192

Details

Name:	00000015.00000003.2375247733.0000000000ACD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	ACD000
Size:	8192

Details

Name:	00000015.00000003.2367833231.00000000035B4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	35B4000
Size:	8192

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000011.00000003.1947913205.00000000027F7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	27F7000
Size:	32768

Details

Name:	00000001.00000003.1369932247.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000015.00000003.2371525895.0000000000C1E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C1E000
Size:	53248

Details

Name:	00000006.00000003.1845780079.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000015.00000003.1972545351.0000000000864000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	864000
Size:	8192

Details

Name:	00000001.00000003.1407839579.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000015.00000002.2377027427.0000000000C29000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	C29000
Size:	8192

Details

Name:	00000001.00000002.1455261762.00000000014A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	14A0000
Size:	4096

Details

Name:	00000015.00000003.2374958366.0000000000996000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	996000
Size:	65536

Details

Name:	00000021.00000002.3844898374.00000000025CE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	25CE000
Size:	8192

Details

Name:	00000023.00000002.2495956680.0000000001290000.00000004.00000020.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1290000
Size:	16384

Details

Name:	00000001.00000003.1408891407.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000001.00000002.1460794643.0000000006A0F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	6A0F000
Size:	4096

Details

Name:	00000021.00000002.3826493901.00000000005D0000.00000040.00000400.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	remote allocation
Protect:	page execute and read and write
Base address:	5D0000
Size:	4096

Details

Name:	00000015.00000000.1952121320.0000000000121000.00000008.00000001.01000000.0000000B.sdmp
TargetID:	21
Dumpstage:	process new
Regiontype:	unkown
Protect:	page write copy
Base address:	121000
Size:	4096

Details

Name:	00000001.00000002.1459565903.0000000003ABF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3ABF000
Size:	4096

Details

Name:	00000006.00000003.1842794472.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	0000001C.00000002.2360959209.0000000002F5E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2F5E000
Size:	8192

Details

Name:	00000015.00000003.2372796056.0000000000B2D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B2D000
Size:	4096

Details

Name:	0000001C.00000002.2360883837.000000000170F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	170F000
Size:	4096

Details

Name:	00000006.00000002.3845787813.0000000003B1E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3B1E000
Size:	8192

Details

Name:	00000001.00000003.1413267045.00000000016D5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16D5000
Size:	73728

Details

Name:	0000001A.00000003.1996252573.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000001.00000003.1363762486.00000000014B0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	14B0000
Size:	53248

Details

Name:	00000015.00000003.2372265258.0000000000B97000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B97000
Size:	73728

Details

Name:	00000015.00000003.1953264233.00000000009FE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	9FE000
Size:	4096

Details

Name:	00000006.00000003.1839155244.0000000001270000.00000004.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1270000
Size:	53248

Details

Name:	00000022.00000002.2442625612.00000000056F5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	56F5000
Size:	36864

Details

Name:	00000009.00000002.1927302991.0000000002DEC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2DEC000
Size:	16384

Details

Name:	00000015.00000003.2371497090.0000000000C2B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C2B000
Size:	77824

Details

Name:	0000001B.00000002.2413039601.0000000000EEF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	EEF000
Size:	4096

Details

Name:	00000001.00000003.1409215303.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000015.00000003.2375619184.0000000000B2D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B2D000
Size:	4096

Details

Name:	00000001.00000002.1459090771.000000000180E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	180E000
Size:	8192

Details

Name:	00000015.00000003.1957928947.0000000003560000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3560000
Size:	159744

Details

Name:	00000001.00000003.1408522929.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000001.00000003.1409733027.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000015.00000003.2375182486.0000000000A01000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A01000
Size:	4096

Details

Name:	00000001.00000003.1369191900.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000001.00000002.1455309252.00000000014C5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	14C5000
Size:	8192

Details

Name:	0000001A.00000002.3826502440.00000000004A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4A0000
Size:	4096

Details

Name:	00000023.00000002.2498155053.0000000003B0B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3B0B000
Size:	16384

Details

Name:	0000001B.00000002.2415420314.0000000004F24000.00000004.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4F24000
Size:	8192

Details

Name:	00000022.00000002.2437850701.000000000161B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	161B000
Size:	36864

Details

Name:	00000001.00000003.1407549825.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000015.00000002.2375891140.0000000000051000.00000020.00000001.01000000.0000000B.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute read
Base address:	51000
Size:	638976

Details

Name:	00000015.00000003.1957366363.0000000003560000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3560000
Size:	159744

Details

Name:	00000021.00000002.3845410116.0000000002953000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2953000
Size:	3846144

Details

Name:	00000015.00000003.1957807421.0000000003560000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3560000
Size:	159744

Details

Name:	00000001.00000003.1371486983.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000015.00000003.2371170482.0000000000C69000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C69000
Size:	86016

Details

Name:	00000002.00000003.1423793023.0000000000214000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	214000
Size:	4096

Details

Name:	00000015.00000003.1973319323.00000000032B2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	32B2000
Size:	4096

Details

Name:	0000001C.00000002.2360634654.0000000001486000.00000004.00000020.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1486000
Size:	225280

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	0000001A.00000003.1996463363.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000009.00000002.1925394822.0000000000409000.00000002.00000001.01000000.00000009.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	409000
Size:	12288

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000002.00000002.1466957618.000000000415F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	415F000
Size:	4096

Details

Name:	00000006.00000003.1863111538.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000021.00000002.3845410116.00000000028D5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	28D5000
Size:	4096

Details

Name:	00000022.00000002.2442931244.000000000570B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	570B000
Size:	20480

Details

Name:	00000001.00000003.1408862270.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	0000001B.00000002.2415420314.0000000004F36000.00000004.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4F36000
Size:	4096

Details

Name:	00000009.00000000.1915419136.0000000000400000.00000002.00000001.01000000.00000009.sdmp
TargetID:	9
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	400000
Size:	4096

Details

Name:	00000021.00000002.3861719941.00000000056B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	56B0000
Size:	65536

Details

Name:	00000006.00000002.3844733256.0000000002E9C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2E9C000
Size:	16384

Details

Name:	00000015.00000002.2376179162.00000000007BE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7BE000
Size:	8192

Details

Name:	00000015.00000003.2373051678.0000000000B25000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B25000
Size:	4096

Details

Name:	0000001B.00000002.2413482038.00000000027E0000.00000040.00000020.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	27E0000
Size:	4096

Details

Name:	00000002.00000002.1467285756.0000000004A70000.00000040.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4A70000
Size:	4096

Details

Name:	0000000E.00000002.1943386866.00000000025F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	25F0000
Size:	16384

Details

Name:	00000006.00000002.3826911779.0000000000619000.00000040.00000001.01000000.00000007.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	619000
Size:	36864

Details

Name:	00000015.00000003.2374397420.0000000000A2A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A2A000
Size:	12288

Details

Name:	0000001A.00000002.3826418313.0000000000110000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	110000
Size:	8192

Details

Name:	00000021.00000002.3856541637.000000000514A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	514A000
Size:	8192

Details

Name:	00000022.00000002.2437162233.000000000154F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	154F000
Size:	4096

Details

Name:	00000009.00000002.1927123877.00000000028E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	28E0000
Size:	4096

Details

Name:	00000001.00000002.1459160965.00000000030F7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	30F7000
Size:	32768

Details

Name:	00000021.00000002.3863613549.0000000006760000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6760000
Size:	4096

Details

Name:	00000001.00000003.1375256444.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000001.00000003.1410808416.0000000008AFC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	8AFC000
Size:	524288

Details

Name:	00000011.00000002.1948288835.00000000028F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	28F0000
Size:	20480

Details

Name:	00000006.00000003.1838773330.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000015.00000002.2377691064.00000000011AF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	11AF000
Size:	4096

Details

Name:	00000016.00000002.2104687118.000000000080C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	22
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	80C000
Size:	16384

Details

Name:	00000015.00000003.1972905016.00000000032B2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	32B2000
Size:	4096

Details

Name:	00000021.00000002.3830653244.00000000008D3000.00000040.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	8D3000
Size:	4096

Details

Name:	00000022.00000002.2437024079.00000000013D0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	13D0000
Size:	4096

Details

Name:	00000002.00000003.1423686068.0000000000214000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	214000
Size:	4096

Details

Name:	00000015.00000003.2371777378.0000000000BBC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	BBC000
Size:	32768

Details

Name:	00000015.00000003.1956929161.0000000000864000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	864000
Size:	4096

Details

Name:	00000001.00000003.1372755439.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000006.00000002.3847741331.000000000597D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	597D000
Size:	12288

Details

Name:	00000019.00000002.1982021621.000002CA675DE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675DE000
Size:	4096

Details

Name:	00000006.00000002.3836496359.0000000000CFC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	CFC000
Size:	16384

Details

Name:	00000006.00000002.3844970970.000000000321F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	321F000
Size:	4096

Details

Name:	00000015.00000003.1959972199.0000000000864000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	864000
Size:	8192

Details

Name:	00000015.00000003.1958330727.0000000000D20000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	D20000
Size:	8192

Details

Name:	00000001.00000002.1453301756.0000000000AAB000.00000040.00000001.01000000.00000003.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	AAB000
Size:	1683456

Details

Name:	00000015.00000003.2371777378.0000000000C1C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C1C000
Size:	8192

Details

Name:	00000011.00000002.1948035869.00000000006C0000.00000004.00000020.00040000.00000000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6C0000
Size:	4096

Details

Name:	00000009.00000002.1926912001.000000000224E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	224E000
Size:	8192

Details

Name:	0000001A.00000002.3832424121.0000000000D40000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	D40000
Size:	24576

Details

Name:	00000015.00000003.2370979173.0000000000CC0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	CC0000
Size:	32768

Details

Name:	0000000C.00000002.1938195302.0000000004DDF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4DDF000
Size:	4096

Details

Name:	00000019.00000002.1981910954.000002CA675CE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675CE000
Size:	12288

Details

Name:	00000002.00000002.1466067896.0000000000D2E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	D2E000
Size:	8192

Details

Name:	00000006.00000003.1846236107.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000001.00000003.1371448998.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000006.00000003.1842816679.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000021.00000002.3843603287.0000000000AD2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	AD2000
Size:	4096

Details

Name:	00000021.00000002.3843805318.0000000000AD5000.00000040.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	AD5000
Size:	4096

Details

Name:	0000001B.00000002.2412188851.0000000000B90000.00000004.00000020.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	B90000
Size:	16384

Details

Name:	00000015.00000003.2372115235.0000000000C1C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C1C000
Size:	8192

Details

Name:	0000001A.00000000.1977445509.000000000073D000.00000008.00000001.01000000.0000000D.sdmp
TargetID:	26
Dumpstage:	process new
Regiontype:	unkown
Protect:	page write copy
Base address:	73D000
Size:	4096

Details

Name:	00000015.00000003.1960972974.0000000003660000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3660000
Size:	159744

Details

Name:	00000006.00000003.1839977782.0000000001270000.00000004.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1270000
Size:	53248

Details

Name:	00000023.00000002.2496583955.00000000014B3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	14B3000
Size:	8192

Details

Name:	00000006.00000003.1862111325.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000006.00000003.1861871367.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000002.00000002.1466994265.000000000429F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	429F000
Size:	4096

Details

Name:	00000019.00000002.1980907632.000000DB1EAFE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	DB1EAFE000
Size:	8192

Details

Name:	00000021.00000002.3857875920.0000000005479000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5479000
Size:	4096

Details

Name:	00000016.00000002.2104878458.0000000002D0E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	22
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2D0E000
Size:	8192

Details

Name:	00000015.00000003.2375370472.0000000000C9E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C9E000
Size:	16384

Details

Name:	00000001.00000003.1371322776.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	0000001A.00000003.1996010885.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	0000001A.00000003.1982345057.0000000000CF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CF0000
Size:	159744

Details

Name:	0000000C.00000002.1937685885.0000000002E10000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2E10000
Size:	28672

Details

Name:	00000023.00000002.2496694635.00000000014C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	14C4000
Size:	49152

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000021.00000002.3862546618.00000000059BD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	59BD000
Size:	12288

Details

Name:	0000001C.00000002.2360481255.000000000147B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	147B000
Size:	8192

Details

Name:	00000006.00000002.3826650035.0000000000359000.00000004.00000001.01000000.00000007.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	359000
Size:	4096

Details

Name:	00000015.00000003.1957703920.0000000003560000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3560000
Size:	159744

Details

Name:	00000021.00000002.3856541637.000000000514E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	514E000
Size:	8192

Details

Name:	00000001.00000003.1413426593.00000000016B5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16B5000
Size:	53248

Details

Name:	00000021.00000002.3830543968.00000000008D0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	8D0000
Size:	8192

Details

Name:	00000009.00000002.1927244401.0000000002CAF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2CAF000
Size:	4096

Details

Name:	00000011.00000002.1948375782.00000000029FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	29FE000
Size:	8192

Details

Name:	00000021.00000002.3844714321.0000000000E70000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	E70000
Size:	20480

Details

Name:	00000006.00000003.1846437858.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000015.00000001.1952443053.0000000000051000.00000020.00000001.01000000.0000000B.sdmp
TargetID:	21
Dumpstage:	image loaded
Regiontype:	unkown
Protect:	page execute read
Base address:	51000
Size:	307200

Details

Name:	00000015.00000003.2305190463.0000000003F00000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3F00000
Size:	151552

Details

Name:	00000006.00000003.1863881493.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000023.00000002.2496969510.00000000014DA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	14DA000
Size:	16384

Details

Name:	00000001.00000003.1410417812.00000000016F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16F0000
Size:	4096

Details

Name:	00000001.00000003.1413993401.00000000016B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16B1000
Size:	12288

Details

Name:	00000009.00000002.1926675282.00000000021C5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	21C5000
Size:	16384

Details

Name:	00000015.00000003.2375767561.0000000000D0F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	D0F000
Size:	40960

Details

Name:	00000006.00000002.3843876236.0000000001339000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1339000
Size:	57344

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery
URLs found in memory or binary data	Networking

Details

Name:	00000015.00000003.2373607456.0000000000A78000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A78000
Size:	94208

Details

Name:	0000001B.00000002.2412652452.0000000000D1A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	D1A000
Size:	36864

Details

Name:	00000015.00000002.2377650035.0000000000DAE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	DAE000
Size:	8192

Details

Name:	0000001A.00000003.1983074138.0000000000CF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CF0000
Size:	159744

Details

Name:	00000015.00000003.2371464828.0000000000C8C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C8C000
Size:	90112

Details

Name:	00000002.00000002.1466431859.0000000002FDF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2FDF000
Size:	4096

Details

Name:	00000015.00000002.2376646654.0000000000A01000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	A01000
Size:	4096

Details

Name:	00000021.00000002.3862234880.000000000577E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	577E000
Size:	8192

Details

Name:	00000002.00000002.1466923421.000000000401F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	401F000
Size:	4096

Details

Name:	00000006.00000003.1842714486.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	225280

Details

Name:	00000002.00000002.1466940207.000000000405E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	405E000
Size:	8192

Details

Name:	00000001.00000003.1409544095.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000002.00000002.1466684050.000000000379E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	379E000
Size:	8192

Details

Name:	00000009.00000003.1925081526.00000000006F7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6F7000
Size:	61440

Details

Name:	00000006.00000003.1846295426.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000001.00000002.1460666164.000000000678E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	678E000
Size:	8192

Details

Name:	00000019.00000003.1979620492.000002CA675AF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675AF000
Size:	53248

Details

Name:	0000001C.00000002.2361228907.00000000039FF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	39FF000
Size:	4096

Details

Name:	00000002.00000003.1423741374.0000000000214000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	214000
Size:	4096

Details

Name:	00000001.00000002.1460429697.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	53F0000
Size:	4096

Details

Name:	00000022.00000002.2437699138.00000000015D0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	15D0000
Size:	4096

Details

Name:	00000022.00000002.2438532938.00000000018A0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	18A0000
Size:	32768

Details

Name:	00000001.00000003.1364413060.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	249856

Details

Name:	00000021.00000002.3854823795.0000000004C90000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4C90000
Size:	28672

Details

Name:	0000001A.00000002.3842361176.0000000000FD3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	FD3000
Size:	503808

Details

Name:	00000021.00000002.3856142060.0000000004E8E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4E8E000
Size:	8192

Details

Name:	00000002.00000002.1466833768.0000000003C9E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3C9E000
Size:	8192

Details

Name:	00000001.00000003.1409567183.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000001.00000002.1460082086.000000000487F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	487F000
Size:	4096

Details

Name:	00000001.00000002.1454305952.0000000000FF0000.00000004.00000020.00040000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	FF0000
Size:	4096

Details

Name:	00000006.00000003.1864987031.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000021.00000002.3835896482.000000000094C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	94C000
Size:	8192

Details

Name:	00000006.00000003.1864355844.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	0000000E.00000002.1943386866.00000000025F6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	25F6000
Size:	8192

Details

Name:	00000011.00000002.1947982560.0000000000639000.00000004.00000010.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	639000
Size:	28672

Details

Name:	00000009.00000002.1925417627.000000000046B000.00000004.00000001.01000000.00000009.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	46B000
Size:	12288

Details

Name:	00000015.00000003.1953359478.00000000009A4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	9A4000
Size:	163840

Details

Name:	0000001A.00000003.1981813027.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	217088

Details

Name:	00000015.00000003.2305078637.0000000000D52000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	D52000
Size:	20480

Details

Name:	00000022.00000002.2437850701.0000000001634000.00000004.00000020.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1634000
Size:	258048

Details

Name:	00000006.00000002.3836606364.0000000000DFD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	DFD000
Size:	12288

Details

Name:	0000001C.00000002.2361690700.0000000003DB1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3DB1000
Size:	4096

Details

Name:	00000006.00000003.1863196045.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000006.00000003.1844279646.00000000050E0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	50E0000
Size:	4096

Details

Name:	00000021.00000002.3864390344.0000000006830000.00000040.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	6830000
Size:	16384

Details

Name:	00000001.00000003.1375451470.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000009.00000002.1926579388.000000000215F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	215F000
Size:	4096

Details

Name:	00000006.00000003.1842104825.0000000001270000.00000004.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1270000
Size:	53248

Details

Name:	00000006.00000003.1841608945.0000000001270000.00000004.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1270000
Size:	53248

Details

Name:	00000015.00000003.2371555475.0000000000C51000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C51000
Size:	12288

Details

Name:	00000001.00000002.1454426649.000000000147E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	147E000
Size:	8192

Details

Name:	00000006.00000003.1846377129.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000016.00000002.2104806320.00000000029D0000.00000004.00000020.00040000.00000000.sdmp
TargetID:	22
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	29D0000
Size:	4096

Details

Name:	00000006.00000003.1864428520.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000001.00000003.1413177296.0000000007170000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	7170000
Size:	8192

Details

Name:	00000015.00000003.2372443123.0000000000B7B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B7B000
Size:	24576

Details

Name:	0000001C.00000002.2360339344.00000000013C0000.00000004.00000020.00040000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	13C0000
Size:	4096

Details

Name:	00000015.00000003.2374509989.0000000000A05000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A05000
Size:	32768

Details

Name:	00000006.00000003.1840206192.0000000001270000.00000004.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1270000
Size:	53248

Details

Name:	00000006.00000003.1864396378.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000001.00000003.1413668398.000000000168F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	168F000
Size:	126976

Details

Name:	00000001.00000002.1459669697.0000000003D3F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3D3F000
Size:	4096

Details

Name:	00000015.00000003.2305130455.0000000000D2A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	D2A000
Size:	73728

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000011.00000002.1948447309.0000000002BF0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2BF0000
Size:	20480

Details

Name:	00000015.00000003.2375182486.00000000009F5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	9F5000
Size:	36864

Details

Name:	00000006.00000002.3844625803.00000000014BF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	14BF000
Size:	4096

Details

Name:	00000006.00000003.1844257570.0000000005100000.00000040.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5100000
Size:	4096

Details

Name:	00000015.00000003.2372389702.0000000000B88000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B88000
Size:	20480

Details

Name:	00000023.00000002.2497731923.0000000003A80000.00000004.00000800.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3A80000
Size:	151552

Details

Name:	00000015.00000002.2376756640.0000000000ACC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	ACC000
Size:	4096

Details

Name:	00000015.00000003.2373751759.0000000000AAC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	AAC000
Size:	8192

Details

Name:	00000015.00000003.1972735178.00000000032B2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	32B2000
Size:	4096

Details

Name:	00000006.00000002.3826911779.0000000000627000.00000040.00000001.01000000.00000007.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	627000
Size:	4096

Details

Name:	00000021.00000002.3856541637.0000000005178000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5178000
Size:	495616

Details

Name:	0000001C.00000002.2360481255.0000000001457000.00000004.00000020.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1457000
Size:	8192

Details

Name:	00000001.00000002.1460711546.00000000067F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	67F0000
Size:	4096

Details

Name:	00000015.00000003.2374778081.00000000009DD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	9DD000
Size:	65536

Details

Name:	00000009.00000000.1915445318.0000000000401000.00000020.00000001.01000000.00000009.sdmp
TargetID:	9
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute read
Base address:	401000
Size:	32768

Details

Name:	00000022.00000000.2383681652.0000000000E40000.00000002.00000001.01000000.00000012.sdmp
TargetID:	34
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	E40000
Size:	4096

Details

Name:	0000001C.00000002.2360481255.000000000145A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	145A000
Size:	16384

Details

Name:	00000019.00000003.1979398859.000002CA675BE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675BE000
Size:	40960

Details

Name:	00000001.00000002.1453301756.0000000000D2E000.00000040.00000001.01000000.00000003.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	D2E000
Size:	131072

Details

Name:	00000015.00000003.2370938719.0000000000CD6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	CD6000
Size:	196608

Details

Name:	00000021.00000002.3856021346.0000000004D81000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4D81000
Size:	57344

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000006.00000002.3844839681.0000000002FDE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2FDE000
Size:	8192

Details

Name:	00000023.00000002.2498155053.0000000003B10000.00000004.00000800.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3B10000
Size:	4096

Details

Name:	00000001.00000002.1459317864.000000000347F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	347F000
Size:	4096

Details

Name:	0000001A.00000003.1996054428.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000002.00000002.1466904636.0000000003F1E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3F1E000
Size:	8192

Details

Name:	00000006.00000002.3845348485.000000000361E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	361E000
Size:	8192

Details

Name:	00000002.00000002.1466045100.0000000000CEF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	CEF000
Size:	4096

Details

Name:	0000000C.00000002.1937517724.0000000002C3C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2C3C000
Size:	16384

Details

Name:	00000002.00000002.1465963757.0000000000A00000.00000004.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	A00000
Size:	4096

Details

Name:	00000001.00000003.1408659889.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	0000001A.00000002.3830386349.0000000000745000.00000002.00000001.01000000.0000000D.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	745000
Size:	90112

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000006.00000003.1863165515.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000009.00000002.1926946588.0000000002280000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2280000
Size:	8192

Details

Name:	00000006.00000002.3844933242.000000000311E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	311E000
Size:	8192

Details

Name:	00000016.00000002.2104759397.00000000028D8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	22
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	28D8000
Size:	45056

Details

Name:	00000021.00000002.3841456657.0000000000AC2000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	AC2000
Size:	4096

Details

Name:	00000001.00000002.1454281997.0000000000F8B000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	F8B000
Size:	20480

Details

Name:	00000006.00000003.1845659084.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000001.00000003.1371217983.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000021.00000002.3859340977.0000000005499000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5499000
Size:	4096

Details

Name:	00000019.00000002.1981792177.000002CA675B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675B0000
Size:	49152

Details

Name:	00000021.00000002.3864191105.0000000006800000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6800000
Size:	40960

Details

Name:	00000002.00000003.1425658440.00000000049A0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	49A0000
Size:	4096

Details

Name:	00000023.00000002.2497731923.0000000003ABA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3ABA000
Size:	20480

Details

Name:	00000009.00000002.1926074543.000000000068E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	68E000
Size:	180224

Details

Name:	00000006.00000003.1846113471.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000019.00000003.1978436084.000002CA675D1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675D1000
Size:	49152

Details

Name:	0000001B.00000002.2412302937.0000000000CB0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CB0000
Size:	4096

Details

Name:	00000002.00000003.1425617777.00000000049C0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	49C0000
Size:	4096

Details

Name:	0000001B.00000000.2235993302.00000000006E2000.00000002.00000001.01000000.0000000E.sdmp
TargetID:	27
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	6E2000
Size:	4096

Details

Name:	00000021.00000002.3845410116.00000000028CD000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	28CD000
Size:	20480

Details

Name:	00000015.00000003.2372166004.0000000000BD5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	BD5000
Size:	36864

Details

Name:	00000015.00000002.2376317230.0000000000830000.00000004.00000020.00040000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	830000
Size:	4096

Details

Name:	00000015.00000003.1972497694.00000000032B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	32B1000
Size:	212992

Details

Name:	00000009.00000002.1925417627.0000000000434000.00000004.00000001.01000000.00000009.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	434000
Size:	40960

Details

Name:	0000001A.00000003.1979082939.0000000000124000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	124000
Size:	4096

Details

Name:	00000015.00000003.2374711882.00000000009ED000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	9ED000
Size:	86016

Details

Name:	00000015.00000003.2372389702.0000000000B64000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B64000
Size:	118784

Details

Name:	00000023.00000002.2496115169.000000000142C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	142C000
Size:	53248

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000001.00000003.1410189494.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	0000001C.00000002.2361690700.0000000003DAB000.00000004.00000800.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3DAB000
Size:	4096

Details

Name:	00000006.00000002.3847808722.0000000005D50000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5D50000
Size:	4096

Details

Name:	0000001A.00000003.1996850114.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000021.00000002.3845410116.0000000002906000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2906000
Size:	4096

Details

Name:	00000006.00000003.1838914088.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000011.00000003.1947693412.00000000027F3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	27F3000
Size:	12288

Details

Name:	00000011.00000003.1947817287.000000000281B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	281B000
Size:	8192

Details

Name:	00000001.00000003.1409051361.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000015.00000002.2377346056.0000000000CA9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	CA9000
Size:	12288

Details

Name:	00000002.00000002.1466630604.000000000361F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	361F000
Size:	4096

Details

Name:	0000001A.00000003.1979809315.0000000000CF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CF0000
Size:	159744

Details

Name:	00000006.00000003.1846315807.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000006.00000003.1845826918.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000022.00000002.2438436383.000000000184E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	184E000
Size:	8192

Details

Name:	00000021.00000002.3831467892.00000000008D4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	8D4000
Size:	8192

Details

Name:	00000002.00000002.1466496339.000000000315E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	315E000
Size:	8192

Details

Name:	00000011.00000003.1947891637.000000000281B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	281B000
Size:	8192

Details

Name:	00000001.00000003.1409180499.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	0000001C.00000002.2361782298.0000000003DF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3DF0000
Size:	172032

Details

Name:	00000015.00000002.2376621812.00000000009EC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	9EC000
Size:	4096

Details

Name:	00000001.00000003.1408174660.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000006.00000003.1846487200.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000001.00000003.1409513542.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000015.00000003.2372636076.0000000000C5F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C5F000
Size:	4096

Details

Name:	00000006.00000002.3843510155.0000000001280000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1280000
Size:	16384

Details

Name:	00000006.00000003.1862528301.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000001.00000002.1459262907.000000000333F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	333F000
Size:	4096

Details

Name:	00000006.00000003.1865060563.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000001.00000002.1459524636.000000000397F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	397F000
Size:	4096

Details

Name:	0000001B.00000002.2413220759.0000000000F70000.00000004.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	F70000
Size:	12288

Details

Name:	00000006.00000003.1864851849.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	0000001B.00000002.2415420314.0000000004F14000.00000004.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4F14000
Size:	4096

Details

Name:	0000001A.00000002.3828492401.000000000073D000.00000004.00000001.01000000.0000000D.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	73D000
Size:	28672

Details

Name:	00000015.00000002.2376989576.0000000000C1C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	C1C000
Size:	8192

Details

Name:	00000001.00000002.1459968192.00000000044FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	44FE000
Size:	8192

Details

Name:	00000023.00000002.2497344444.000000000351F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	351F000
Size:	4096

Details

Name:	00000006.00000002.3847389985.0000000005170000.00000040.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5170000
Size:	4096

Details

Name:	00000021.00000002.3863063119.0000000006640000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6640000
Size:	4096

Details

Name:	00000021.00000002.3845410116.00000000028E1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	28E1000
Size:	4096

Details

Name:	00000002.00000003.1423270576.00000000007E0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	7E0000
Size:	53248

Details

Name:	00000015.00000003.2373912491.0000000000A6A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A6A000
Size:	24576

Details

Name:	00000001.00000003.1370503377.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000001.00000002.1459929749.00000000043BD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	43BD000
Size:	12288

Details

Name:	0000001A.00000002.3826363806.0000000000100000.00000004.00000020.00040000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	100000
Size:	4096

Details

Name:	00000019.00000003.1979128740.000002CA67591000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2CA67591000
Size:	28672

Details

Name:	0000001A.00000002.3830455831.0000000000B1F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	B1F000
Size:	4096

Details

Name:	00000006.00000003.1844138096.0000000005110000.00000040.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5110000
Size:	4096

Details

Name:	0000001A.00000002.3841405069.0000000000F9A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	F9A000
Size:	229376

Details

Name:	00000006.00000003.1861996282.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000006.00000003.1843434531.00000000012A0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	12A0000
Size:	53248

Details

Name:	00000016.00000002.2104903954.0000000002D4F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	22
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2D4F000
Size:	4096

Details

Name:	00000022.00000002.2438406014.0000000001800000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	1800000
Size:	4096

Details

Name:	00000006.00000002.3846937597.0000000004B40000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B40000
Size:	40960

Details

Name:	00000019.00000002.1981763315.000002CA675A7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675A7000
Size:	32768

Details

Name:	00000001.00000002.1460924404.0000000008500000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	8500000
Size:	4096

Details

Name:	00000015.00000002.2378020792.0000000003ABF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3ABF000
Size:	4096

Details

Name:	00000015.00000002.2376344179.0000000000840000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	840000
Size:	8192

Details

Name:	00000006.00000003.1862027212.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	0000001C.00000002.2360728315.00000000014D4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	14D4000
Size:	12288

Details

Name:	00000006.00000002.3847365889.0000000005160000.00000040.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5160000
Size:	4096

Details

Name:	0000001A.00000003.1995436470.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000001.00000003.1409896149.00000000016D2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16D2000
Size:	8192

Details

Name:	0000000C.00000002.1937620154.0000000002CE0000.00000004.00000020.00040000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CE0000
Size:	4096

Details

Name:	00000022.00000002.2437540067.00000000015B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	15B0000
Size:	4096

Details

Name:	0000001A.00000002.3843879007.0000000001094000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1094000
Size:	90112

Details

Name:	00000002.00000002.1465325989.00000000002E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2E0000
Size:	4096

Details

Name:	00000022.00000002.2437568066.00000000015B3000.00000040.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	15B3000
Size:	4096

Details

Name:	00000006.00000002.3846904815.0000000004B1F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4B1F000
Size:	4096

Details

Name:	00000023.00000002.2497091536.0000000002E2D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2E2D000
Size:	12288

Details

Name:	0000001C.00000002.2361255310.0000000003A4D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3A4D000
Size:	12288

Details

Name:	00000021.00000002.3845410116.0000000002951000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2951000
Size:	4096

Details

Name:	00000009.00000002.1925607570.000000000056E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	56E000
Size:	8192

Details

Name:	00000022.00000002.2436979122.00000000012F9000.00000004.00000010.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	12F9000
Size:	28672

Details

Name:	0000001B.00000002.2413534760.00000000029EF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	29EF000
Size:	4096

Details

Name:	00000001.00000002.1460174788.0000000004B3E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4B3E000
Size:	8192

Details

Name:	00000001.00000002.1460410219.00000000053E0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	53E0000
Size:	4096

Details

Name:	00000006.00000003.1865165520.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000009.00000003.1925081526.00000000006F1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6F1000
Size:	20480

Details

Name:	00000021.00000002.3863502589.0000000006740000.00000040.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	6740000
Size:	65536

Details

Name:	00000021.00000002.3863846712.0000000006790000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6790000
Size:	65536

Details

Name:	00000015.00000003.2372796056.0000000000B09000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B09000
Size:	118784

Details

Name:	00000021.00000002.3862441271.00000000058BC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	58BC000
Size:	16384

Details

Name:	00000022.00000002.2442625612.00000000056C4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	56C4000
Size:	4096

Details

Name:	00000009.00000000.1915464747.0000000000409000.00000002.00000001.01000000.00000009.sdmp
TargetID:	9
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	409000
Size:	12288

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	0000001C.00000002.2360775154.00000000014E7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	14E7000
Size:	86016

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000001.00000002.1459949025.00000000044BF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	44BF000
Size:	4096

Details

Name:	00000015.00000002.2376507385.0000000000993000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	993000
Size:	4096

Details

Name:	0000001C.00000002.2360385606.0000000001410000.00000004.00000020.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1410000
Size:	8192

Details

Name:	00000002.00000000.1413222423.0000000000352000.00000080.00000001.01000000.00000007.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and write copy
Base address:	352000
Size:	16384

Details

Name:	00000001.00000003.1369961810.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000021.00000002.3845115639.0000000002620000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2620000
Size:	4096

Details

Name:	00000011.00000002.1948086435.00000000027E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	27E0000
Size:	20480

Details

Name:	00000019.00000003.1979327861.000002CA675CB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675CB000
Size:	24576

Details

Name:	00000015.00000003.2373751759.0000000000A92000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A92000
Size:	20480

Details

Name:	00000015.00000003.2373302084.0000000000AD0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	AD0000
Size:	53248

Details

Name:	00000001.00000002.1460597736.0000000005450000.00000040.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5450000
Size:	4096

Details

Name:	00000001.00000003.1407635711.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000021.00000002.3844599614.0000000000E30000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	E30000
Size:	4096

Details

Name:	00000015.00000003.2375150691.0000000000AC4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	AC4000
Size:	45056

Details

Name:	00000002.00000002.1465454592.0000000000610000.00000040.00000001.01000000.00000007.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	610000
Size:	32768

Details

Name:	00000015.00000002.2376824166.0000000000B79000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	B79000
Size:	8192

Details

Name:	00000021.00000002.3844483746.0000000000C9D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	C9D000
Size:	12288

Details

Name:	00000006.00000002.3846058738.0000000003EDE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3EDE000
Size:	8192

Details

Name:	0000000E.00000002.1943350937.00000000025BE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	25BE000
Size:	8192

Details

Name:	00000019.00000003.1978631302.000002CA675DE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675DE000
Size:	4096

Details

Name:	0000001C.00000002.2360481255.000000000147E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	147E000
Size:	28672

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000022.00000002.2437850701.00000000015FE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	15FE000
Size:	102400

Details

Name:	0000001C.00000002.2361461712.0000000003DA0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3DA0000
Size:	8192

Details

Name:	00000006.00000002.3847661609.00000000057EF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	57EF000
Size:	4096

Details

Name:	0000001C.00000002.2360634654.00000000014BE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	14BE000
Size:	61440

Details

Name:	00000022.00000002.2441813803.0000000004281000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4281000
Size:	12288

Details

Name:	00000015.00000003.2374397420.0000000000A0D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A0D000
Size:	90112

Details

Name:	00000021.00000002.3845410116.00000000028F7000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	28F7000
Size:	8192

Details

Name:	00000006.00000003.1844236405.00000000050F0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	50F0000
Size:	4096

Details

Name:	00000001.00000002.1454217272.0000000000F2B000.00000080.00000001.01000000.00000003.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and write copy
Base address:	F2B000
Size:	8192

Details

Name:	00000022.00000002.2438953584.0000000003260000.00000040.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	3260000
Size:	4096

Details

Name:	00000016.00000002.2104948432.000000000457F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	22
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	457F000
Size:	4096

Details

Name:	00000006.00000003.1863917818.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000001.00000003.1369886923.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000002.00000002.1465345526.00000000002F0000.00000004.00000001.01000000.00000007.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2F0000
Size:	4096

Details

Name:	0000001C.00000002.2360906486.0000000002EC0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2EC0000
Size:	4096

Details

Name:	00000015.00000003.2374084560.0000000000A3F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A3F000
Size:	49152

Details

Name:	00000001.00000002.1460330565.0000000005230000.00000004.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page read and write
Base address:	5230000
Size:	4096

Details

Name:	00000015.00000002.2377560801.0000000000D1A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	D1A000
Size:	65536

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	0000001B.00000002.2413170670.0000000000F40000.00000004.00000020.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	F40000
Size:	4096

Details

Name:	00000015.00000003.2371922437.0000000000C02000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C02000
Size:	73728

Details

Name:	00000015.00000003.2372291141.0000000000B81000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B81000
Size:	90112

Details

Name:	00000015.00000003.2373336099.0000000000B24000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B24000
Size:	4096

Details

Name:	00000001.00000002.1458583151.0000000001670000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1670000
Size:	114688

Details

Name:	00000022.00000002.2436941578.0000000000FF0000.00000004.00000020.00040000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	FF0000
Size:	4096

Details

Name:	00000015.00000003.2375370472.0000000000CA9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	CA9000
Size:	12288

Details

Name:	00000006.00000003.1845892283.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000022.00000002.2437728894.00000000015DA000.00000040.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	15DA000
Size:	4096

Details

Name:	00000015.00000002.2377961747.0000000003660000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3660000
Size:	4096

Details

Name:	0000001A.00000003.1996431829.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000015.00000003.1956781524.00000000032B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	32B1000
Size:	212992

Details

Name:	00000001.00000003.1407236536.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000002.00000002.1466869154.0000000003DDE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3DDE000
Size:	8192

Details

Name:	00000022.00000002.2437850701.0000000001618000.00000004.00000020.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1618000
Size:	8192

Details

Name:	00000002.00000002.1466146698.000000000274E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	274E000
Size:	8192

Details

Name:	00000006.00000002.3846402479.000000000429E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	429E000
Size:	8192

Details

Name:	00000015.00000003.2372334077.0000000000B8D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B8D000
Size:	40960

Details

Name:	00000001.00000002.1455371564.00000000015CE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	15CE000
Size:	8192

Details

Name:	00000023.00000002.2495523874.0000000000458000.00000040.00000400.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	remote allocation
Protect:	page execute and read and write
Base address:	458000
Size:	16384

Details

Name:	0000001B.00000002.2413593102.00000000029F8000.00000040.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	29F8000
Size:	8192

Details

Name:	00000023.00000002.2497683738.0000000003A4F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3A4F000
Size:	4096

Details

Name:	0000001A.00000002.3836351921.0000000000EBD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	EBD000
Size:	274432

Details

Name:	00000006.00000003.1864523454.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000002.00000002.1467016376.00000000042DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	42DE000
Size:	8192

Details

Name:	00000015.00000003.2375501819.0000000000994000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	994000
Size:	8192

Details

Name:	00000015.00000003.2374593434.0000000000A02000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A02000
Size:	12288

Details

Name:	0000001A.00000003.1982977727.0000000000CF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CF0000
Size:	159744

Details

Name:	00000015.00000002.2376423052.0000000000978000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	978000
Size:	65536

Details

Name:	00000022.00000002.2443143816.0000000005720000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5720000
Size:	8192

Details

Name:	0000001C.00000002.2361461712.0000000003D9E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3D9E000
Size:	4096

Details

Name:	00000001.00000002.1459371114.00000000035BF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	35BF000
Size:	4096

Details

Name:	00000022.00000002.2437632213.00000000015C0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	15C0000
Size:	12288

Details

Name:	0000001A.00000003.1996817801.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000001.00000003.1371057377.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	0000001A.00000000.1977385254.000000000070D000.00000002.00000001.01000000.0000000D.sdmp
TargetID:	26
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	70D000
Size:	151552

Details

Name:	00000015.00000003.2374899846.00000000009A6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	9A6000
Size:	180224

Details

Name:	00000001.00000002.1456132249.0000000001660000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1660000
Size:	45056

Details

Name:	00000006.00000002.3847067375.0000000004F60000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4F60000
Size:	4096

Details

Name:	0000001A.00000003.1996676366.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000015.00000003.2375546504.00000000032B2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	32B2000
Size:	4096

Details

Name:	0000001C.00000002.2361690700.0000000003DAD000.00000004.00000800.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3DAD000
Size:	12288

Details

Name:	00000006.00000003.1864714101.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000022.00000002.2437787781.00000000015E7000.00000040.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	15E7000
Size:	4096

Details

Name:	00000002.00000002.1466293379.0000000002B1E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2B1E000
Size:	8192

Details

Name:	00000015.00000002.2378059220.0000000003AFE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3AFE000
Size:	8192

Details

Name:	00000006.00000003.1838938061.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000006.00000002.3846638549.000000000465E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	465E000
Size:	8192

Details

Name:	00000011.00000003.1947913205.00000000027F3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	27F3000
Size:	12288

Details

Name:	00000021.00000002.3845410116.0000000002835000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2835000
Size:	557056

Details

Name:	00000002.00000003.1422498415.00000000007E0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	7E0000
Size:	53248

Details

Name:	00000001.00000003.1410334619.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000011.00000002.1948447309.0000000002BFB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2BFB000
Size:	16384

Details

Name:	0000001C.00000002.2360317386.000000000135B000.00000004.00000010.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	135B000
Size:	20480

Details

Name:	00000023.00000002.2496087176.00000000013F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	13F0000
Size:	4096

Details

Name:	00000001.00000003.1413161174.0000000006805000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6805000
Size:	8192

Details

Name:	0000001C.00000002.2361438860.0000000003D83000.00000004.00000800.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3D83000
Size:	4096

Details

Name:	00000015.00000002.2377851178.00000000032A0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	32A0000
Size:	4096

Details

Name:	00000009.00000002.1925373874.0000000000401000.00000020.00000001.01000000.00000009.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute read
Base address:	401000
Size:	32768

Details

Name:	00000001.00000003.1371539537.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000001.00000002.1453301756.0000000000D69000.00000040.00000001.01000000.00000003.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	D69000
Size:	36864

Details

Name:	00000023.00000002.2498896588.0000000003B9C000.00000004.00000800.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3B9C000
Size:	4096

Details

Name:	00000015.00000003.2373124916.0000000000B24000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B24000
Size:	4096

Details

Name:	00000015.00000003.2371405142.0000000000C3E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C3E000
Size:	73728

Details

Name:	00000009.00000003.1916924090.00000000006DD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6DD000
Size:	114688

Details

Name:	00000006.00000000.1833924682.00000000002F0000.00000002.00000001.01000000.00000007.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2F0000
Size:	4096

Details

Name:	0000001A.00000003.1978257831.0000000000DAE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	DAE000
Size:	131072

Details

Name:	00000009.00000002.1927000114.00000000026CE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	26CE000
Size:	8192

Details

Name:	00000001.00000002.1460965268.000000000863B000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	863B000
Size:	20480

Details

Name:	00000002.00000002.1465979879.0000000000A20000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	A20000
Size:	32768

Details

Name:	00000006.00000003.1846255651.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000016.00000002.2104737744.00000000028A0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	22
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	28A0000
Size:	20480

Details

Name:	00000006.00000003.1840433092.0000000001270000.00000004.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1270000
Size:	53248

Details

Name:	0000001A.00000002.3830455831.0000000000B5F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	B5F000
Size:	4096

Details

Name:	00000015.00000003.2367833231.00000000035BA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	35BA000
Size:	4096

Details

Name:	0000001C.00000002.2360457208.000000000144C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	144C000
Size:	12288

Details

Name:	00000006.00000003.1846149749.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000022.00000002.2442931244.0000000005700000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5700000
Size:	4096

Details

Name:	00000015.00000003.2373751759.0000000000A85000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A85000
Size:	8192

Details

Name:	00000006.00000003.1864193750.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000001.00000003.1410051722.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000002.00000003.1419322890.0000000000214000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	214000
Size:	4096

Details

Name:	0000001A.00000003.1996998224.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000001.00000003.1364486193.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000015.00000003.2370979173.0000000000CC9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	CC9000
Size:	36864

Details

Name:	00000002.00000002.1466576833.00000000033DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	33DE000
Size:	8192

Details

Name:	00000021.00000002.3836115250.0000000000963000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	963000
Size:	196608

Details

Name:	00000015.00000003.1954709250.00000000033B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	33B0000
Size:	159744

Details

Name:	0000000C.00000002.1937685885.0000000002E5D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2E5D000
Size:	20480

Details

Name:	0000001B.00000002.2412046374.0000000000B40000.00000004.00000020.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	B40000
Size:	4096

Details

Name:	0000001A.00000003.1996782399.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000009.00000002.1926946588.0000000002284000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2284000
Size:	8192

Details

Name:	00000001.00000000.1355107346.0000000000A41000.00000080.00000001.01000000.00000003.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and write copy
Base address:	A41000
Size:	393216

Details

Name:	00000006.00000003.1846539730.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000015.00000003.1958606112.0000000003821000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3821000
Size:	45056

Details

Name:	00000001.00000003.1361412848.00000000014B0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	14B0000
Size:	53248

Details

Name:	00000006.00000003.1861932579.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000021.00000002.3826955675.0000000000810000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	810000
Size:	16384

Details

Name:	00000009.00000002.1927278863.0000000002CEC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2CEC000
Size:	16384

Details

Name:	00000006.00000002.3826911779.00000000005DE000.00000040.00000001.01000000.00000007.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	5DE000
Size:	131072

Details

Name:	00000015.00000003.2371235944.0000000000CA2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	CA2000
Size:	81920

Details

Name:	00000021.00000002.3861340400.000000000568F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	568F000
Size:	4096

Details

Name:	00000015.00000003.2371325852.0000000000C72000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C72000
Size:	49152

Details

Name:	00000002.00000002.1466887626.0000000003EDF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3EDF000
Size:	4096

Details

Name:	0000000C.00000002.1937971944.000000000304E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	304E000
Size:	8192

Details

Name:	00000015.00000003.2372166004.0000000000BF5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	BF5000
Size:	4096

Details

Name:	00000002.00000003.1422753383.00000000007E0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	7E0000
Size:	53248

Details

Name:	00000006.00000002.3845174578.000000000349F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	349F000
Size:	4096

Details

Name:	00000006.00000003.1841327691.0000000001270000.00000004.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1270000
Size:	53248

Details

Name:	0000000E.00000002.1943746496.00000000027A8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	27A8000
Size:	8192

Details

Name:	00000001.00000003.1409000317.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000001.00000003.1410081730.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000015.00000002.2377820548.0000000003280000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3280000
Size:	4096

Details

Name:	00000001.00000003.1409078211.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000006.00000003.1863987090.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000021.00000002.3845410116.00000000028E3000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	28E3000
Size:	4096

Details

Name:	00000006.00000002.3838611940.00000000010CE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	10CE000
Size:	8192

Details

Name:	00000001.00000002.1460157046.0000000004AFF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4AFF000
Size:	4096

Details

Name:	00000015.00000002.2377106928.0000000000C47000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	C47000
Size:	4096

Details

Name:	00000001.00000002.1460196940.0000000004C3F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4C3F000
Size:	4096

Details

Name:	00000019.00000002.1981689207.000002CA67599000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CA67599000
Size:	53248

Details

Name:	0000001B.00000002.2413312436.00000000027AE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	27AE000
Size:	8192

Details

Name:	00000002.00000002.1467110426.00000000049E0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	49E0000
Size:	4096

Details

Name:	00000021.00000002.3844846242.000000000258F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	258F000
Size:	4096

Details

Name:	00000015.00000003.2375688403.00000000009EC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	9EC000
Size:	4096

Details

Name:	00000021.00000002.3845410116.00000000028CB000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	28CB000
Size:	4096

Details

Name:	00000023.00000002.2498896588.0000000003B87000.00000004.00000800.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3B87000
Size:	28672

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000001.00000002.1459992822.00000000045FF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	45FF000
Size:	4096

Details

Name:	00000021.00000002.3836534510.00000000009C9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	9C9000
Size:	90112

Details

Name:	00000006.00000003.1864105798.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000023.00000002.2496694635.00000000014D2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	14D2000
Size:	28672

Details

Name:	0000000C.00000002.1937895523.0000000002F8E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2F8E000
Size:	8192

Details

Name:	00000006.00000003.1865195605.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000001.00000002.1459345989.00000000034BE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	34BE000
Size:	8192

Details

Name:	00000002.00000003.1423713177.0000000000214000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	214000
Size:	4096

Details

Name:	00000001.00000003.1366834157.00000000053C0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	53C0000
Size:	4096

Details

Name:	00000006.00000003.1865098267.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000001.00000003.1371687020.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000023.00000002.2497010521.000000000160F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	160F000
Size:	4096

Details

Name:	00000015.00000003.2371671152.0000000000BF9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	BF9000
Size:	32768

Details

Name:	00000001.00000003.1407889164.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000001.00000003.1410299040.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	0000001B.00000002.2412615893.0000000000CEB000.00000040.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	CEB000
Size:	4096

Details

Name:	0000001B.00000000.2236020377.00000000006E6000.00000002.00000001.01000000.0000000E.sdmp
TargetID:	27
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	6E6000
Size:	331776

Details

Name:	00000011.00000003.1947693412.0000000002817000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2817000
Size:	12288

Details

Name:	00000001.00000003.1371397408.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	0000001B.00000002.2415634434.0000000005030000.00000040.00000020.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	5030000
Size:	4096

Details

Name:	0000001B.00000002.2415388541.0000000004BCE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4BCE000
Size:	8192

Details

Name:	00000006.00000003.1846089515.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	0000001A.00000002.3835641848.0000000000E0B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	E0B000
Size:	352256

Details

Name:	00000015.00000003.2372334077.0000000000BA7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	BA7000
Size:	8192

Details

Name:	00000021.00000002.3864518708.0000000006CD0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	6CD0000
Size:	131072

Details

Name:	00000022.00000002.2438794505.0000000003120000.00000004.00000020.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3120000
Size:	4096

Details

Name:	00000006.00000002.3846229184.000000000411F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	411F000
Size:	4096

Details

Name:	0000001B.00000002.2413063575.0000000000EF0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	EF0000
Size:	8192

Details

Name:	0000001A.00000003.1979278420.0000000000CF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CF0000
Size:	159744

Details

Name:	00000001.00000003.1361841619.00000000014B0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	14B0000
Size:	53248

Details

Name:	00000002.00000002.1466647118.000000000365E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	365E000
Size:	8192

Details

Name:	00000009.00000002.1926074543.0000000000680000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	680000
Size:	36864

Details

Name:	00000016.00000002.2104857105.00000000029F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	22
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	29F0000
Size:	20480

Details

Name:	00000002.00000003.1421526157.0000000004820000.00000004.00000800.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4820000
Size:	176128

Details

Name:	00000006.00000003.1838841871.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000015.00000000.1952121320.000000000011D000.00000008.00000001.01000000.0000000B.sdmp
TargetID:	21
Dumpstage:	process new
Regiontype:	unkown
Protect:	page write copy
Base address:	11D000
Size:	4096

Details

Name:	00000009.00000003.1925081526.00000000006C8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C8000
Size:	57344

Details

Name:	00000009.00000003.1925081526.00000000006C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C4000
Size:	12288

Details

Name:	00000015.00000003.1958330727.0000000000D1C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	D1C000
Size:	8192

Details

Name:	00000001.00000003.1409671883.00000000016C5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16C5000
Size:	81920

Details

Name:	00000001.00000003.1408632800.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000001.00000002.1459115593.00000000030AF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	30AF000
Size:	4096

Details

Name:	00000015.00000003.1954221104.00000000032B1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	32B1000
Size:	65536

Details

Name:	00000006.00000003.1864134664.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	0000001A.00000002.3826539215.00000000004C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4C0000
Size:	4096

Details

Name:	00000006.00000002.3847687687.000000000583E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	583E000
Size:	8192

Details

Name:	00000006.00000002.3847337799.0000000005150000.00000040.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5150000
Size:	4096

Details

Name:	00000001.00000003.1408943748.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000001.00000003.1374413877.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000002.00000002.1466412220.0000000002EDE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2EDE000
Size:	8192

Details

Name:	0000001B.00000002.2413195341.0000000000F50000.00000004.00000020.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	F50000
Size:	4096

Details

Name:	00000001.00000002.1460119837.00000000049BF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	49BF000
Size:	4096

Details

Name:	0000001A.00000003.1996581878.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000015.00000003.1957604837.0000000003560000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3560000
Size:	159744

Details

Name:	00000015.00000003.2373124916.0000000000B16000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B16000
Size:	8192

Details

Name:	00000006.00000002.3845119765.000000000339E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	339E000
Size:	8192

Details

Name:	0000001C.00000002.2360362945.000000000140E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	140E000
Size:	8192

Details

Name:	00000002.00000003.1425479762.00000000049D0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	49D0000
Size:	4096

Details

Name:	00000023.00000002.2496583955.00000000014B6000.00000004.00000020.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	14B6000
Size:	45056

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000009.00000003.1925081526.00000000006D7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6D7000
Size:	45056

Details

Name:	00000001.00000003.1407579284.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000015.00000003.2374988570.00000000009D8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	9D8000
Size:	20480

Details

Name:	00000015.00000003.2371170482.0000000000C60000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C60000
Size:	32768

Details

Name:	00000001.00000003.1370099774.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	0000001A.00000003.1995938827.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000021.00000002.3864072510.00000000067E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	67E0000
Size:	4096

Details

Name:	00000023.00000002.2499064574.0000000003D80000.00000004.00000020.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3D80000
Size:	212992

Details

Name:	00000006.00000002.3847315053.0000000005140000.00000040.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5140000
Size:	4096

Details

Name:	00000002.00000002.1465269323.0000000000250000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	250000
Size:	4096

Details

Name:	00000019.00000003.1978585794.000002CA675C8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675C8000
Size:	8192

Details

Name:	00000006.00000003.1864800157.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000002.00000000.1413338564.0000000000627000.00000080.00000001.01000000.00000007.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and write copy
Base address:	627000
Size:	1794048

Details

Name:	00000015.00000003.1959813549.0000000000864000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	864000
Size:	8192

Details

Name:	00000021.00000002.3862912598.000000000652C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	652C000
Size:	16384

Details

Name:	00000001.00000003.1413426593.000000000168C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	168C000
Size:	139264

Details

Name:	00000006.00000002.3826911779.00000000004F9000.00000040.00000001.01000000.00000007.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	4F9000
Size:	921600

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	0000000E.00000002.1943897083.000000000444F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	444F000
Size:	4096

Details

Name:	0000001A.00000003.1996896199.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000001.00000002.1453160328.0000000000AA2000.00000040.00000001.01000000.00000003.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	AA2000
Size:	20480

Details

Name:	00000021.00000002.3856262392.0000000004ECE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4ECE000
Size:	8192

Details

Name:	00000001.00000003.1362761717.00000000014B0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	14B0000
Size:	53248

Details

Name:	00000002.00000000.1413310632.0000000000359000.00000008.00000001.01000000.00000007.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page write copy
Base address:	359000
Size:	4096

Details

Name:	00000022.00000002.2438864398.0000000003230000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3230000
Size:	65536

Details

Name:	00000006.00000002.3840368605.0000000001130000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1130000
Size:	16384

Details

Name:	00000009.00000002.1926193177.00000000006D7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6D7000
Size:	45056

Details

Name:	00000006.00000003.1863491451.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000002.00000003.1422211248.00000000007E0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	7E0000
Size:	53248

Details

Name:	00000001.00000003.1408117536.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000002.00000002.1466516564.000000000325F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	325F000
Size:	4096

Details

Name:	00000015.00000003.1954590767.00000000033B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	33B0000
Size:	159744

Details

Name:	00000019.00000002.1980777433.000000DB1E8FA000.00000004.00000010.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	DB1E8FA000
Size:	24576

Details

Name:	00000002.00000002.1467268853.0000000004A60000.00000040.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4A60000
Size:	4096

Details

Name:	00000015.00000003.1958606112.000000000382F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	382F000
Size:	102400

Details

Name:	00000002.00000002.1466975238.000000000419E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	419E000
Size:	8192

Details

Name:	00000006.00000002.3845970621.0000000003D9E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3D9E000
Size:	8192

Details

Name:	0000001A.00000002.3830455831.0000000000B3D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	B3D000
Size:	12288

Details

Name:	00000015.00000002.2376796644.0000000000B2D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	B2D000
Size:	4096

Details

Name:	00000015.00000003.1953302909.00000000009CC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	9CC000
Size:	77824

Details

Name:	0000001A.00000002.3827223105.000000000070D000.00000002.00000001.01000000.0000000D.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	70D000
Size:	151552

Details

Name:	00000001.00000002.1459160965.00000000030F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	30F0000
Size:	20480

Details

Name:	00000022.00000002.2438703689.0000000003100000.00000004.00000020.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3100000
Size:	4096

Details

Name:	00000021.00000002.3862957477.000000000662E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	662E000
Size:	8192

Details

Name:	00000001.00000002.1459715922.0000000003E7F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3E7F000
Size:	4096

Details

Name:	0000001B.00000002.2415347581.0000000004ACE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4ACE000
Size:	8192

Details

Name:	00000015.00000003.1953632294.0000000002D92000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2D92000
Size:	954368

Details

Name:	00000002.00000002.1466128270.000000000270F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	270F000
Size:	4096

Details

Name:	00000001.00000003.1413668398.00000000016C3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16C3000
Size:	8192

Details

Name:	00000001.00000003.1413783118.000000000166E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	166E000
Size:	122880

Details

Name:	00000009.00000002.1925587579.0000000000520000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	520000
Size:	8192

Details

Name:	0000001C.00000002.2360481255.0000000001450000.00000004.00000020.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1450000
Size:	24576

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000006.00000000.1833951138.0000000000352000.00000080.00000001.01000000.00000007.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute and write copy
Base address:	352000
Size:	16384

Details

Name:	00000006.00000003.1864915118.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000001.00000003.1407480852.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000001.00000003.1409638512.00000000016D9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16D9000
Size:	61440

Details

Name:	00000015.00000003.2371777378.0000000000BEB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	BEB000
Size:	57344

Details

Name:	00000015.00000003.2374303995.0000000000A2D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A2D000
Size:	16384

Details

Name:	00000001.00000003.1371289382.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000019.00000002.1981836418.000002CA675BE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675BE000
Size:	40960

Details

Name:	00000021.00000002.3844714321.0000000000E77000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	E77000
Size:	12288

Details

Name:	00000001.00000003.1407349169.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000015.00000002.2377242567.0000000000C79000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	C79000
Size:	20480

Details

Name:	00000001.00000002.1460138488.00000000049FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	49FE000
Size:	8192

Details

Name:	00000021.00000002.3832402685.00000000008FF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	8FF000
Size:	45056

Details

Name:	00000015.00000003.2373124916.0000000000ADD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	ADD000
Size:	81920

Details

Name:	00000002.00000003.1418919934.00000000043E1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	43E1000
Size:	49152

Details

Name:	00000006.00000002.3845928857.0000000003D5F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3D5F000
Size:	4096

Details

Name:	00000006.00000003.1845719049.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000001.00000003.1367410127.00000000053A0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	53A0000
Size:	4096

Details

Name:	00000015.00000003.2375085990.0000000003597000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3597000
Size:	118784

Details

Name:	00000015.00000002.2376179162.00000000007FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7FE000
Size:	8192

Details

Name:	00000001.00000003.1410119797.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000021.00000002.3854823795.0000000004D68000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4D68000
Size:	81920

Details

Name:	00000021.00000002.3859340977.000000000549B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	549B000
Size:	20480

Details

Name:	00000015.00000003.2374332727.0000000000A58000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A58000
Size:	20480

Details

Name:	0000001A.00000002.3826849363.0000000000670000.00000002.00000001.01000000.0000000D.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	670000
Size:	4096

Details

Name:	00000021.00000002.3844347121.0000000000B97000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	B97000
Size:	12288

Details

Name:	00000019.00000002.1981396154.000002CA67430000.00000004.00000020.00040000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CA67430000
Size:	4096

Details

Name:	00000006.00000002.3845884009.0000000003C5E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3C5E000
Size:	8192

Details

Name:	00000011.00000003.1945548822.000000000281D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	281D000
Size:	94208

Details

Name:	00000001.00000002.1460014813.000000000463E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	463E000
Size:	8192

Details

Name:	00000015.00000002.2376179162.00000000007EF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7EF000
Size:	4096

Details

Name:	00000009.00000002.1926506491.000000000205E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	205E000
Size:	8192

Details

Name:	0000000E.00000002.1943320989.000000000257E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	257E000
Size:	8192

Details

Name:	00000006.00000002.3846866241.0000000004A1E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4A1E000
Size:	8192

Details

Name:	00000021.00000002.3862768835.0000000005A3F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5A3F000
Size:	4096

Details

Name:	00000006.00000003.1844185339.0000000005110000.00000040.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5110000
Size:	4096

Details

Name:	00000015.00000003.1958606112.0000000003760000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3760000
Size:	786432

Details

Name:	00000015.00000002.2376179162.00000000007CF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7CF000
Size:	4096

Details

Name:	00000021.00000002.3845410116.000000000282F000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	282F000
Size:	8192

Details

Name:	0000001A.00000003.1996746357.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000006.00000003.1846054813.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000006.00000003.1845945139.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000001.00000002.1460235855.0000000004D7F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4D7F000
Size:	4096

Details

Name:	00000022.00000002.2437850701.0000000001682000.00000004.00000020.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1682000
Size:	4096

Details

Name:	0000001A.00000002.3826632593.0000000000604000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	604000
Size:	8192

Details

Name:	00000006.00000002.3846801447.00000000048DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	48DE000
Size:	8192

Details

Name:	0000001A.00000003.1995599037.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000015.00000003.1956981511.0000000000864000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	864000
Size:	4096

Details

Name:	00000006.00000002.3846599227.000000000461F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	461F000
Size:	4096

Details

Name:	0000001B.00000002.2415043769.00000000039F1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	39F1000
Size:	12288

Details

Name:	00000011.00000002.1948416882.0000000002BD0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2BD0000
Size:	4096

Details

Name:	00000015.00000003.2375796445.0000000000CFA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	CFA000
Size:	49152

Details

Name:	00000021.00000002.3844172818.0000000000B7C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	B7C000
Size:	16384

Details

Name:	00000019.00000003.1979458395.000002CA675DE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675DE000
Size:	4096

Details

Name:	00000006.00000003.1864492101.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000019.00000003.1979170300.000002CA675D3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675D3000
Size:	4096

Details

Name:	00000023.00000002.2498155053.0000000003B08000.00000004.00000800.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3B08000
Size:	4096

Details

Name:	0000001B.00000000.2235941275.00000000006D0000.00000002.00000001.01000000.0000000E.sdmp
TargetID:	27
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	6D0000
Size:	4096

Details

Name:	00000021.00000002.3826411061.0000000000598000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	598000
Size:	32768

Details

Name:	0000001A.00000003.1981980345.0000000000124000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	124000
Size:	4096

Details

Name:	00000022.00000002.2443177377.0000000005790000.00000040.00000020.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	5790000
Size:	4096

Details

Name:	00000001.00000002.1460557628.0000000005430000.00000040.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5430000
Size:	4096

Details

Name:	0000000C.00000002.1937685885.0000000002E2F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2E2F000
Size:	106496

Details

Name:	00000011.00000002.1948150332.00000000027F7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	27F7000
Size:	32768

Details

Name:	00000015.00000003.2305277582.0000000003F00000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3F00000
Size:	151552

Details

Name:	00000009.00000003.1925081526.00000000006C1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6C1000
Size:	4096

Details

Name:	00000021.00000002.3857875920.0000000005464000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5464000
Size:	8192

Details

Name:	0000000C.00000002.1937644310.0000000002DFE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2DFE000
Size:	8192

Details

Name:	0000000E.00000002.1943055588.000000000243E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	243E000
Size:	8192

Details

Name:	00000015.00000003.1972655177.00000000032B2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	32B2000
Size:	4096

Details

Name:	00000015.00000003.1959779763.0000000000864000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	864000
Size:	8192

Details

Name:	00000015.00000002.2377591668.0000000000D2B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	D2B000
Size:	69632

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	0000001A.00000002.3835851754.0000000000E62000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	E62000
Size:	172032

Details

Name:	00000015.00000002.2376728987.0000000000AAC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	AAC000
Size:	8192

Details

Name:	00000001.00000002.1461169871.0000000008AEC000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	8AEC000
Size:	16384

Details

Name:	00000001.00000003.1408835145.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000001.00000003.1414059531.00000000016DA000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16DA000
Size:	53248

Details

Name:	00000002.00000002.1465434381.0000000000359000.00000004.00000001.01000000.00000007.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	359000
Size:	4096

Details

Name:	00000011.00000002.1948355149.00000000029BE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	29BE000
Size:	8192

Details

Name:	00000015.00000002.2376948364.0000000000C02000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	C02000
Size:	69632

Details

Name:	00000019.00000002.1981255921.000000DB1EFFE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	DB1EFFE000
Size:	8192

Details

Name:	00000001.00000003.1410009445.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000002.00000003.1425406800.00000000049D0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	49D0000
Size:	4096

Details

Name:	00000001.00000003.1408326665.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000001.00000003.1409484090.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000015.00000003.1958330727.0000000000D2B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	D2B000
Size:	4096

Details

Name:	00000015.00000003.2370979173.0000000000CD3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	CD3000
Size:	12288

Details

Name:	00000021.00000002.3845410116.00000000028F5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	28F5000
Size:	4096

Signature Hits	Behavior Group	Mitre Attack
May try to detect the Windows Explorer process (often used for injection)	HIPS / PFW / Operating System Protection Evasion	Process Injection Process Discovery

Details

Name:	0000001A.00000002.3832424121.0000000000D48000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	D48000
Size:	679936

Details

Name:	00000001.00000003.1409025373.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000006.00000000.1834017863.0000000000359000.00000008.00000001.01000000.00000007.sdmp
TargetID:	6
Dumpstage:	process new
Regiontype:	unkown
Protect:	page write copy
Base address:	359000
Size:	4096

Details

Name:	00000006.00000003.1864050412.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000006.00000002.3846840513.00000000049DF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	49DF000
Size:	4096

Details

Name:	00000001.00000003.1371663687.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000001.00000003.1407607985.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	0000000C.00000002.1937995805.0000000003077000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3077000
Size:	12288

Details

Name:	00000022.00000002.2437823907.00000000015EB000.00000040.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	15EB000
Size:	4096

Details

Name:	00000015.00000003.2372609869.0000000000B2E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B2E000
Size:	61440

Details

Name:	00000001.00000003.1408553963.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	0000001A.00000003.1982768417.0000000000CF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CF0000
Size:	159744

Details

Name:	00000002.00000002.1466778794.0000000003B1F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3B1F000
Size:	4096

Details

Name:	00000001.00000003.1408579885.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	0000001A.00000003.1980971736.0000000000CF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CF0000
Size:	159744

Details

Name:	00000021.00000002.3854823795.0000000004C98000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4C98000
Size:	774144

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery
URLs found in memory or binary data	Networking

Details

Name:	0000001C.00000002.2360703726.00000000014CF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	14CF000
Size:	12288

Details

Name:	00000015.00000002.2377068124.0000000000C3B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	C3B000
Size:	12288

Details

Name:	00000001.00000002.1460281066.0000000004DB1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4DB1000
Size:	8192

Details

Name:	00000015.00000003.2372115235.0000000000C13000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C13000
Size:	4096

Details

Name:	00000006.00000002.3844679192.0000000002E5F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2E5F000
Size:	4096

Details

Name:	00000015.00000000.1952181037.0000000000125000.00000002.00000001.01000000.0000000B.sdmp
TargetID:	21
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	125000
Size:	90112

Details

Name:	00000006.00000003.1861824750.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000011.00000003.1947693412.00000000027F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	27F0000
Size:	4096

Details

Name:	00000015.00000003.2373124916.0000000000AF2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	AF2000
Size:	12288

Details

Name:	00000015.00000002.2377269253.0000000000C88000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	C88000
Size:	16384

Details

Name:	00000021.00000002.3854747206.0000000004C80000.00000040.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	4C80000
Size:	4096

Details

Name:	0000001B.00000002.2413621560.00000000029FA000.00000004.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	29FA000
Size:	5259264

Details

Name:	00000002.00000003.1419946362.00000000007E0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	7E0000
Size:	53248

Details

Name:	00000006.00000002.3843876236.00000000012C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	12C0000
Size:	24576

Details

Name:	00000001.00000002.1459545707.00000000039BE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	39BE000
Size:	8192

Details

Name:	0000000C.00000002.1937685885.0000000002E18000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2E18000
Size:	73728

Details

Name:	00000011.00000002.1948564251.00000000046E0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	46E0000
Size:	4096

Details

Name:	0000001B.00000002.2412380973.0000000000CB4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CB4000
Size:	4096

Details

Name:	00000001.00000002.1460534557.0000000005420000.00000040.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5420000
Size:	4096

Details

Name:	00000015.00000003.2305054738.00000000035B4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	35B4000
Size:	28672

Details

Name:	00000006.00000002.3847237143.0000000005120000.00000040.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5120000
Size:	4096

Details

Name:	00000022.00000002.2439013978.0000000003281000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3281000
Size:	28672

Details

Name:	00000015.00000003.1960318668.0000000003660000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3660000
Size:	159744

Details

Name:	00000015.00000003.2373949423.0000000000A68000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A68000
Size:	8192

Details

Name:	0000001B.00000002.2412188851.0000000000B95000.00000004.00000020.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	B95000
Size:	12288

Details

Name:	00000021.00000002.3864332451.0000000006810000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6810000
Size:	24576

Details

Name:	00000006.00000003.1864621912.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	0000001C.00000002.2361355563.0000000003CBF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3CBF000
Size:	4096

Details

Name:	0000001B.00000002.2412422819.0000000000CC4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CC4000
Size:	24576

Details

Name:	00000023.00000002.2497731923.0000000003AA8000.00000004.00000800.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3AA8000
Size:	36864

Details

Name:	0000000E.00000002.1942618587.000000000011C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	11C000
Size:	16384

Details

Name:	00000001.00000003.1360768529.00000000014B0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	14B0000
Size:	53248

Details

Name:	00000015.00000003.2371922437.0000000000BEB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	BEB000
Size:	57344

Details

Name:	00000002.00000002.1465454592.00000000005DE000.00000040.00000001.01000000.00000007.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	5DE000
Size:	131072

Details

Name:	00000001.00000002.1459845961.000000000413E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	413E000
Size:	8192

Details

Name:	0000001C.00000002.2361461712.0000000003D9B000.00000004.00000800.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3D9B000
Size:	4096

Details

Name:	00000002.00000002.1466795082.0000000003B5E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3B5E000
Size:	8192

Details

Name:	0000000C.00000002.1938110475.0000000004D5F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4D5F000
Size:	4096

Details

Name:	00000022.00000002.2437505913.00000000015A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	15A0000
Size:	8192

Details

Name:	00000015.00000002.2376093549.000000000011D000.00000004.00000001.01000000.0000000B.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	11D000
Size:	28672

Details

Name:	00000021.00000002.3832402685.000000000090B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	90B000
Size:	12288

Details

Name:	00000001.00000003.1409313992.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000015.00000003.2373549660.0000000000AA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	AA1000
Size:	36864

Details

Name:	00000015.00000002.2377769551.0000000002EB0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2EB0000
Size:	8192

Details

Name:	00000023.00000002.2498857875.0000000003B80000.00000004.00000800.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3B80000
Size:	4096

Details

Name:	00000021.00000002.3845410116.0000000002904000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2904000
Size:	4096

Details

Name:	00000023.00000002.2496059062.00000000013DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	13DE000
Size:	8192

Details

Name:	00000021.00000002.3832402685.00000000008E8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	8E8000
Size:	90112

Details

Name:	00000001.00000003.1413063860.0000000007170000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	7170000
Size:	8192

Details

Name:	00000001.00000003.1361198663.00000000014B0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	14B0000
Size:	53248

Details

Name:	00000015.00000002.2375967803.00000000000ED000.00000002.00000001.01000000.0000000B.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	ED000
Size:	151552

Details

Name:	00000006.00000003.1842604050.0000000001270000.00000004.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1270000
Size:	53248

Details

Name:	00000001.00000003.1410452263.00000000016EF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16EF000
Size:	4096

Details

Name:	00000021.00000002.3830380432.0000000000880000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	880000
Size:	8192

Details

Name:	0000000E.00000002.1943847546.000000000440E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	440E000
Size:	8192

Details

Name:	00000002.00000002.1465219956.0000000000210000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	210000
Size:	16384

Details

Name:	00000006.00000002.3838481683.0000000001060000.00000004.00000020.00040000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1060000
Size:	4096

Details

Name:	00000002.00000002.1465945827.00000000007DB000.00000080.00000001.01000000.00000007.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and write copy
Base address:	7DB000
Size:	8192

Details

Name:	00000001.00000002.1460875196.0000000006B5B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6B5B000
Size:	53248

Details

Name:	00000021.00000002.3864434911.00000000068C0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	68C0000
Size:	65536

Details

Name:	00000022.00000002.2437091811.0000000001440000.00000004.00000020.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1440000
Size:	20480

Details

Name:	00000001.00000002.1460043679.000000000473F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	473F000
Size:	4096

Details

Name:	00000015.00000003.1960186048.0000000000864000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	864000
Size:	8192

Details

Name:	00000009.00000003.1925081526.000000000071F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	71F000
Size:	12288

Details

Name:	00000023.00000002.2496241414.000000000145B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	145B000
Size:	339968

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery
URLs found in memory or binary data	Networking

Details

Name:	00000015.00000003.2373949423.0000000000A6E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A6E000
Size:	8192

Details

Name:	00000009.00000002.1925639829.0000000000585000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	585000
Size:	16384

Details

Name:	00000002.00000002.1465245884.0000000000240000.00000004.00000020.00040000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	240000
Size:	4096

Details

Name:	0000001A.00000002.3827223105.0000000000733000.00000002.00000001.01000000.0000000D.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	733000
Size:	40960

Details

Name:	00000002.00000002.1466553554.000000000339F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	339F000
Size:	4096

Details

Name:	0000001B.00000002.2413364460.00000000027DB000.00000004.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	27DB000
Size:	20480

Details

Name:	00000021.00000002.3856541637.0000000005144000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5144000
Size:	20480

Details

Name:	00000015.00000003.2371777378.0000000000C02000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C02000
Size:	73728

Details

Name:	0000001A.00000003.1981919387.0000000000124000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	124000
Size:	4096

Details

Name:	00000006.00000003.1842357452.0000000001270000.00000004.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1270000
Size:	53248

Details

Name:	00000006.00000002.3841485827.000000000125E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	125E000
Size:	8192

Details

Name:	00000015.00000003.2374268443.0000000000A23000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A23000
Size:	57344

Details

Name:	00000022.00000002.2442582185.000000000537E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	537E000
Size:	8192

Details

Name:	00000015.00000002.2376883373.0000000000BA7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	BA7000
Size:	8192

Details

Name:	0000000E.00000002.1943709104.000000000279F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	279F000
Size:	4096

Details

Name:	00000002.00000002.1466257558.00000000029DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	29DE000
Size:	8192

Details

Name:	0000001A.00000002.3844273252.0000000003350000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3350000
Size:	4096

Details

Name:	00000015.00000003.2367972147.0000000000D2A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	D2A000
Size:	73728

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000021.00000002.3845349654.00000000027E0000.00000040.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	27E0000
Size:	4096

Details

Name:	00000006.00000003.1838819965.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000001.00000003.1371082155.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000019.00000002.1982054369.000002CA676E5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CA676E5000
Size:	24576

Details

Name:	0000001A.00000003.1982866899.0000000000CF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CF0000
Size:	159744

Details

Name:	00000002.00000002.1466275356.0000000002ADF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2ADF000
Size:	4096

Details

Name:	00000011.00000003.1945599614.0000000002818000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2818000
Size:	4096

Details

Name:	0000000C.00000002.1937542270.0000000002C7C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2C7C000
Size:	16384

Details

Name:	00000006.00000002.3846346676.000000000425F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	425F000
Size:	4096

Details

Name:	00000019.00000003.1979327861.000002CA675C9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675C9000
Size:	4096

Details

Name:	00000022.00000002.2438664898.0000000003068000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3068000
Size:	8192

Details

Name:	00000021.00000002.3864112419.00000000067F0000.00000040.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	67F0000
Size:	65536

Details

Name:	00000006.00000002.3846761473.000000000489F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	489F000
Size:	4096

Details

Name:	00000021.00000002.3844347121.0000000000B90000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	B90000
Size:	16384

Details

Name:	00000006.00000003.1865257661.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000015.00000002.2376423052.0000000000989000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	989000
Size:	28672

Details

Name:	00000001.00000002.1453214973.0000000000AA9000.00000004.00000001.01000000.00000003.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	AA9000
Size:	4096

Details

Name:	00000015.00000003.2371922437.0000000000BDE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	BDE000
Size:	49152

Details

Name:	00000023.00000002.2498579477.0000000003B19000.00000004.00000800.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3B19000
Size:	8192

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000015.00000003.2372636076.0000000000C69000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C69000
Size:	36864

Details

Name:	00000002.00000002.1466373400.0000000002D9E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2D9E000
Size:	8192

Details

Name:	00000011.00000002.1948248698.000000000281B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	281B000
Size:	8192

Details

Name:	00000006.00000002.3846937597.0000000004B35000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4B35000
Size:	8192

Details

Name:	0000001B.00000002.2413283165.000000000276E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	276E000
Size:	8192

Details

Name:	00000015.00000003.2371555475.0000000000C48000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C48000
Size:	32768

Details

Name:	00000006.00000003.1865226068.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000015.00000002.2377992133.00000000036BE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	36BE000
Size:	8192

Details

Name:	00000015.00000003.2372733725.0000000000B38000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B38000
Size:	20480

Details

Name:	00000006.00000003.1845805350.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000011.00000002.1948399596.0000000002BC0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2BC0000
Size:	4096

Details

Name:	00000001.00000002.1459635543.0000000003C3E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3C3E000
Size:	8192

Details

Name:	00000001.00000002.1453140052.0000000000A40000.00000004.00000001.01000000.00000003.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	A40000
Size:	4096

Details

Name:	00000022.00000002.2442625612.00000000056E6000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	56E6000
Size:	4096

Details

Name:	00000021.00000002.3828486443.000000000087E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	87E000
Size:	8192

Details

Name:	00000002.00000002.1467128907.00000000049F0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	49F0000
Size:	4096

Details

Name:	00000001.00000002.1455438195.000000000160E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	160E000
Size:	8192

Details

Name:	00000002.00000002.1465199801.00000000001CD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	1CD000
Size:	12288

Details

Name:	00000001.00000003.1362057437.00000000014B0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	14B0000
Size:	53248

Details

Name:	00000006.00000003.1838746164.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	49152

Details

Name:	00000006.00000002.3845411036.000000000371F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	371F000
Size:	4096

Details

Name:	0000001B.00000002.2413509712.00000000028EE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	28EE000
Size:	8192

Details

Name:	00000021.00000002.3860500684.00000000054A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	54A0000
Size:	65536

Details

Name:	00000015.00000003.2372696691.0000000000B26000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B26000
Size:	32768

Details

Name:	00000006.00000002.3846287582.000000000415D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	415D000
Size:	12288

Details

Name:	0000001A.00000003.1995539475.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000001.00000003.1371362381.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000001.00000002.1459395193.00000000035FE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	35FE000
Size:	8192

Details

Name:	0000001A.00000003.1979001732.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	65536

Details

Name:	00000019.00000003.1978317414.000002CA6758C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2CA6758C000
Size:	106496

Details

Name:	0000001B.00000002.2412264919.0000000000CA0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CA0000
Size:	8192

Details

Name:	00000021.00000002.3854625284.0000000004C6E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4C6E000
Size:	8192

Details

Name:	00000001.00000002.1460062928.000000000477E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	477E000
Size:	8192

Details

Name:	00000015.00000002.2375863534.0000000000050000.00000002.00000001.01000000.0000000B.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	50000
Size:	4096

Details

Name:	0000001B.00000002.2413364460.00000000027D9000.00000004.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	27D9000
Size:	4096

Details

Name:	00000021.00000002.3845172381.0000000002630000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2630000
Size:	4096

Details

Name:	00000019.00000003.1979740573.000002CA675CD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675CD000
Size:	16384

Details

Name:	00000001.00000003.1371638654.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000015.00000003.2373874537.0000000000A5F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A5F000
Size:	69632

Details

Name:	00000015.00000000.1951916069.0000000000050000.00000002.00000001.01000000.0000000B.sdmp
TargetID:	21
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	50000
Size:	4096

Details

Name:	00000015.00000003.1961683983.0000000003660000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3660000
Size:	159744

Details

Name:	00000009.00000002.1925312823.0000000000098000.00000004.00000010.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	98000
Size:	32768

Details

Name:	00000006.00000003.1840774224.0000000004F60000.00000004.00000800.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4F60000
Size:	167936

Details

Name:	00000001.00000002.1461102488.000000000877E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	877E000
Size:	8192

Details

Name:	00000002.00000003.1419412855.0000000000214000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	214000
Size:	4096

Details

Name:	0000001A.00000002.3843759271.000000000104F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	104F000
Size:	278528

Details

Name:	00000019.00000002.1981467540.000002CA67510000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CA67510000
Size:	8192

Details

Name:	00000015.00000003.2305455834.00000000032B2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	32B2000
Size:	212992

Details

Name:	0000001A.00000003.1981874427.0000000000124000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	124000
Size:	4096

Details

Name:	00000006.00000003.1863444927.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000006.00000002.3846139955.0000000003FDF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3FDF000
Size:	4096

Details

Name:	00000001.00000003.1366434523.0000000005230000.00000004.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	5230000
Size:	53248

Details

Name:	00000015.00000003.2375579320.00000000032B2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	32B2000
Size:	4096

Details

Name:	00000015.00000003.2372528143.0000000000B3D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B3D000
Size:	86016

Details

Name:	00000006.00000002.3845077937.000000000335F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	335F000
Size:	4096

Details

Name:	00000006.00000003.1865130533.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000002.00000003.1425361469.00000000049D0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	49D0000
Size:	4096

Details

Name:	00000002.00000003.1421423737.00000000007E0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	7E0000
Size:	53248

Details

Name:	00000001.00000003.1410256108.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	0000000E.00000002.1943091019.000000000247A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	247A000
Size:	69632

Details

Name:	0000001B.00000002.2415420314.0000000004F39000.00000004.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	4F39000
Size:	4096

Details

Name:	00000001.00000003.1362518887.00000000014B0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	14B0000
Size:	53248

Details

Name:	0000001A.00000003.1996497103.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	0000001C.00000002.2361133928.000000000373D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	373D000
Size:	12288

Details

Name:	00000006.00000003.1844162172.0000000005110000.00000040.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5110000
Size:	4096

Details

Name:	00000022.00000002.2438985306.0000000003270000.00000040.00000020.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	heap
Protect:	page execute and read and write
Base address:	3270000
Size:	4096

Details

Name:	00000001.00000002.1460261961.0000000004D80000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4D80000
Size:	4096

Details

Name:	0000000E.00000002.1943091019.000000000245E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	245E000
Size:	110592

Details

Name:	00000006.00000002.3846677804.000000000475F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	475F000
Size:	4096

Details

Name:	00000019.00000002.1981179950.000000DB1EEFE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	DB1EEFE000
Size:	8192

Details

Name:	00000015.00000002.2377743150.00000000017EF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	17EF000
Size:	4096

Details

Name:	00000001.00000002.1460875196.0000000006B50000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6B50000
Size:	40960

Details

Name:	00000021.00000002.3836534510.00000000009A3000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	9A3000
Size:	151552

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000022.00000002.2437194336.000000000158E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	158E000
Size:	8192

Details

Name:	0000001A.00000002.3826632593.0000000000600000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	600000
Size:	8192

Details

Name:	00000015.00000003.2373124916.0000000000AFF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	AFF000
Size:	40960

Details

Name:	00000001.00000002.1453301756.0000000000C49000.00000040.00000001.01000000.00000003.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	C49000
Size:	921600

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	00000015.00000003.2374988570.00000000009D1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	9D1000
Size:	4096

Details

Name:	00000021.00000002.3845410116.0000000002900000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2900000
Size:	4096

Details

Name:	00000006.00000002.3847634157.00000000056EE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	56EE000
Size:	8192

Details

Name:	00000006.00000003.1842863976.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000023.00000002.2497132781.0000000002E6D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2E6D000
Size:	12288

Details

Name:	0000001C.00000002.2360292858.000000000125B000.00000004.00000010.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	125B000
Size:	20480

Details

Name:	00000001.00000003.1413832760.00000000016E8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16E8000
Size:	159744

Details

Name:	00000006.00000003.1845753695.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000002.00000003.1419388993.0000000000214000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	214000
Size:	4096

Details

Name:	0000000E.00000002.1943018045.00000000021F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	21F0000
Size:	4096

Details

Name:	0000001A.00000003.1996933916.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	0000001B.00000002.2412529220.0000000000CE7000.00000040.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	CE7000
Size:	4096

Details

Name:	00000001.00000003.1409896149.00000000016D5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16D5000
Size:	24576

Details

Name:	00000021.00000002.3856383015.0000000004FCE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4FCE000
Size:	8192

Details

Name:	00000011.00000003.1947504850.0000000006671000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	6671000
Size:	24576

Details

Name:	00000006.00000003.1864553698.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000006.00000003.1845968850.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	0000000E.00000002.1944063102.0000000004500000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	4500000
Size:	4096

Details

Name:	00000001.00000002.1460617995.0000000005624000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5624000
Size:	12288

Details

Name:	00000002.00000003.1419295953.0000000000214000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	214000
Size:	4096

Details

Name:	00000001.00000003.1360542936.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	49152

Details

Name:	00000021.00000002.3863423885.0000000006730000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	6730000
Size:	65536

Details

Name:	00000006.00000003.1861725351.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000015.00000002.2377906633.0000000003560000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3560000
Size:	4096

Details

Name:	00000019.00000002.1981296874.000000DB1F0FF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	DB1F0FF000
Size:	4096

Details

Name:	00000023.00000002.2497537054.00000000037F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	37F0000
Size:	4096

Details

Name:	00000001.00000003.1366746998.00000000053C0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	53C0000
Size:	8192

Details

Name:	0000001C.00000002.2361925205.0000000003FF0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	3FF0000
Size:	212992

Details

Name:	00000001.00000003.1371590768.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000015.00000003.1958467380.000000000366D000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	366D000
Size:	786432

Details

Name:	00000021.00000002.3845172381.0000000002638000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2638000
Size:	4096

Details

Name:	0000000C.00000002.1937665070.0000000002E00000.00000004.00000020.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2E00000
Size:	4096

Details

Name:	00000022.00000002.2438502255.000000000189E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	189E000
Size:	8192

Details

Name:	00000001.00000002.1460577756.0000000005440000.00000040.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5440000
Size:	4096

Details

Name:	00000006.00000003.1863956130.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000002.00000000.1413200397.00000000002F0000.00000002.00000001.01000000.00000007.sdmp
TargetID:	2
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	2F0000
Size:	4096

Details

Name:	0000000E.00000002.1943091019.0000000002448000.00000004.00000020.00020000.00000000.sdmp
TargetID:	14
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2448000
Size:	69632

Details

Name:	00000002.00000002.1465979879.0000000000A2A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	A2A000
Size:	8192

Details

Name:	00000006.00000002.3847713562.000000000593C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	593C000
Size:	16384

Details

Name:	00000015.00000003.2374332727.0000000000A2E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A2E000
Size:	12288

Details

Name:	00000006.00000003.1844208797.0000000005110000.00000040.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5110000
Size:	4096

Details

Name:	00000015.00000003.1957255501.0000000003560000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3560000
Size:	159744

Details

Name:	00000006.00000002.3847109081.0000000004FDB000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4FDB000
Size:	20480

Details

Name:	00000001.00000002.1458971075.00000000016CD000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	16CD000
Size:	28672

Details

Name:	00000006.00000003.1846561310.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000015.00000002.2376368680.0000000000860000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	860000
Size:	24576

Details

Name:	00000006.00000002.3844785519.0000000002F9F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2F9F000
Size:	4096

Details

Name:	00000001.00000002.1459211533.00000000031FF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	31FF000
Size:	4096

Details

Name:	00000006.00000002.3842357605.0000000001260000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1260000
Size:	4096

Details

Name:	0000001C.00000002.2360775154.00000000014DF000.00000004.00000020.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	14DF000
Size:	16384

Signature Hits	Behavior Group	Mitre Attack
Found many strings related to Crypto-Wallets (likely being stolen)	Stealing of Sensitive Information	Data from Local System

Details

Name:	00000002.00000002.1465454592.00000000004F9000.00000040.00000001.01000000.00000007.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	4F9000
Size:	921600

Signature Hits	Behavior Group	Mitre Attack
May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory)	Malware Analysis System Evasion	Security Software Discovery

Details

Name:	0000001A.00000000.1977307591.0000000000671000.00000020.00000001.01000000.0000000D.sdmp
TargetID:	26
Dumpstage:	process new
Regiontype:	unkown
Protect:	page execute read
Base address:	671000
Size:	638976

Details

Name:	00000021.00000002.3844963807.00000000025E6000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	25E6000
Size:	20480

Details

Name:	00000001.00000003.1373517618.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000001.00000002.1459475742.000000000383F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	383F000
Size:	4096

Details

Name:	00000021.00000002.3845410116.00000000028E5000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	28E5000
Size:	4096

Details

Name:	00000001.00000000.1355164674.0000000000AA9000.00000008.00000001.01000000.00000003.sdmp
TargetID:	1
Dumpstage:	process new
Regiontype:	unkown
Protect:	page write copy
Base address:	AA9000
Size:	4096

Details

Name:	00000002.00000003.1423769496.0000000000214000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	214000
Size:	4096

Details

Name:	00000001.00000003.1413063860.0000000007161000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	7161000
Size:	4096

Details

Name:	00000006.00000003.1843674194.00000000012A0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	12A0000
Size:	53248

Details

Name:	00000022.00000002.2437056940.000000000141E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	141E000
Size:	8192

Details

Name:	00000023.00000002.2497211241.0000000002ED0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2ED0000
Size:	16384

Details

Name:	00000009.00000002.1926193177.00000000006C8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6C8000
Size:	57344

Details

Name:	00000001.00000003.1375220831.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000002.00000002.1466720855.00000000038DE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	38DE000
Size:	8192

Details

Name:	00000002.00000002.1466473935.000000000311F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	311F000
Size:	4096

Details

Name:	00000006.00000003.1864226168.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000001.00000002.1460617995.0000000005620000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5620000
Size:	8192

Details

Name:	00000015.00000002.2377144911.0000000000C51000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	C51000
Size:	12288

Details

Name:	00000006.00000003.1838799053.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000015.00000002.2375967803.0000000000113000.00000002.00000001.01000000.0000000B.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	113000
Size:	40960

Details

Name:	00000002.00000002.1466816715.0000000003C5F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3C5F000
Size:	4096

Details

Name:	00000006.00000003.1846461453.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000002.00000002.1467091331.000000000499F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	499F000
Size:	4096

Details

Name:	00000022.00000002.2437758326.00000000015E0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	15E0000
Size:	4096

Details

Name:	00000009.00000002.1926074543.00000000006BE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	6BE000
Size:	12288

Details

Name:	0000001A.00000003.1982567999.0000000000CF0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CF0000
Size:	159744

Details

Name:	00000021.00000002.3856423124.0000000005114000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	5114000
Size:	4096

Details

Name:	00000002.00000002.1465293264.00000000002BE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2BE000
Size:	8192

Details

Name:	00000001.00000002.1459020180.00000000016E8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	16E8000
Size:	159744

Details

Name:	00000001.00000002.1459606034.0000000003BFF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3BFF000
Size:	4096

Details

Name:	00000015.00000003.1954297407.00000000033B0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	33B0000
Size:	155648

Details

Name:	00000015.00000003.1959748791.0000000000865000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	865000
Size:	4096

Details

Name:	0000001A.00000003.1995315062.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	217088

Details

Name:	00000015.00000003.1954924397.0000000003560000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3560000
Size:	159744

Details

Name:	00000023.00000002.2499027985.0000000003BCE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3BCE000
Size:	4096

Details

Name:	0000001A.00000003.1996322619.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000002.00000002.1465454592.0000000000627000.00000040.00000001.01000000.00000007.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	627000
Size:	4096

Details

Name:	00000001.00000003.1408740029.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000001.00000003.1374543326.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000001.00000003.1366863847.00000000053C0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	53C0000
Size:	4096

Details

Name:	00000015.00000003.1960113558.0000000000864000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	864000
Size:	8192

Details

Name:	00000023.00000002.2496025848.000000000139E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	139E000
Size:	8192

Details

Name:	00000001.00000003.1371920212.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000006.00000002.3847576122.000000000557E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	557E000
Size:	8192

Details

Name:	00000006.00000002.3847193008.000000000511C000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	511C000
Size:	16384

Details

Name:	00000006.00000003.1864020899.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000001.00000003.1413668398.00000000016B5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16B5000
Size:	53248

Details

Name:	0000001A.00000000.1977445509.0000000000741000.00000008.00000001.01000000.0000000D.sdmp
TargetID:	26
Dumpstage:	process new
Regiontype:	unkown
Protect:	page write copy
Base address:	741000
Size:	4096

Details

Name:	0000001C.00000002.2361782298.0000000003E24000.00000004.00000800.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3E24000
Size:	20480

Details

Name:	00000006.00000002.3845288524.00000000035DF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	35DF000
Size:	4096

Details

Name:	00000023.00000002.2497262547.000000000331D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	331D000
Size:	12288

Details

Name:	00000022.00000002.2439052645.0000000003288000.00000040.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	3288000
Size:	8192

Details

Name:	00000001.00000003.1413267045.00000000016CC000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16CC000
Size:	32768

Details

Name:	0000001C.00000002.2360930834.0000000002F1D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2F1D000
Size:	12288

Details

Name:	00000006.00000002.3845525536.000000000385F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	385F000
Size:	4096

Details

Name:	00000006.00000003.1863396659.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	0000001C.00000002.2361178041.000000000387F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	387F000
Size:	4096

Details

Name:	00000015.00000002.2376596524.00000000009D0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	9D0000
Size:	4096

Details

Name:	00000001.00000002.1460390750.00000000053D0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	53D0000
Size:	4096

Details

Name:	00000015.00000003.1957496160.0000000003560000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3560000
Size:	159744

Details

Name:	0000001A.00000002.3826273222.000000000009A000.00000004.00000010.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	9A000
Size:	24576

Details

Name:	00000006.00000003.1842840143.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000006.00000003.1863329605.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000011.00000002.1948334705.000000000297E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	297E000
Size:	8192

Details

Name:	00000002.00000003.1420346920.00000000007E0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	7E0000
Size:	53248

Details

Name:	00000006.00000003.1845851322.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000015.00000003.2375055025.00000000009A2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	9A2000
Size:	16384

Details

Name:	00000015.00000003.1958281815.0000000003599000.00000004.00000800.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3599000
Size:	241664

Details

Name:	00000021.00000002.3827290864.0000000000830000.00000004.00000020.00040000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	830000
Size:	4096

Details

Name:	00000009.00000002.1926675282.00000000021CB000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	21CB000
Size:	12288

Details

Name:	00000006.00000002.3847276000.0000000005130000.00000040.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5130000
Size:	4096

Details

Name:	00000002.00000002.1466702952.000000000389F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	389F000
Size:	4096

Details

Name:	00000016.00000002.2104835313.00000000029E0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	22
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	29E0000
Size:	4096

Details

Name:	00000006.00000003.1861965700.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000021.00000002.3862839270.0000000005AC0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5AC0000
Size:	8192

Details

Name:	0000001B.00000002.2412107872.0000000000B8E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	B8E000
Size:	8192

Details

Name:	00000006.00000002.3826362038.0000000000352000.00000040.00000001.01000000.00000007.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	352000
Size:	20480

Details

Name:	0000001A.00000000.1977501415.0000000000745000.00000002.00000001.01000000.0000000D.sdmp
TargetID:	26
Dumpstage:	process new
Regiontype:	unkown
Protect:	page readonly
Base address:	745000
Size:	90112

Details

Name:	00000021.00000002.3845410116.0000000002910000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2910000
Size:	4096

Details

Name:	00000006.00000003.1846016468.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000002.00000002.1466739325.00000000039DF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	39DF000
Size:	4096

Details

Name:	00000015.00000002.2376179162.00000000007DD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	7DD000
Size:	12288

Details

Name:	00000015.00000003.2373751759.0000000000A70000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A70000
Size:	32768

Details

Name:	00000023.00000002.2496115169.0000000001410000.00000004.00000020.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1410000
Size:	102400

Details

Name:	00000019.00000002.1981982771.000002CA675D9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675D9000
Size:	12288

Details

Name:	00000021.00000002.3845410116.00000000028EF000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	28EF000
Size:	4096

Details

Name:	0000001C.00000002.2360407625.0000000001430000.00000004.00000020.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1430000
Size:	24576

Details

Name:	00000015.00000003.2374457311.0000000000A1F000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A1F000
Size:	16384

Details

Name:	00000006.00000003.1846174136.0000000001134000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	1134000
Size:	4096

Details

Name:	00000022.00000002.2437598886.00000000015B4000.00000004.00000800.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	15B4000
Size:	4096

Details

Name:	00000006.00000002.3847494995.00000000051B0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	51B0000
Size:	4096

Details

Name:	00000001.00000002.1459790183.0000000003FFE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3FFE000
Size:	8192

Details

Name:	00000001.00000002.1453980099.0000000000D78000.00000080.00000001.01000000.00000003.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and write copy
Base address:	D78000
Size:	1773568

Details

Name:	00000019.00000002.1981944069.000002CA675D5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675D5000
Size:	12288

Details

Name:	00000021.00000002.3860980236.00000000054EE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	54EE000
Size:	8192

Details

Name:	00000006.00000003.1864321558.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	0000001B.00000002.2412652452.0000000000CF0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	CF0000
Size:	32768

Details

Name:	00000001.00000003.1410219891.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	0000001C.00000002.2361029060.00000000033FD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	33FD000
Size:	12288

Details

Name:	00000006.00000002.3843876236.00000000012C7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	12C7000
Size:	163840

Details

Name:	00000021.00000002.3836115250.0000000000961000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	961000
Size:	4096

Details

Name:	00000023.00000002.2497497738.00000000037DD000.00000004.00000010.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	37DD000
Size:	12288

Details

Name:	00000011.00000003.1945599614.000000000281B000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	281B000
Size:	8192

Details

Name:	00000006.00000003.1839384106.0000000001270000.00000004.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	1270000
Size:	53248

Details

Name:	0000001B.00000002.2413134155.0000000000F30000.00000004.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	F30000
Size:	65536

Details

Name:	00000001.00000002.1456132249.000000000165E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	165E000
Size:	4096

Details

Name:	00000021.00000002.3843872692.0000000000AD7000.00000040.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	AD7000
Size:	4096

Details

Name:	00000006.00000002.3846433586.000000000439F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	439F000
Size:	4096

Details

Name:	00000021.00000002.3832402685.0000000000917000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	917000
Size:	212992

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000015.00000003.2373449811.0000000000AAE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	AAE000
Size:	135168

Details

Name:	00000001.00000003.1367364913.00000000053C0000.00000040.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	53C0000
Size:	4096

Details

Name:	0000001C.00000002.2361005298.0000000002FB0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2FB0000
Size:	16384

Details

Name:	00000021.00000002.3862139744.000000000573E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	573E000
Size:	8192

Details

Name:	00000001.00000003.1413832760.00000000016D9000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16D9000
Size:	57344

Details

Name:	00000001.00000002.1455309252.00000000014C0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	14C0000
Size:	16384

Details

Name:	00000009.00000002.1926193177.0000000000707000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	707000
Size:	86016

Details

Name:	00000015.00000002.2376911754.0000000000BF5000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	BF5000
Size:	4096

Details

Name:	00000001.00000002.1460215648.0000000004C7E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4C7E000
Size:	8192

Details

Name:	00000015.00000003.2375247733.0000000000B24000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B24000
Size:	4096

Details

Name:	00000001.00000003.1364289505.00000000014B0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	14B0000
Size:	53248

Details

Name:	00000009.00000002.1925355863.0000000000400000.00000002.00000001.01000000.00000009.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page readonly
Base address:	400000
Size:	4096

Details

Name:	0000001C.00000002.2361400656.0000000003D05000.00000004.00000800.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3D05000
Size:	126976

Details

Name:	00000022.00000002.2437850701.0000000001625000.00000004.00000020.00020000.00000000.sdmp
TargetID:	34
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1625000
Size:	24576

Details

Name:	00000001.00000003.1365143562.0000000005230000.00000004.00001000.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	5230000
Size:	53248

Details

Name:	00000001.00000003.1409811403.00000000016F0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	16F0000
Size:	86016

Details

Name:	00000019.00000002.1981498081.000002CA67530000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2CA67530000
Size:	4096

Details

Name:	00000006.00000003.1863737027.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000023.00000002.2495820825.00000000010FB000.00000004.00000010.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	10FB000
Size:	20480

Details

Name:	00000001.00000002.1459767045.0000000003FBF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3FBF000
Size:	4096

Details

Name:	00000006.00000003.1864458152.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	00000021.00000002.3845410116.0000000002916000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	2916000
Size:	237568

Details

Name:	00000006.00000002.3826279395.00000000002F0000.00000004.00000001.01000000.00000007.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page read and write
Base address:	2F0000
Size:	4096

Details

Name:	00000023.00000002.2498680848.0000000003B1E000.00000004.00000800.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3B1E000
Size:	126976

Details

Name:	00000009.00000002.1927338497.0000000002DF0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2DF0000
Size:	4096

Details

Name:	00000006.00000002.3847773496.0000000005A7D000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	5A7D000
Size:	12288

Details

Name:	00000011.00000002.1948447309.0000000002BF7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	2BF7000
Size:	8192

Details

Name:	00000001.00000003.1408199635.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000001.00000003.1407374983.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000015.00000003.2374141162.0000000000A58000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A58000
Size:	20480

Details

Name:	0000001A.00000003.1996356737.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000006.00000002.3843876236.000000000131C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	131C000
Size:	114688

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000002.00000002.1466851298.0000000003D9F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3D9F000
Size:	4096

Details

Name:	00000011.00000002.1948521192.00000000042A4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	42A4000
Size:	8192

Details

Name:	00000001.00000002.1458949653.00000000016C4000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	16C4000
Size:	4096

Details

Name:	00000021.00000002.3857875920.0000000005485000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	5485000
Size:	36864

Details

Name:	00000006.00000003.1844111886.0000000005110000.00000040.00001000.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	5110000
Size:	4096

Details

Name:	00000015.00000003.2374141162.0000000000A31000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A31000
Size:	57344

Details

Name:	00000021.00000002.3845306498.00000000027CE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	27CE000
Size:	8192

Details

Name:	0000001C.00000002.2360752029.00000000014D8000.00000004.00000020.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	14D8000
Size:	20480

Signature Hits	Behavior Group	Mitre Attack
URLs found in memory or binary data	Networking

Details

Name:	00000021.00000002.3845410116.00000000028BE000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	28BE000
Size:	12288

Details

Name:	00000021.00000002.3856541637.000000000515E000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	515E000
Size:	12288

Details

Name:	00000021.00000002.3863925733.00000000067A0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	67A0000
Size:	65536

Details

Name:	00000002.00000002.1467251335.0000000004A50000.00000040.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	direct allocation
Protect:	page execute and read and write
Base address:	4A50000
Size:	4096

Details

Name:	00000015.00000003.2374748664.00000000009FE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	9FE000
Size:	16384

Details

Name:	00000015.00000003.1959711803.0000000000864000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	864000
Size:	8192

Details

Name:	00000009.00000002.1926642443.00000000021B0000.00000004.00000020.00020000.00000000.sdmp
TargetID:	9
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	21B0000
Size:	8192

Details

Name:	00000002.00000002.1466240182.000000000299F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	299F000
Size:	4096

Details

Name:	0000001A.00000003.1996967138.0000000003351000.00000004.00000020.00020000.00000000.sdmp
TargetID:	26
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	3351000
Size:	4096

Details

Name:	00000023.00000002.2497615107.000000000394E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	394E000
Size:	8192

Details

Name:	00000023.00000002.2497731923.0000000003AB3000.00000004.00000800.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	3AB3000
Size:	20480

Details

Name:	00000015.00000003.2374457311.0000000000A2A000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	A2A000
Size:	12288

Details

Name:	0000001B.00000002.2412422819.0000000000CC0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	CC0000
Size:	12288

Details

Name:	00000023.00000002.2495928320.0000000001270000.00000004.00000020.00020000.00000000.sdmp
TargetID:	35
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	1270000
Size:	8192

Details

Name:	0000001B.00000002.2411924140.0000000000B30000.00000004.00000020.00040000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	B30000
Size:	4096

Details

Name:	00000015.00000003.1973167982.00000000032B2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	32B2000
Size:	4096

Details

Name:	00000002.00000003.1419697056.00000000007E0000.00000004.00001000.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	direct allocation
Protect:	page read and write
Base address:	7E0000
Size:	53248

Details

Name:	00000021.00000002.3836463209.0000000000999000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	999000
Size:	32768

Details

Name:	00000015.00000003.1973043108.00000000032B2000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	32B2000
Size:	4096

Details

Name:	00000021.00000002.3831546282.00000000008DD000.00000040.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page execute and read and write
Base address:	8DD000
Size:	4096

Details

Name:	00000002.00000002.1465926631.00000000007D9000.00000040.00000001.01000000.00000007.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	unkown
Protect:	page execute and read and write
Base address:	7D9000
Size:	8192

Details

Name:	0000000C.00000002.1938055944.0000000004CDF000.00000004.00000010.00020000.00000000.sdmp
TargetID:	12
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	4CDF000
Size:	4096

Details

Name:	00000015.00000003.2372941452.0000000000B2D000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	B2D000
Size:	4096

Details

Name:	00000001.00000002.1459585711.0000000003AFE000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	3AFE000
Size:	8192

Details

Name:	00000021.00000002.3835945896.0000000000951000.00000004.00000020.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	951000
Size:	24576

Details

Name:	00000015.00000002.2377215026.0000000000C69000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	C69000
Size:	36864

Details

Name:	00000001.00000003.1408286271.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000001.00000003.1409594012.0000000004DA1000.00000004.00000020.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4DA1000
Size:	4096

Details

Name:	00000001.00000003.1362228296.00000000051E0000.00000004.00000800.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	free memory
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	51E0000
Size:	184320

Details

Name:	00000015.00000003.2372038511.0000000000C1C000.00000004.00000020.00020000.00000000.sdmp
TargetID:	21
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	C1C000
Size:	8192

Details

Name:	00000011.00000002.1948086435.00000000027E7000.00000004.00000020.00020000.00000000.sdmp
TargetID:	17
Dumpstage:	process exit
Regiontype:	heap
Protect:	page read and write
Base address:	27E7000
Size:	36864

Details

Name:	00000002.00000002.1466356256.0000000002D5F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	2D5F000
Size:	4096

Details

Name:	00000002.00000003.1419230462.0000000000214000.00000004.00000020.00020000.00000000.sdmp
TargetID:	2
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	214000
Size:	4096

Details

Name:	00000021.00000002.3844640561.0000000000E50000.00000004.00000800.00020000.00000000.sdmp
TargetID:	33
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	E50000
Size:	65536

Details

Name:	00000006.00000002.3847603583.000000000567F000.00000004.00000010.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	567F000
Size:	4096

Details

Name:	00000001.00000002.1454327960.00000000012FA000.00000004.00000010.00020000.00000000.sdmp
TargetID:	1
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	12FA000
Size:	24576

Details

Name:	0000001B.00000002.2413561384.00000000029F1000.00000004.00000800.00020000.00000000.sdmp
TargetID:	27
Dumpstage:	process exit
Regiontype:	trusted library allocation
Protect:	page read and write
Base address:	29F1000
Size:	28672

Details

Name:	00000006.00000003.1863821297.0000000004B21000.00000004.00000020.00020000.00000000.sdmp
TargetID:	6
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	4B21000
Size:	4096

Details

Name:	0000001C.00000002.2361156453.000000000377E000.00000004.00000010.00020000.00000000.sdmp
TargetID:	28
Dumpstage:	process exit
Regiontype:	stack
Protect:	page read and write
Base address:	377E000
Size:	8192

Details

Name:	00000019.00000003.1978317414.000002CA675DE000.00000004.00000020.00020000.00000000.sdmp
TargetID:	25
Dumpstage:	free memory
Regiontype:	heap
Protect:	page read and write
Base address:	2CA675DE000
Size:	4096

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
DR2HpFNuLr.exe

Files

Processes

URLs

Domains

IPs

Registry

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC ReportDR2HpFNuLr.exe

Files

Processes

URLs

Domains

IPs

Registry

Memdumps

IOC Report
DR2HpFNuLr.exe