|
722000
|
remote allocation
|
page execute and read and write
|
 |
|
|
| Name: |
00000009.00000002.1475998533.0000000000722000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
722000
|
| Size: |
839680
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected RedLine Stealer |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
|
|
66FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1424262587.00000000066FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66FE000
|
| Size: |
843776
|
|
|
6203000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1332484055.0000000006203000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6203000
|
| Size: |
843776
|
|
|
6458000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1430460953.0000000006458000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6458000
|
| Size: |
843776
|
|
|
5F5A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1336322567.0000000005F5A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F5A000
|
| Size: |
843776
|
|
|
847000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1319467276.0000000000847000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
847000
|
| Size: |
4096
|
|
|
C7D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000C7D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
C7D000
|
| Size: |
8192
|
|
|
2228000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.0000000002228000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2228000
|
| Size: |
4096
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
612B000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1534341820.000000000612B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
612B000
|
| Size: |
843776
|
|
|
5F75000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1534020415.0000000005F75000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F75000
|
| Size: |
843776
|
|
|
62E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1506683658.00000000062E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62E5000
|
| Size: |
843776
|
|
|
2771000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1477939401.0000000002771000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2771000
|
| Size: |
16384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
216B000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.000000000216B000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
216B000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
21E7000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.00000000021E7000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
21E7000
|
| Size: |
8192
|
|
|
A70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1477072376.0000000000A70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A70000
|
| Size: |
24576
|
|
|
6574000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1532123068.0000000006574000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6574000
|
| Size: |
843776
|
|
|
5DA5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1334264407.0000000005DA5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5DA5000
|
| Size: |
843776
|
|
|
5F7D000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1531999798.0000000005F7D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F7D000
|
| Size: |
843776
|
|
|
9B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1320638898.000000000009B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9B000
|
| Size: |
20480
|
|
|
AB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1329429507.0000000000AB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AB0000
|
| Size: |
8192
|
|
|
67D6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1440662783.00000000067D6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67D6000
|
| Size: |
843776
|
|
|
6031000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1335331891.0000000006031000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6031000
|
| Size: |
843776
|
|
|
5420000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3780485524.0000000005420000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5420000
|
| Size: |
36864
|
|
|
AD1000
|
unkown
|
page execute read
|
|
|
|
| Name: |
0000000B.00000000.1499571474.0000000000AD1000.00000020.00000001.01000000.00000010.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
AD1000
|
| Size: |
638976
|
|
|
1720000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3778934656.0000000001720000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1720000
|
| Size: |
16384
|
|
|
61F2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1334495315.00000000061F2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
61F2000
|
| Size: |
843776
|
|
|
22B7000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.00000000022B7000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
22B7000
|
| Size: |
4096
|
|
|
6128000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1333669351.0000000006128000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6128000
|
| Size: |
843776
|
|
|
24B8000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.00000000024B8000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
24B8000
|
| Size: |
8192
|
|
|
13AD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3777372209.00000000013AD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13AD000
|
| Size: |
73728
|
|
|
6455000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1438895278.0000000006455000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6455000
|
| Size: |
843776
|
|
|
62E6000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1509048628.00000000062E6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62E6000
|
| Size: |
843776
|
|
|
2CF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1557623306.0000000002CF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2CF0000
|
| Size: |
4096
|
|
|
1049000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1556736370.0000000001049000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1049000
|
| Size: |
12288
|
|
|
22A9000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.00000000022A9000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
22A9000
|
| Size: |
4096
|
|
|
587E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1558323793.000000000587E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
587E000
|
| Size: |
8192
|
|
|
64A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1507713204.00000000064A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64A0000
|
| Size: |
843776
|
|
|
66F5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1419250201.00000000066F5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66F5000
|
| Size: |
843776
|
|
|
35FF000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1323767366.00000000035FF000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
35FF000
|
| Size: |
4096
|
|
|
6035000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1354666565.0000000006035000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6035000
|
| Size: |
843776
|
|
|
62EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1507131840.00000000062EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62EF000
|
| Size: |
843776
|
|
|
6001000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1423939728.0000000006001000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6001000
|
| Size: |
843776
|
|
|
5DA5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1356245033.0000000005DA5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5DA5000
|
| Size: |
843776
|
|
|
63DA000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1511391429.00000000063DA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63DA000
|
| Size: |
843776
|
|
|
2383000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.0000000002383000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2383000
|
| Size: |
4096
|
|
|
2640000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1477675267.0000000002640000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2640000
|
| Size: |
57344
|
|
|
6218000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1530460718.0000000006218000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6218000
|
| Size: |
843776
|
|
|
1043000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1556736370.0000000001043000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1043000
|
| Size: |
20480
|
|
|
3EA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1319455151.0000000003EA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3EA0000
|
| Size: |
4096
|
|
|
230F000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.000000000230F000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
230F000
|
| Size: |
4096
|
|
|
2278000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.0000000002278000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2278000
|
| Size: |
4096
|
|
|
4C0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1329051420.00000000004C0000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4C0000
|
| Size: |
8192
|
|
|
5F76000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1519142578.0000000005F76000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F76000
|
| Size: |
843776
|
|
|
109E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3776822454.000000000109E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
109E000
|
| Size: |
8192
|
|
|
6106000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1335937648.0000000006106000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6106000
|
| Size: |
843776
|
|
|
5F51000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1334979049.0000000005F51000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F51000
|
| Size: |
843776
|
|
|
67C1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1423040421.00000000067C1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67C1000
|
| Size: |
843776
|
|
|
A23000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1318213637.0000000000A23000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A23000
|
| Size: |
28672
|
|
|
26C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318730926.00000000026C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
26C0000
|
| Size: |
4096
|
|
|
66FC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1424599762.00000000066FC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66FC000
|
| Size: |
843776
|
|
|
6123000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1331201161.0000000006123000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6123000
|
| Size: |
843776
|
|
|
63DF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1530869588.00000000063DF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63DF000
|
| Size: |
843776
|
|
|
21D0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.00000000021D0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
21D0000
|
| Size: |
8192
|
|
|
62F9000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1510871307.00000000062F9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62F9000
|
| Size: |
843776
|
|
|
236D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.000000000236D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
236D000
|
| Size: |
4096
|
|
|
9EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326460704.00000000009EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9EF000
|
| Size: |
8192
|
|
|
5466000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3780587968.0000000005466000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5466000
|
| Size: |
4096
|
|
|
2E08000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3779377141.0000000002E08000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E08000
|
| Size: |
4096
|
|
|
24D4000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.00000000024D4000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
24D4000
|
| Size: |
8192
|
|
|
6373000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1423505712.0000000006373000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6373000
|
| Size: |
843776
|
|
|
6C4000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317152085.00000000006C4000.00000004.00000001.01000000.00000004.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6C4000
|
| Size: |
4096
|
|
|
D35000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1327152773.0000000000D35000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D35000
|
| Size: |
12288
|
|
|
9E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1476869768.00000000009E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9E0000
|
| Size: |
12288
|
|
|
990000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1321863614.0000000000990000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
990000
|
| Size: |
8192
|
|
|
4C6000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1307750062.00000000004C6000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
4C6000
|
| Size: |
24576
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
A2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1476904824.0000000000A2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A2E000
|
| Size: |
8192
|
|
|
2650000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1477721308.0000000002650000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2650000
|
| Size: |
20480
|
|
|
5A7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3781698335.0000000005A7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5A7E000
|
| Size: |
8192
|
|
|
3046000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3779557919.0000000003046000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3046000
|
| Size: |
77824
|
|
|
153A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.3778585267.000000000153A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
153A000
|
| Size: |
4096
|
|
|
6000000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1427355914.0000000006000000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6000000
|
| Size: |
843776
|
|
|
9B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1328990396.000000000009B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9B000
|
| Size: |
20480
|
|
|
68B6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1424921332.00000000068B6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
68B6000
|
| Size: |
843776
|
|
|
621E000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1512864009.000000000621E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
621E000
|
| Size: |
843776
|
|
|
6138000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1532260032.0000000006138000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6138000
|
| Size: |
843776
|
|
|
240F000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.000000000240F000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
240F000
|
| Size: |
4096
|
|
|
64B7000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1514889702.00000000064B7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64B7000
|
| Size: |
843776
|
|
|
37AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318874450.00000000037AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
37AE000
|
| Size: |
8192
|
|
|
61D9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1339067847.00000000061D9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
61D9000
|
| Size: |
843776
|
|
|
2D3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1557645451.0000000002D3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D3E000
|
| Size: |
8192
|
|
|
225C000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.000000000225C000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
225C000
|
| Size: |
4096
|
|
|
2CB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1327393132.0000000002CB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CB0000
|
| Size: |
4096
|
|
|
5DA2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1332711959.0000000005DA2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5DA2000
|
| Size: |
843776
|
|
|
24F8000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.00000000024F8000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
24F8000
|
| Size: |
4096
|
|
|
7AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1329252069.00000000007AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7AF000
|
| Size: |
4096
|
|
|
38EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318948560.00000000038EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38EE000
|
| Size: |
8192
|
|
|
63BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3781794729.00000000063BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
63BF000
|
| Size: |
4096
|
|
|
504E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1557846436.000000000504E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
504E000
|
| Size: |
8192
|
|
|
62BC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3781755360.00000000062BC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
62BC000
|
| Size: |
16384
|
|
|
C60000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000C60000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
C60000
|
| Size: |
8192
|
|
|
4D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1329112845.00000000004D0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D0000
|
| Size: |
4096
|
|
|
830000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1476405045.0000000000830000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
830000
|
| Size: |
4096
|
|
|
66FF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1430902374.00000000066FF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66FF000
|
| Size: |
843776
|
|
|
6049000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1340367601.0000000006049000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6049000
|
| Size: |
843776
|
|
|
9F2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326460704.00000000009F2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9F2000
|
| Size: |
8192
|
|
|
6457000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1423790896.0000000006457000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6457000
|
| Size: |
843776
|
|
|
6DD000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000001.00000000.1310431354.00000000006DD000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
6DD000
|
| Size: |
69632
|
|
|
661A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1443158233.000000000661A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
661A000
|
| Size: |
843776
|
|
|
62F5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1530681217.00000000062F5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62F5000
|
| Size: |
843776
|
|
|
A20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317996133.0000000000A20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A20000
|
| Size: |
24576
|
|
|
F38000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3776553537.0000000000F38000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F38000
|
| Size: |
32768
|
|
|
62F5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1531516731.00000000062F5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62F5000
|
| Size: |
843776
|
|
|
AEA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1477072376.0000000000AEA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AEA000
|
| Size: |
69632
|
|
|
6539000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1419866398.0000000006539000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6539000
|
| Size: |
843776
|
|
|
2246000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.0000000002246000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2246000
|
| Size: |
4096
|
|
|
620B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1333881135.000000000620B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
620B000
|
| Size: |
843776
|
|
|
63D3000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1514216828.00000000063D3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63D3000
|
| Size: |
843776
|
|
|
4E7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1480076144.0000000004E7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4E7E000
|
| Size: |
8192
|
|
|
62F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1521456335.00000000062F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62F0000
|
| Size: |
843776
|
|
|
3EB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1475923785.00000000003EB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3EB000
|
| Size: |
20480
|
|
|
8B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317702190.00000000008B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8B0000
|
| Size: |
4096
|
|
|
B6D000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000006.00000000.1413677514.0000000000B6D000.00000002.00000001.01000000.00000010.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B6D000
|
| Size: |
143360
|
|
|
CC8000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000CC8000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
CC8000
|
| Size: |
20480
|
|
|
2DBD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3779038070.0000000002DBD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2DBD000
|
| Size: |
12288
|
|
|
4B7000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000000.00000000.1307690322.00000000004B7000.00000008.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
4B7000
|
| Size: |
16384
|
|
|
66FF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1431146842.00000000066FF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66FF000
|
| Size: |
843776
|
|
|
24CD000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.00000000024CD000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
24CD000
|
| Size: |
4096
|
|
|
613C000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1531670606.000000000613C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
613C000
|
| Size: |
843776
|
|
|
68B7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1433185650.00000000068B7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
68B7000
|
| Size: |
843776
|
|
|
5E81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1339934973.0000000005E81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5E81000
|
| Size: |
843776
|
|
|
6133000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1529758120.0000000006133000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6133000
|
| Size: |
843776
|
|
|
652E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1420440583.000000000652E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
652E000
|
| Size: |
843776
|
|
|
BF4000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000BF4000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
BF4000
|
| Size: |
32768
|
|
|
810000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326208740.0000000000810000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
810000
|
| Size: |
4096
|
|
|
6110000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1335811667.0000000006110000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6110000
|
| Size: |
843776
|
|
|
A04000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326460704.0000000000A04000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A04000
|
| Size: |
16384
|
|
|
4F4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1557816127.0000000004F4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4F4E000
|
| Size: |
8192
|
|
|
5DA5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1357710108.0000000005DA5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5DA5000
|
| Size: |
843776
|
|
|
621C000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1515309508.000000000621C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
621C000
|
| Size: |
843776
|
|
|
64A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1527940934.00000000064A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64A0000
|
| Size: |
843776
|
|
|
63D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1513850945.00000000063D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63D1000
|
| Size: |
843776
|
|
|
2C93000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1557448177.0000000002C93000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2C93000
|
| Size: |
4096
|
|
|
2E71000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1557752232.0000000002E71000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E71000
|
| Size: |
16384
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
4B7000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1329051420.00000000004B7000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4B7000
|
| Size: |
4096
|
|
|
62F2000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1530801758.00000000062F2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62F2000
|
| Size: |
843776
|
|
|
653E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1441283427.000000000653E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
653E000
|
| Size: |
843776
|
|
|
5E89000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1357993680.0000000005E89000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5E89000
|
| Size: |
843776
|
|
|
20CE000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1501260986.00000000020CE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
20CE000
|
| Size: |
954368
|
|
|
400000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1307595443.0000000000400000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
400000
|
| Size: |
4096
|
|
|
6379000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1420331677.0000000006379000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6379000
|
| Size: |
843776
|
|
|
3974000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1502804366.0000000003974000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3974000
|
| Size: |
4349952
|
|
|
5BC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1327418304.0000000005BC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5BC0000
|
| Size: |
4096
|
|
|
6121000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1333984900.0000000006121000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6121000
|
| Size: |
843776
|
|
|
67D2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1419738801.00000000067D2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67D2000
|
| Size: |
843776
|
|
|
22F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.00000000022F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
22F0000
|
| Size: |
4096
|
|
|
6038000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1337788773.0000000006038000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6038000
|
| Size: |
843776
|
|
|
6112000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1333287023.0000000006112000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6112000
|
| Size: |
843776
|
|
|
63C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1508638516.00000000063C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63C4000
|
| Size: |
843776
|
|
|
612F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1341346978.000000000612F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
612F000
|
| Size: |
843776
|
|
|
51E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1321015307.000000000051E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
51E000
|
| Size: |
8192
|
|
|
1057000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1556736370.0000000001057000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1057000
|
| Size: |
163840
|
|
|
2730000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1327276731.0000000002730000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2730000
|
| Size: |
4096
|
|
|
5E84000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1357568198.0000000005E84000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5E84000
|
| Size: |
843776
|
|
|
6054000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1512614249.0000000006054000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6054000
|
| Size: |
843776
|
|
|
130E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3777372209.000000000130E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
130E000
|
| Size: |
8192
|
|
|
63DD000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1515881313.00000000063DD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63DD000
|
| Size: |
843776
|
|
|
A61000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317996133.0000000000A61000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A61000
|
| Size: |
81920
|
|
|
64B2000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1512271236.00000000064B2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64B2000
|
| Size: |
843776
|
|
|
62F6000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1513318261.00000000062F6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62F6000
|
| Size: |
843776
|
|
|
578000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1321156555.0000000000578000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
578000
|
| Size: |
77824
|
|
|
6042000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1333534952.0000000006042000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6042000
|
| Size: |
843776
|
|
|
1220000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.3777083896.0000000001220000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1220000
|
| Size: |
8192
|
|
|
D6F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1477464389.0000000000D6F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
D6F000
|
| Size: |
4096
|
|
|
238A000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.000000000238A000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
238A000
|
| Size: |
4096
|
|
|
21AD000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.00000000021AD000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
21AD000
|
| Size: |
4096
|
|
|
1537000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.3778562794.0000000001537000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1537000
|
| Size: |
4096
|
|
|
66FF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1424402626.00000000066FF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66FF000
|
| Size: |
843776
|
|
|
6616000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1422081759.0000000006616000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6616000
|
| Size: |
843776
|
|
|
1020000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1556736370.0000000001020000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1020000
|
| Size: |
28672
|
|
|
2492000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.0000000002492000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2492000
|
| Size: |
8192
|
|
|
2441000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.0000000002441000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2441000
|
| Size: |
8192
|
|
|
6536000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1423723872.0000000006536000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6536000
|
| Size: |
843776
|
|
|
AD0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000006.00000000.1413444138.0000000000AD0000.00000002.00000001.01000000.00000010.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
AD0000
|
| Size: |
4096
|
|
|
661B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1418507173.000000000661B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
661B000
|
| Size: |
843776
|
|
|
A87000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317996133.0000000000A87000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A87000
|
| Size: |
8192
|
|
|
6048000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1330468354.0000000006048000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6048000
|
| Size: |
843776
|
|
|
559E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3781349517.000000000559E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
559E000
|
| Size: |
8192
|
|
|
652E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1420522164.000000000652E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
652E000
|
| Size: |
843776
|
|
|
2323000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.0000000002323000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2323000
|
| Size: |
4096
|
|
|
1050000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3776771074.0000000001050000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1050000
|
| Size: |
4096
|
|
|
61FC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1355889199.00000000061FC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
61FC000
|
| Size: |
843776
|
|
|
35BF000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1323767366.00000000035BF000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
35BF000
|
| Size: |
4096
|
|
|
840000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326236703.0000000000840000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
840000
|
| Size: |
16384
|
|
|
6102000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1339810265.0000000006102000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6102000
|
| Size: |
843776
|
|
|
2E3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1557670690.0000000002E3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E3E000
|
| Size: |
8192
|
|
|
6211000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1528375863.0000000006211000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6211000
|
| Size: |
843776
|
|
|
2341000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.0000000002341000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2341000
|
| Size: |
12288
|
|
|
C34000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000C34000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
C34000
|
| Size: |
8192
|
|
|
2DC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3779092383.0000000002DC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DC0000
|
| Size: |
45056
|
|
|
6001000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1432285292.0000000006001000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6001000
|
| Size: |
843776
|
|
|
3C39000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1329448768.0000000003C39000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3C39000
|
| Size: |
843776
|
|
|
5E4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1327534324.0000000005E4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5E4E000
|
| Size: |
8192
|
|
|
24F1000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.00000000024F1000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
24F1000
|
| Size: |
8192
|
|
|
A7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1329397696.0000000000A7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A7F000
|
| Size: |
4096
|
|
|
63C5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1507312188.00000000063C5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63C5000
|
| Size: |
843776
|
|
|
5F6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1329827466.0000000005F6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F6D000
|
| Size: |
843776
|
|
|
603D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1335514798.000000000603D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
603D000
|
| Size: |
843776
|
|
|
35F8000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314125554.00000000035F8000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
35F8000
|
| Size: |
32768
|
|
|
2A00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1321932926.0000000002A00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A00000
|
| Size: |
4096
|
|
|
644E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1421510670.000000000644E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
644E000
|
| Size: |
843776
|
|
|
A3E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1318960939.0000000000A3E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A3E000
|
| Size: |
36864
|
|
|
6208000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1357348045.0000000006208000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6208000
|
| Size: |
843776
|
|
|
2CCB000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1557577511.0000000002CCB000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2CCB000
|
| Size: |
4096
|
|
|
35F8000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1323767366.00000000035F8000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
35F8000
|
| Size: |
4096
|
|
|
22DB000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.00000000022DB000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
22DB000
|
| Size: |
4096
|
|
|
621E000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1517618259.000000000621E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
621E000
|
| Size: |
843776
|
|
|
605A000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1530316439.000000000605A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
605A000
|
| Size: |
843776
|
|
|
604A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1356702213.000000000604A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
604A000
|
| Size: |
843776
|
|
|
2EC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3779436010.0000000002EC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2EC0000
|
| Size: |
28672
|
|
|
BCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1327112919.0000000000BCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BCE000
|
| Size: |
8192
|
|
|
64B3000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1511276875.00000000064B3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64B3000
|
| Size: |
843776
|
|
|
6C6000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317210477.00000000006C6000.00000004.00000001.01000000.00000004.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6C6000
|
| Size: |
12288
|
|
|
5DA3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1336603911.0000000005DA3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5DA3000
|
| Size: |
843776
|
|
|
248B000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.000000000248B000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
248B000
|
| Size: |
8192
|
|
|
67DC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1422826650.00000000067DC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67DC000
|
| Size: |
843776
|
|
|
54D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1558254271.00000000054D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
54D0000
|
| Size: |
4096
|
|
|
BA1000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000006.00000000.1413729809.0000000000BA1000.00000008.00000001.01000000.00000010.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
BA1000
|
| Size: |
4096
|
|
|
63C5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1507453037.00000000063C5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63C5000
|
| Size: |
843776
|
|
|
A11000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326460704.0000000000A11000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A11000
|
| Size: |
4096
|
|
|
5F66000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1354467078.0000000005F66000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F66000
|
| Size: |
843776
|
|
|
245C000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.000000000245C000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
245C000
|
| Size: |
4096
|
|
|
5690000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.3781546216.0000000005690000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5690000
|
| Size: |
65536
|
|
|
5496000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3781088244.0000000005496000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5496000
|
| Size: |
8192
|
|
|
2DD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3779231528.0000000002DD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DD0000
|
| Size: |
4096
|
|
|
621B000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1510066420.000000000621B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
621B000
|
| Size: |
843776
|
|
|
64E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1329179518.000000000064E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
64E000
|
| Size: |
8192
|
|
|
2CC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1557553682.0000000002CC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CC0000
|
| Size: |
4096
|
|
|
66FD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1442592128.00000000066FD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66FD000
|
| Size: |
843776
|
|
|
6049000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1356994305.0000000006049000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6049000
|
| Size: |
843776
|
|
|
6115000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1355281695.0000000006115000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6115000
|
| Size: |
843776
|
|
|
67D3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1432079210.00000000067D3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67D3000
|
| Size: |
843776
|
|
|
2474000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.0000000002474000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2474000
|
| Size: |
8192
|
|
|
6C4000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1325973203.00000000006C4000.00000004.00000001.01000000.0000000B.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6C4000
|
| Size: |
4096
|
|
|
98E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326318725.000000000098E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
98E000
|
| Size: |
8192
|
|
|
2190000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.0000000002190000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2190000
|
| Size: |
4096
|
|
|
567E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1558277815.000000000567E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
567E000
|
| Size: |
8192
|
|
|
303D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3779557919.000000000303D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
303D000
|
| Size: |
32768
|
|
|
5DA2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1332280277.0000000005DA2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5DA2000
|
| Size: |
843776
|
|
|
6F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326156918.00000000006F0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6F0000
|
| Size: |
4096
|
|
|
C18000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000C18000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
C18000
|
| Size: |
4096
|
|
|
67D8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1426413998.00000000067D8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67D8000
|
| Size: |
843776
|
|
|
6619000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1418639354.0000000006619000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6619000
|
| Size: |
843776
|
|
|
26C3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318730926.00000000026C3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
26C3000
|
| Size: |
8192
|
|
|
542A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3780485524.000000000542A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
542A000
|
| Size: |
24576
|
|
|
A0D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326460704.0000000000A0D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A0D000
|
| Size: |
4096
|
|
|
544C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3780587968.000000000544C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
544C000
|
| Size: |
4096
|
|
|
6113000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1355457539.0000000006113000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6113000
|
| Size: |
843776
|
|
|
6457000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1427250875.0000000006457000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6457000
|
| Size: |
843776
|
|
|
A46000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1318993245.0000000000A46000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A46000
|
| Size: |
4096
|
|
|
D10000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000003.1323741675.0000000000D10000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D10000
|
| Size: |
4096
|
|
|
68BF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1420141308.00000000068BF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
68BF000
|
| Size: |
843776
|
|
|
A29000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1318919968.0000000000A29000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A29000
|
| Size: |
36864
|
|
|
55E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1321049597.000000000055E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
55E000
|
| Size: |
8192
|
|
|
67C3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1421265159.00000000067C3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67C3000
|
| Size: |
843776
|
|
|
645F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1425602210.000000000645F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
645F000
|
| Size: |
843776
|
|
|
229A000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.000000000229A000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
229A000
|
| Size: |
4096
|
|
|
6039000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1338428092.0000000006039000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6039000
|
| Size: |
843776
|
|
|
5CC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1327457359.0000000005CC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5CC0000
|
| Size: |
4096
|
|
|
3FE1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3780259422.0000000003FE1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3FE1000
|
| Size: |
24576
|
|
|
2D7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3778989185.0000000002D7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D7E000
|
| Size: |
8192
|
|
|
5475000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3780587968.0000000005475000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5475000
|
| Size: |
36864
|
|
|
63CE000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1533423596.00000000063CE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63CE000
|
| Size: |
843776
|
|
|
64BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3781825323.00000000064BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
64BF000
|
| Size: |
4096
|
|
|
6375000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1440531172.0000000006375000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6375000
|
| Size: |
843776
|
|
|
67CF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1421763525.00000000067CF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67CF000
|
| Size: |
843776
|
|
|
6134000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1527505381.0000000006134000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6134000
|
| Size: |
843776
|
|
|
1290000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1557328675.0000000001290000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1290000
|
| Size: |
12288
|
|
|
80E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326185804.000000000080E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
80E000
|
| Size: |
8192
|
|
|
54A0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.3781228817.00000000054A0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
54A0000
|
| Size: |
4096
|
|
|
6219000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1520353253.0000000006219000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6219000
|
| Size: |
843776
|
|
|
A6B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1477041166.0000000000A6B000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
A6B000
|
| Size: |
4096
|
|
|
5E85000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1355593709.0000000005E85000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5E85000
|
| Size: |
843776
|
|
|
228B000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.000000000228B000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
228B000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
661C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1419800267.000000000661C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
661C000
|
| Size: |
843776
|
|
|
6613000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1433396003.0000000006613000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6613000
|
| Size: |
843776
|
|
|
6001000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1421679025.0000000006001000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6001000
|
| Size: |
843776
|
|
|
5F74000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1529971822.0000000005F74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F74000
|
| Size: |
843776
|
|
|
1523000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3778456327.0000000001523000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1523000
|
| Size: |
24576
|
|
|
63D9000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1516287560.00000000063D9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63D9000
|
| Size: |
843776
|
|
|
5F66000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1356477504.0000000005F66000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F66000
|
| Size: |
843776
|
|
|
2316000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.0000000002316000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2316000
|
| Size: |
4096
|
|
|
CCF000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000CCF000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
CCF000
|
| Size: |
16384
|
|
|
661B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1423214647.000000000661B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
661B000
|
| Size: |
843776
|
|
|
2374000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.0000000002374000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2374000
|
| Size: |
8192
|
|
|
64B3000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1519470121.00000000064B3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64B3000
|
| Size: |
843776
|
|
|
6001000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1431490829.0000000006001000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6001000
|
| Size: |
843776
|
|
|
3C29000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1415823406.0000000003C29000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3C29000
|
| Size: |
954368
|
|
|
6C7000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1325973203.00000000006C7000.00000004.00000001.01000000.0000000B.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6C7000
|
| Size: |
8192
|
|
|
50BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1480694026.00000000050BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
50BF000
|
| Size: |
4096
|
|
|
6532000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1433880630.0000000006532000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6532000
|
| Size: |
843776
|
|
|
6CB000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326029301.00000000006CB000.00000004.00000001.01000000.0000000B.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6CB000
|
| Size: |
4096
|
|
|
63D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1513987910.00000000063D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63D4000
|
| Size: |
843776
|
|
|
6044000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1330071401.0000000006044000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6044000
|
| Size: |
843776
|
|
|
652D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1421454227.000000000652D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
652D000
|
| Size: |
843776
|
|
|
6129000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1356769239.0000000006129000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6129000
|
| Size: |
843776
|
|
|
C1F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318383449.0000000000C1F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C1F000
|
| Size: |
4096
|
|
|
6212000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1533687262.0000000006212000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6212000
|
| Size: |
843776
|
|
|
24EA000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.00000000024EA000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
24EA000
|
| Size: |
8192
|
|
|
126E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3777148858.000000000126E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
126E000
|
| Size: |
8192
|
|
|
2181000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.0000000002181000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2181000
|
| Size: |
8192
|
|
|
548C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3780955033.000000000548C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
548C000
|
| Size: |
16384
|
|
|
6124000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1340998425.0000000006124000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6124000
|
| Size: |
843776
|
|
|
5F61000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1339296513.0000000005F61000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F61000
|
| Size: |
843776
|
|
|
62BF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1339191372.00000000062BF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62BF000
|
| Size: |
843776
|
|
|
A44000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1476996479.0000000000A44000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A44000
|
| Size: |
36864
|
|
|
6CE000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317293983.00000000006CE000.00000004.00000001.01000000.00000004.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6CE000
|
| Size: |
12288
|
|
|
6D6000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000001.00000000.1310357790.00000000006D6000.00000008.00000001.01000000.00000004.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
6D6000
|
| Size: |
20480
|
|
|
6121000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1357434777.0000000006121000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6121000
|
| Size: |
843776
|
|
|
62F2000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1510484578.00000000062F2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62F2000
|
| Size: |
843776
|
|
|
1530000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3778532295.0000000001530000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1530000
|
| Size: |
4096
|
|
|
6987000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1430278348.0000000006987000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6987000
|
| Size: |
843776
|
|
|
5E8A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1332628511.0000000005E8A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5E8A000
|
| Size: |
843776
|
|
|
18D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1325873592.000000000018D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
18D000
|
| Size: |
77824
|
|
|
6039000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1354951421.0000000006039000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6039000
|
| Size: |
843776
|
|
|
661D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1425081843.000000000661D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
661D000
|
| Size: |
843776
|
|
|
B9D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
0000000B.00000000.1499706591.0000000000B9D000.00000008.00000001.01000000.00000010.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
B9D000
|
| Size: |
4096
|
|
|
63D3000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1526975512.00000000063D3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63D3000
|
| Size: |
843776
|
|
|
154B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.3778752507.000000000154B000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
154B000
|
| Size: |
4096
|
|
|
6C4000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000001.00000000.1310357790.00000000006C4000.00000008.00000001.01000000.00000004.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
6C4000
|
| Size: |
40960
|
|
|
544E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1558194436.000000000544E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
544E000
|
| Size: |
8192
|
|
|
6052000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1532330294.0000000006052000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6052000
|
| Size: |
843776
|
|
|
5CCD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1332381317.0000000005CCD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5CCD000
|
| Size: |
843776
|
|
|
661B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1429618321.000000000661B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
661B000
|
| Size: |
843776
|
|
|
6047000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1356590252.0000000006047000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6047000
|
| Size: |
843776
|
|
|
6041000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1333095488.0000000006041000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6041000
|
| Size: |
843776
|
|
|
65BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3781854015.00000000065BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
65BE000
|
| Size: |
8192
|
|
|
6608000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1420622091.0000000006608000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6608000
|
| Size: |
843776
|
|
|
187F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1557423567.000000000187F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
187F000
|
| Size: |
4096
|
|
|
64B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1529381373.00000000064B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64B0000
|
| Size: |
843776
|
|
|
66F8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1422334105.00000000066F8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66F8000
|
| Size: |
843776
|
|
|
66FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1442435210.00000000066FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66FE000
|
| Size: |
843776
|
|
|
67D3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1426106585.00000000067D3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67D3000
|
| Size: |
843776
|
|
|
5DA8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1339638891.0000000005DA8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5DA8000
|
| Size: |
843776
|
|
|
6048000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1330925877.0000000006048000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6048000
|
| Size: |
843776
|
|
|
67DB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1427707425.00000000067DB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67DB000
|
| Size: |
843776
|
|
|
5468000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3780587968.0000000005468000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5468000
|
| Size: |
4096
|
|
|
1326000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3777372209.0000000001326000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1326000
|
| Size: |
172032
|
|
|
6122000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1340620005.0000000006122000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6122000
|
| Size: |
843776
|
|
|
10A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3776880333.00000000010A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10A0000
|
| Size: |
8192
|
|
|
7FB70000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1308697128.000000007FB70000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
7FB70000
|
| Size: |
3014656
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
6001000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1443281908.0000000006001000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6001000
|
| Size: |
843776
|
|
|
54B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3781263743.00000000054B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
54B0000
|
| Size: |
49152
|
|
|
2400000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.0000000002400000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2400000
|
| Size: |
8192
|
|
|
22E9000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.00000000022E9000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
22E9000
|
| Size: |
8192
|
|
|
66F3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1422756566.00000000066F3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66F3000
|
| Size: |
843776
|
|
|
621B000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1510199632.000000000621B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
621B000
|
| Size: |
843776
|
|
|
DA1000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000000.1323000541.0000000000DA1000.00000002.00000001.01000000.0000000E.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
DA1000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
|
|
67D7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1426515739.00000000067D7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67D7000
|
| Size: |
843776
|
|
|
66FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1426330076.00000000066FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66FB000
|
| Size: |
843776
|
|
|
62FC000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1510348307.00000000062FC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62FC000
|
| Size: |
843776
|
|
|
C6C000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000C6C000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
C6C000
|
| Size: |
4096
|
|
|
3C6F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1319268831.0000000003C6F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C6F000
|
| Size: |
4096
|
|
|
507E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1480483424.000000000507E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
507E000
|
| Size: |
8192
|
|
|
6D3000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317293983.00000000006D3000.00000004.00000001.01000000.00000004.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6D3000
|
| Size: |
20480
|
|
|
68B6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1425421540.00000000068B6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
68B6000
|
| Size: |
843776
|
|
|
6611000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1441442099.0000000006611000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6611000
|
| Size: |
843776
|
|
|
6217000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1511480800.0000000006217000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6217000
|
| Size: |
843776
|
|
|
6452000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1443637993.0000000006452000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6452000
|
| Size: |
843776
|
|
|
6119000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1338075865.0000000006119000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6119000
|
| Size: |
843776
|
|
|
605C000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1529905361.000000000605C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
605C000
|
| Size: |
843776
|
|
|
5DA7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1353949627.0000000005DA7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5DA7000
|
| Size: |
843776
|
|
|
840000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1476444499.0000000000840000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
840000
|
| Size: |
4096
|
|
|
2CA4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1557495368.0000000002CA4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CA4000
|
| Size: |
20480
|
|
|
6100000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1335411028.0000000006100000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6100000
|
| Size: |
843776
|
|
|
620D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1343427625.000000000620D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
620D000
|
| Size: |
843776
|
|
|
6129000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1331638520.0000000006129000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6129000
|
| Size: |
843776
|
|
|
A8E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1477072376.0000000000A8E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A8E000
|
| Size: |
8192
|
|
|
C1F000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000C1F000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
C1F000
|
| Size: |
4096
|
|
|
3FE8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3780259422.0000000003FE8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3FE8000
|
| Size: |
4096
|
|
|
845000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326236703.0000000000845000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
845000
|
| Size: |
12288
|
|
|
6202000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1353593186.0000000006202000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6202000
|
| Size: |
843776
|
|
|
2424000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.0000000002424000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2424000
|
| Size: |
8192
|
|
|
4BA000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1329051420.00000000004BA000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4BA000
|
| Size: |
8192
|
|
|
21B4000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.00000000021B4000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
21B4000
|
| Size: |
4096
|
|
|
24C6000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.00000000024C6000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
24C6000
|
| Size: |
16384
|
|
|
6538000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1429715962.0000000006538000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6538000
|
| Size: |
843776
|
|
|
5F79000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1512130793.0000000005F79000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F79000
|
| Size: |
843776
|
|
|
63DE000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1516666373.00000000063DE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63DE000
|
| Size: |
843776
|
|
|
95F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1321489110.000000000095F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
95F000
|
| Size: |
4096
|
|
|
649B000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1531743956.000000000649B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
649B000
|
| Size: |
843776
|
|
|
605C000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1518695506.000000000605C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
605C000
|
| Size: |
843776
|
|
|
A28000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317996133.0000000000A28000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A28000
|
| Size: |
229376
|
|
|
1010000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1556708167.0000000001010000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1010000
|
| Size: |
4096
|
|
|
63DF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1513421851.00000000063DF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63DF000
|
| Size: |
843776
|
|
|
605D000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1509781373.000000000605D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
605D000
|
| Size: |
843776
|
|
|
67D6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1431289909.00000000067D6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67D6000
|
| Size: |
843776
|
|
|
CEC000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000CEC000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
CEC000
|
| Size: |
8192
|
|
|
6899000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1423139158.0000000006899000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6899000
|
| Size: |
843776
|
|
|
6617000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1425819438.0000000006617000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6617000
|
| Size: |
843776
|
|
|
6043000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1509175295.0000000006043000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6043000
|
| Size: |
843776
|
|
|
4C0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1320796544.00000000004C0000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4C0000
|
| Size: |
12288
|
|
|
548E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1558224643.000000000548E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
548E000
|
| Size: |
8192
|
|
|
5DA3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1344966047.0000000005DA3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5DA3000
|
| Size: |
843776
|
|
|
2307000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.0000000002307000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2307000
|
| Size: |
8192
|
|
|
66F2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1425016009.00000000066F2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66F2000
|
| Size: |
843776
|
|
|
19D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1320743202.000000000019D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
19D000
|
| Size: |
12288
|
|
|
1514000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3778405505.0000000001514000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1514000
|
| Size: |
4096
|
|
|
9EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317926762.00000000009EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9EF000
|
| Size: |
4096
|
|
|
CE4000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000CE4000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
CE4000
|
| Size: |
8192
|
|
|
53A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1557964031.00000000053A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
53A0000
|
| Size: |
45056
|
|
|
21F6000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.00000000021F6000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
21F6000
|
| Size: |
4096
|
|
|
567E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3781505897.000000000567E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
567E000
|
| Size: |
8192
|
|
|
6D3000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326065801.00000000006D3000.00000004.00000001.01000000.0000000B.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6D3000
|
| Size: |
12288
|
|
|
6043000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1333389656.0000000006043000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6043000
|
| Size: |
843776
|
|
|
80E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317443373.000000000080E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
80E000
|
| Size: |
8192
|
|
|
6375000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1443809934.0000000006375000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6375000
|
| Size: |
667648
|
|
|
6057000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1527736222.0000000006057000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6057000
|
| Size: |
843776
|
|
|
AFC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1477072376.0000000000AFC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AFC000
|
| Size: |
8192
|
|
|
2293000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.0000000002293000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2293000
|
| Size: |
4096
|
|
|
23D3000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.00000000023D3000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
23D3000
|
| Size: |
102400
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
66EA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1420783501.00000000066EA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66EA000
|
| Size: |
843776
|
|
|
23F9000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.00000000023F9000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
23F9000
|
| Size: |
8192
|
|
|
5F78000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1514716367.0000000005F78000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F78000
|
| Size: |
843776
|
|
|
4C6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1479322504.0000000004C6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C6E000
|
| Size: |
8192
|
|
|
22C5000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.00000000022C5000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
22C5000
|
| Size: |
4096
|
|
|
720000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1475998533.0000000000720000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
720000
|
| Size: |
4096
|
|
|
6606000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1421565344.0000000006606000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6606000
|
| Size: |
843776
|
|
|
24A1000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.00000000024A1000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
24A1000
|
| Size: |
24576
|
|
|
6370000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1421623345.0000000006370000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6370000
|
| Size: |
843776
|
|
|
5E81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1354234714.0000000005E81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5E81000
|
| Size: |
843776
|
|
|
6000000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1421915544.0000000006000000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6000000
|
| Size: |
843776
|
|
|
3771000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1478026321.0000000003771000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3771000
|
| Size: |
12288
|
|
|
1513000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.3778381695.0000000001513000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1513000
|
| Size: |
4096
|
|
|
62FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1530966371.00000000062FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62FB000
|
| Size: |
843776
|
|
|
4F7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1480362962.0000000004F7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4F7F000
|
| Size: |
4096
|
|
|
6111000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1338577952.0000000006111000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6111000
|
| Size: |
843776
|
|
|
5EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1329135589.00000000005EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5EE000
|
| Size: |
8192
|
|
|
CA2000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000CA2000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
CA2000
|
| Size: |
8192
|
|
|
661D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1424031698.000000000661D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
661D000
|
| Size: |
843776
|
|
|
2466000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.0000000002466000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2466000
|
| Size: |
4096
|
|
|
653C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1441144676.000000000653C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
653C000
|
| Size: |
843776
|
|
|
66FF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1431853729.00000000066FF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66FF000
|
| Size: |
843776
|
|
|
DB5000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000000.1323117812.0000000000DB5000.00000002.00000001.01000000.0000000E.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
DB5000
|
| Size: |
90112
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2348000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.0000000002348000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2348000
|
| Size: |
4096
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
68BD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1419652011.00000000068BD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
68BD000
|
| Size: |
843776
|
|
|
62F8000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1513561535.00000000062F8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62F8000
|
| Size: |
843776
|
|
|
57DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3781633797.00000000057DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
57DE000
|
| Size: |
8192
|
|
|
5446000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3780587968.0000000005446000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5446000
|
| Size: |
4096
|
|
|
CFA000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000CFA000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
CFA000
|
| Size: |
8192
|
|
|
6109000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1336155373.0000000006109000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6109000
|
| Size: |
843776
|
|
|
1311000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3777372209.0000000001311000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1311000
|
| Size: |
49152
|
|
|
64BE000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1527131870.00000000064BE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64BE000
|
| Size: |
843776
|
|
|
661A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1442318531.000000000661A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
661A000
|
| Size: |
843776
|
|
|
6127000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1528083313.0000000006127000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6127000
|
| Size: |
843776
|
|
|
1560000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3778786933.0000000001560000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1560000
|
| Size: |
16384
|
|
|
62FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1513735372.00000000062FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62FE000
|
| Size: |
843776
|
|
|
2640000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318436908.0000000002640000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2640000
|
| Size: |
4096
|
|
|
68B5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1427091652.00000000068B5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
68B5000
|
| Size: |
843776
|
|
|
6000000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1430582803.0000000006000000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6000000
|
| Size: |
843776
|
|
|
12AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3777245578.00000000012AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
12AE000
|
| Size: |
8192
|
|
|
5E81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1344505342.0000000005E81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5E81000
|
| Size: |
843776
|
|
|
63DB000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1529168236.00000000063DB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63DB000
|
| Size: |
843776
|
|
|
653C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1423286984.000000000653C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
653C000
|
| Size: |
843776
|
|
|
5DAD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1334826323.0000000005DAD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5DAD000
|
| Size: |
843776
|
|
|
2DE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3779285891.0000000002DE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DE0000
|
| Size: |
61440
|
|
|
D30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1327152773.0000000000D30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D30000
|
| Size: |
12288
|
|
|
6045000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1350337269.0000000006045000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6045000
|
| Size: |
843776
|
|
|
1540000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3778641371.0000000001540000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1540000
|
| Size: |
4096
|
|
|
1280000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1557305104.0000000001280000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1280000
|
| Size: |
8192
|
|
|
2197000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.0000000002197000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2197000
|
| Size: |
4096
|
|
|
6051000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1534423555.0000000006051000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6051000
|
| Size: |
466944
|
|
|
6001000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1422610707.0000000006001000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6001000
|
| Size: |
843776
|
|
|
8E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317800288.00000000008E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8E0000
|
| Size: |
16384
|
|
|
226A000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.000000000226A000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
226A000
|
| Size: |
4096
|
|
|
6CB000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317265289.00000000006CB000.00000004.00000001.01000000.00000004.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6CB000
|
| Size: |
8192
|
|
|
3C30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1329312951.0000000003C30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3C30000
|
| Size: |
843776
|
|
|
6045000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1330243933.0000000006045000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6045000
|
| Size: |
843776
|
|
|
6615000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1430713369.0000000006615000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6615000
|
| Size: |
843776
|
|
|
62F5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1529063140.00000000062F5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62F5000
|
| Size: |
843776
|
|
|
1486000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1501123737.0000000001486000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1486000
|
| Size: |
131072
|
|
|
62FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1515989176.00000000062FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62FA000
|
| Size: |
843776
|
|
|
2408000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.0000000002408000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2408000
|
| Size: |
4096
|
|
|
63D3000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1526809210.00000000063D3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63D3000
|
| Size: |
843776
|
|
|
9C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326341682.00000000009C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9C0000
|
| Size: |
4096
|
|
|
540E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1558170153.000000000540E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
540E000
|
| Size: |
8192
|
|
|
BA5000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000006.00000000.1413788476.0000000000BA5000.00000002.00000001.01000000.00000010.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
BA5000
|
| Size: |
90112
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
67D9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1419366945.00000000067D9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67D9000
|
| Size: |
843776
|
|
|
2391000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.0000000002391000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2391000
|
| Size: |
8192
|
|
|
300A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3779557919.000000000300A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
300A000
|
| Size: |
4096
|
|
|
50DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3780434671.00000000050DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
50DE000
|
| Size: |
8192
|
|
|
2CE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1557600648.0000000002CE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CE0000
|
| Size: |
4096
|
|
|
68B5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1426596748.00000000068B5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
68B5000
|
| Size: |
843776
|
|
|
21C2000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.00000000021C2000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
21C2000
|
| Size: |
4096
|
|
|
6455000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1440979828.0000000006455000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6455000
|
| Size: |
843776
|
|
|
D08000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000D08000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
D08000
|
| Size: |
4096
|
|
|
6218000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1514315566.0000000006218000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6218000
|
| Size: |
843776
|
|
|
67D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1432793746.00000000067D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67D5000
|
| Size: |
843776
|
|
|
66F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1428810037.00000000066F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66F0000
|
| Size: |
843776
|
|
|
661E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1422196075.000000000661E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
661E000
|
| Size: |
843776
|
|
|
300E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3779557919.000000000300E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
300E000
|
| Size: |
4096
|
|
|
563E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3781467860.000000000563E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
563E000
|
| Size: |
8192
|
|
|
62F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1531103073.00000000062F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62F1000
|
| Size: |
843776
|
|
|
233A000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.000000000233A000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
233A000
|
| Size: |
4096
|
|
|
21E0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.00000000021E0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
21E0000
|
| Size: |
8192
|
|
|
5E8D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1339451416.0000000005E8D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5E8D000
|
| Size: |
843776
|
|
|
621C000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1529675565.000000000621C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
621C000
|
| Size: |
843776
|
|
|
581E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3781668746.000000000581E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
581E000
|
| Size: |
8192
|
|
|
549A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3781088244.000000000549A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
549A000
|
| Size: |
24576
|
|
|
6373000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1427012889.0000000006373000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6373000
|
| Size: |
843776
|
|
|
64A7000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1534180016.00000000064A7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64A7000
|
| Size: |
843776
|
|
|
604A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1353884973.000000000604A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
604A000
|
| Size: |
843776
|
|
|
22CD000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.00000000022CD000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
22CD000
|
| Size: |
4096
|
|
|
9F8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326460704.00000000009F8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9F8000
|
| Size: |
16384
|
|
|
2DF0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.3779349079.0000000002DF0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
2DF0000
|
| Size: |
4096
|
|
|
62F3000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1515655205.00000000062F3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62F3000
|
| Size: |
843776
|
|
|
1240000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1557279056.0000000001240000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1240000
|
| Size: |
4096
|
|
|
62FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1529838348.00000000062FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62FE000
|
| Size: |
843776
|
|
|
D01000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000D01000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
D01000
|
| Size: |
8192
|
|
|
3CAC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1319363848.0000000003CAC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3CAC000
|
| Size: |
16384
|
|
|
A23000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326460704.0000000000A23000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A23000
|
| Size: |
4096
|
|
|
6001000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1425929088.0000000006001000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6001000
|
| Size: |
843776
|
|
|
61AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1327561929.00000000061AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
61AF000
|
| Size: |
4096
|
|
|
53B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1558087104.00000000053B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
53B0000
|
| Size: |
57344
|
|
|
661B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1441641242.000000000661B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
661B000
|
| Size: |
843776
|
|
|
5F67000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1331729061.0000000005F67000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F67000
|
| Size: |
843776
|
|
|
5F50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1335068752.0000000005F50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F50000
|
| Size: |
843776
|
|
|
5F60000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1332968619.0000000005F60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F60000
|
| Size: |
843776
|
|
|
5DA2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1355726249.0000000005DA2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5DA2000
|
| Size: |
843776
|
|
|
5480000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3780955033.0000000005480000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5480000
|
| Size: |
36864
|
|
|
1165000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1557226573.0000000001165000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1165000
|
| Size: |
12288
|
|
|
B91000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000006.00000000.1413677514.0000000000B91000.00000002.00000001.01000000.00000010.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B91000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
|
|
BA5000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000B.00000000.1499760028.0000000000BA5000.00000002.00000001.01000000.00000010.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
BA5000
|
| Size: |
90112
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
22BE000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.00000000022BE000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
22BE000
|
| Size: |
4096
|
|
|
64BE000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1516971262.00000000064BE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64BE000
|
| Size: |
843776
|
|
|
5F68000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1354575613.0000000005F68000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F68000
|
| Size: |
843776
|
|
|
221A000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.000000000221A000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
221A000
|
| Size: |
4096
|
|
|
62FD000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1527644033.00000000062FD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62FD000
|
| Size: |
843776
|
|
|
2660000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1477757908.0000000002660000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2660000
|
| Size: |
4096
|
|
|
6129000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1331345951.0000000006129000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6129000
|
| Size: |
843776
|
|
|
BD0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000BD0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
BD0000
|
| Size: |
36864
|
|
|
6038000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1355661690.0000000006038000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6038000
|
| Size: |
843776
|
|
|
64BD000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1530064020.00000000064BD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64BD000
|
| Size: |
843776
|
|
|
6A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1329216287.00000000006A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6A0000
|
| Size: |
20480
|
|
|
66EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1421180005.00000000066EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66EF000
|
| Size: |
843776
|
|
|
2398000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.0000000002398000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2398000
|
| Size: |
4096
|
|
|
9D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326362000.00000000009D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9D0000
|
| Size: |
28672
|
|
|
7F0000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1475998533.00000000007F0000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7F0000
|
| Size: |
4096
|
|
|
2CAA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1557495368.0000000002CAA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CAA000
|
| Size: |
12288
|
|
|
5E88000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1353820901.0000000005E88000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5E88000
|
| Size: |
843776
|
|
|
603F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1354785440.000000000603F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
603F000
|
| Size: |
843776
|
|
|
19A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317018127.000000000019A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
19A000
|
| Size: |
24576
|
|
|
6128000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1353688831.0000000006128000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6128000
|
| Size: |
843776
|
|
|
61FD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1355370606.00000000061FD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
61FD000
|
| Size: |
843776
|
|
|
6130000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1530230474.0000000006130000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6130000
|
| Size: |
843776
|
|
|
621F000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1530567774.000000000621F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
621F000
|
| Size: |
843776
|
|
|
66FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1418900489.00000000066FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66FE000
|
| Size: |
843776
|
|
|
4D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1320927831.00000000004D0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D0000
|
| Size: |
4096
|
|
|
24BF000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.00000000024BF000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
24BF000
|
| Size: |
8192
|
|
|
604E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1341939019.000000000604E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
604E000
|
| Size: |
843776
|
|
|
6573000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1531411757.0000000006573000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6573000
|
| Size: |
843776
|
|
|
8E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317800288.00000000008E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8E5000
|
| Size: |
12288
|
|
|
2E60000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1557728326.0000000002E60000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
2E60000
|
| Size: |
4096
|
|
|
12EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3777305458.00000000012EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
12EE000
|
| Size: |
8192
|
|
|
5F66000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1346743878.0000000005F66000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F66000
|
| Size: |
843776
|
|
|
62FC000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1533233137.00000000062FC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62FC000
|
| Size: |
843776
|
|
|
5E89000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1334119991.0000000005E89000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5E89000
|
| Size: |
843776
|
|
|
62FC000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1531324629.00000000062FC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62FC000
|
| Size: |
843776
|
|
|
2358000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.0000000002358000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2358000
|
| Size: |
4096
|
|
|
62FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1514525730.00000000062FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62FA000
|
| Size: |
843776
|
|
|
152A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3778456327.000000000152A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
152A000
|
| Size: |
12288
|
|
|
620A000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1508729512.000000000620A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
620A000
|
| Size: |
843776
|
|
|
66F8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1426192237.00000000066F8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66F8000
|
| Size: |
843776
|
|
|
A78000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1327081549.0000000000A78000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A78000
|
| Size: |
16384
|
|
|
2263000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.0000000002263000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2263000
|
| Size: |
4096
|
|
|
A0A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1325555300.0000000000A0A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A0A000
|
| Size: |
4096
|
|
|
5E82000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1336950247.0000000005E82000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5E82000
|
| Size: |
843776
|
|
|
1710000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.3778868935.0000000001710000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1710000
|
| Size: |
65536
|
|
|
63D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1527308897.00000000063D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63D0000
|
| Size: |
843776
|
|
|
6124000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1508934792.0000000006124000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6124000
|
| Size: |
843776
|
|
|
66F3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1442844940.00000000066F3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66F3000
|
| Size: |
843776
|
|
|
C94000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000C94000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
C94000
|
| Size: |
8192
|
|
|
237C000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.000000000237C000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
237C000
|
| Size: |
4096
|
|
|
5F66000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1340253119.0000000005F66000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F66000
|
| Size: |
843776
|
|
|
850000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1476475561.0000000000850000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
850000
|
| Size: |
12288
|
|
|
6219000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1513018770.0000000006219000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6219000
|
| Size: |
843776
|
|
|
6001000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1430394318.0000000006001000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6001000
|
| Size: |
843776
|
|
|
C26000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000C26000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
C26000
|
| Size: |
4096
|
|
|
5CCA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1354019163.0000000005CCA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5CCA000
|
| Size: |
843776
|
|
|
C2D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000C2D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
C2D000
|
| Size: |
8192
|
|
|
AA9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1477072376.0000000000AA9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AA9000
|
| Size: |
155648
|
|
|
64A6000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1533513238.00000000064A6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64A6000
|
| Size: |
843776
|
|
|
67D6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1442721095.00000000067D6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67D6000
|
| Size: |
843776
|
|
|
6137000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1533763647.0000000006137000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6137000
|
| Size: |
843776
|
|
|
2EA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3779409275.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2EA0000
|
| Size: |
4096
|
|
|
6110000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1355163141.0000000006110000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6110000
|
| Size: |
843776
|
|
|
9AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1476664752.00000000009AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9AE000
|
| Size: |
8192
|
|
|
63D2000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1529492691.00000000063D2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63D2000
|
| Size: |
843776
|
|
|
8C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.1314078206.00000000008C0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
8C0000
|
| Size: |
4096
|
|
|
62F8000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1532814319.00000000062F8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62F8000
|
| Size: |
843776
|
|
|
6000000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1425723920.0000000006000000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6000000
|
| Size: |
843776
|
|
|
4C4000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1307730186.00000000004C4000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
4C4000
|
| Size: |
4096
|
|
|
2212000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.0000000002212000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2212000
|
| Size: |
12288
|
|
|
12F8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3777372209.00000000012F8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12F8000
|
| Size: |
86016
|
|
|
1358000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3777372209.0000000001358000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1358000
|
| Size: |
12288
|
|
|
63D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1526405321.00000000063D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63D5000
|
| Size: |
843776
|
|
|
22F9000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.00000000022F9000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
22F9000
|
| Size: |
4096
|
|
|
890000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1476537736.0000000000890000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
890000
|
| Size: |
16384
|
|
|
241D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.000000000241D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
241D000
|
| Size: |
4096
|
|
|
EF8000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1556621021.0000000000EF8000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
EF8000
|
| Size: |
32768
|
|
|
5E0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1327504100.0000000005E0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5E0E000
|
| Size: |
8192
|
|
|
3DFB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1416992322.0000000003DFB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3DFB000
|
| Size: |
4349952
|
|
|
6218000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1532570638.0000000006218000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6218000
|
| Size: |
843776
|
|
|
62F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1510693537.00000000062F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62F1000
|
| Size: |
843776
|
|
|
62F3000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1518415849.00000000062F3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62F3000
|
| Size: |
843776
|
|
|
66E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1421396827.00000000066E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66E5000
|
| Size: |
843776
|
|
|
66F5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1424830636.00000000066F5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66F5000
|
| Size: |
843776
|
|
|
35CF000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1323767366.00000000035CF000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
35CF000
|
| Size: |
12288
|
|
|
357D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1323767366.000000000357D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
357D000
|
| Size: |
36864
|
|
|
5F60000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1355528051.0000000005F60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F60000
|
| Size: |
843776
|
|
|
3010000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3779557919.0000000003010000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3010000
|
| Size: |
135168
|
|
|
94E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326287066.000000000094E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
94E000
|
| Size: |
8192
|
|
|
C84000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000C84000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
C84000
|
| Size: |
45056
|
|
|
48AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1478301541.00000000048AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
48AE000
|
| Size: |
8192
|
|
|
63CB000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1506510597.00000000063CB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63CB000
|
| Size: |
843776
|
|
|
4B9000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1320796544.00000000004B9000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4B9000
|
| Size: |
20480
|
|
|
645D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1443066317.000000000645D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
645D000
|
| Size: |
843776
|
|
|
A1E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326460704.0000000000A1E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A1E000
|
| Size: |
8192
|
|
|
262C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1477585481.000000000262C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
262C000
|
| Size: |
4096
|
|
|
6001000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1428155283.0000000006001000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6001000
|
| Size: |
843776
|
|
|
6205000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1354108931.0000000006205000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6205000
|
| Size: |
843776
|
|
|
1510000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3778356644.0000000001510000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1510000
|
| Size: |
4096
|
|
|
6031000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1339555792.0000000006031000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6031000
|
| Size: |
843776
|
|
|
8D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317722682.00000000008D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8D5000
|
| Size: |
12288
|
|
|
22D4000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.00000000022D4000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
22D4000
|
| Size: |
4096
|
|
|
1553000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1324641632.0000000001553000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1553000
|
| Size: |
69632
|
|
|
224D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.000000000224D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
224D000
|
| Size: |
4096
|
|
|
545E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3780587968.000000000545E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
545E000
|
| Size: |
4096
|
|
|
6125000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1357108962.0000000006125000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6125000
|
| Size: |
843776
|
|
|
1389000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3777372209.0000000001389000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1389000
|
| Size: |
118784
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
66FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1426885048.00000000066FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66FA000
|
| Size: |
843776
|
|
|
14EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3778286781.00000000014EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
14EE000
|
| Size: |
8192
|
|
|
62F6000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1528911748.00000000062F6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62F6000
|
| Size: |
843776
|
|
|
39EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318990272.00000000039EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
39EF000
|
| Size: |
4096
|
|
|
603D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1335715969.000000000603D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
603D000
|
| Size: |
843776
|
|
|
68A9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1429521017.00000000068A9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
68A9000
|
| Size: |
843776
|
|
|
2173000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.0000000002173000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2173000
|
| Size: |
4096
|
|
|
620D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1341261382.000000000620D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
620D000
|
| Size: |
843776
|
|
|
6DB000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000001.00000000.1310405123.00000000006DB000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
6DB000
|
| Size: |
4096
|
|
|
870000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1476508182.0000000000870000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
870000
|
| Size: |
4096
|
|
|
DB1000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000004.00000000.1323061804.0000000000DB1000.00000008.00000001.01000000.0000000E.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
DB1000
|
| Size: |
4096
|
|
|
CD6000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000CD6000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
CD6000
|
| Size: |
16384
|
|
|
A30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1323434829.0000000000A30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A30000
|
| Size: |
200704
|
|
|
66F3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1434560926.00000000066F3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66F3000
|
| Size: |
843776
|
|
|
1475000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1501197802.0000000001475000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1475000
|
| Size: |
69632
|
|
|
A76000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317996133.0000000000A76000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A76000
|
| Size: |
65536
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
22E2000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.00000000022E2000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
22E2000
|
| Size: |
4096
|
|
|
A34000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1476964988.0000000000A34000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A34000
|
| Size: |
4096
|
|
|
680000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1321365205.0000000000680000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
680000
|
| Size: |
20480
|
|
|
38FF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1326526009.00000000038FF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
38FF000
|
| Size: |
4349952
|
|
|
6619000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1426764618.0000000006619000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6619000
|
| Size: |
843776
|
|
|
2ED0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3779490195.0000000002ED0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2ED0000
|
| Size: |
4096
|
|
|
2449000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.0000000002449000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2449000
|
| Size: |
4096
|
|
|
66F5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1424139502.00000000066F5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66F5000
|
| Size: |
843776
|
|
|
53AC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1557964031.00000000053AC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
53AC000
|
| Size: |
4096
|
|
|
5F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1329155467.00000000005F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F0000
|
| Size: |
4096
|
|
|
5DAB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1354320057.0000000005DAB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5DAB000
|
| Size: |
843776
|
|
|
115E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1557202417.000000000115E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
115E000
|
| Size: |
8192
|
|
|
6455000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1423426664.0000000006455000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6455000
|
| Size: |
843776
|
|
|
613A000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1519839920.000000000613A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
613A000
|
| Size: |
843776
|
|
|
2610000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1477549431.0000000002610000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2610000
|
| Size: |
32768
|
|
|
6615000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1442119088.0000000006615000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6615000
|
| Size: |
843776
|
|
|
D39000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1327152773.0000000000D39000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D39000
|
| Size: |
24576
|
|
|
276E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1477802445.000000000276E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
276E000
|
| Size: |
8192
|
|
|
637F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1420058314.000000000637F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
637F000
|
| Size: |
843776
|
|
|
2416000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.0000000002416000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2416000
|
| Size: |
4096
|
|
|
62F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1528731681.00000000062F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62F1000
|
| Size: |
843776
|
|
|
5E8D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1331811953.0000000005E8D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5E8D000
|
| Size: |
843776
|
|
|
A76000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1323434829.0000000000A76000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A76000
|
| Size: |
32768
|
|
|
62FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1532692048.00000000062FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62FA000
|
| Size: |
843776
|
|
|
61FD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1357869816.00000000061FD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
61FD000
|
| Size: |
843776
|
|
|
2271000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.0000000002271000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2271000
|
| Size: |
8192
|
|
|
6046000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1334190177.0000000006046000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6046000
|
| Size: |
843776
|
|
|
21A5000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.00000000021A5000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
21A5000
|
| Size: |
4096
|
|
|
603C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1355068352.000000000603C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
603C000
|
| Size: |
843776
|
|
|
3032000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3779557919.0000000003032000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3032000
|
| Size: |
8192
|
|
|
2450000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.0000000002450000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2450000
|
| Size: |
8192
|
|
|
2238000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.0000000002238000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2238000
|
| Size: |
4096
|
|
|
19D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1329019688.000000000019D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
19D000
|
| Size: |
12288
|
|
|
637F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1443375499.000000000637F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
637F000
|
| Size: |
843776
|
|
|
4C2000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000000.00000000.1307690322.00000000004C2000.00000008.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
4C2000
|
| Size: |
8192
|
|
|
2CC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318814181.0000000002CC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CC0000
|
| Size: |
4096
|
|
|
246D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.000000000246D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
246D000
|
| Size: |
4096
|
|
|
C09000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000C09000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
C09000
|
| Size: |
8192
|
|
|
6051000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1528185541.0000000006051000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6051000
|
| Size: |
843776
|
|
|
B9D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000006.00000000.1413729809.0000000000B9D000.00000008.00000001.01000000.00000010.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
B9D000
|
| Size: |
4096
|
|
|
85F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1321431722.000000000085F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
85F000
|
| Size: |
4096
|
|
|
577F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1558304122.000000000577F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
577F000
|
| Size: |
4096
|
|
|
6056000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1512035729.0000000006056000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6056000
|
| Size: |
843776
|
|
|
66F3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1427647510.00000000066F3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66F3000
|
| Size: |
843776
|
|
|
A09000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326460704.0000000000A09000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A09000
|
| Size: |
4096
|
|
|
A1C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1317751823.0000000000A1C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A1C000
|
| Size: |
114688
|
|
|
645C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1419998273.000000000645C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
645C000
|
| Size: |
843776
|
|
|
62F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1533086922.00000000062F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62F1000
|
| Size: |
843776
|
|
|
62E7000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1505561729.00000000062E7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62E7000
|
| Size: |
843776
|
|
|
249A000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.000000000249A000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
249A000
|
| Size: |
20480
|
|
|
5E87000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1341559735.0000000005E87000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5E87000
|
| Size: |
843776
|
|
|
63D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1533303483.00000000063D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63D0000
|
| Size: |
843776
|
|
|
5494000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3781088244.0000000005494000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5494000
|
| Size: |
4096
|
|
|
61EA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1336044666.00000000061EA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
61EA000
|
| Size: |
843776
|
|
|
621C000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1521219043.000000000621C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
621C000
|
| Size: |
843776
|
|
|
84E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317538733.000000000084E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
84E000
|
| Size: |
8192
|
|
|
5E81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1336401412.0000000005E81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5E81000
|
| Size: |
843776
|
|
|
2484000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.0000000002484000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2484000
|
| Size: |
8192
|
|
|
67D8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1418980306.00000000067D8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67D8000
|
| Size: |
843776
|
|
|
401000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000000.00000000.1307612059.0000000000401000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
401000
|
| Size: |
745472
|
|
|
5390000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1557927343.0000000005390000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5390000
|
| Size: |
32768
|
|
|
1160000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1557226573.0000000001160000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1160000
|
| Size: |
16384
|
|
|
64AC000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1509473542.00000000064AC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64AC000
|
| Size: |
843776
|
|
|
1115000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3776956163.0000000001115000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1115000
|
| Size: |
12288
|
|
|
5CCD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1336705196.0000000005CCD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5CCD000
|
| Size: |
843776
|
|
|
151D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.3778431123.000000000151D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
151D000
|
| Size: |
4096
|
|
|
604E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1340725787.000000000604E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
604E000
|
| Size: |
843776
|
|
|
2189000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.0000000002189000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2189000
|
| Size: |
4096
|
|
|
24E3000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.00000000024E3000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
24E3000
|
| Size: |
4096
|
|
|
6124000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1353357779.0000000006124000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6124000
|
| Size: |
843776
|
|
|
24DC000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.00000000024DC000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
24DC000
|
| Size: |
4096
|
|
|
612C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1357241202.000000000612C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
612C000
|
| Size: |
843776
|
|
|
1082000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1556736370.0000000001082000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1082000
|
| Size: |
12288
|
|
|
62AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1327591244.00000000062AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
62AF000
|
| Size: |
4096
|
|
|
96000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1325841449.0000000000096000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
96000
|
| Size: |
40960
|
|
|
6536000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1425141717.0000000006536000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6536000
|
| Size: |
843776
|
|
|
1547000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.3778699265.0000000001547000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1547000
|
| Size: |
4096
|
|
|
6139000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1517966534.0000000006139000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6139000
|
| Size: |
843776
|
|
|
880000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1329292773.0000000000880000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
880000
|
| Size: |
24576
|
|
|
66F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1422944270.00000000066F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66F1000
|
| Size: |
843776
|
|
|
C6F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1477434909.0000000000C6F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C6F000
|
| Size: |
4096
|
|
|
5F68000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1337514190.0000000005F68000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F68000
|
| Size: |
843776
|
|
|
6F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317368465.00000000006F0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6F0000
|
| Size: |
4096
|
|
|
358C000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1323767366.000000000358C000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
358C000
|
| Size: |
16384
|
|
|
CF3000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000CF3000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
CF3000
|
| Size: |
4096
|
|
|
35D8000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1323767366.00000000035D8000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
35D8000
|
| Size: |
4096
|
|
|
6001000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1427781776.0000000006001000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6001000
|
| Size: |
843776
|
|
|
6211000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1515500385.0000000006211000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6211000
|
| Size: |
843776
|
|
|
67DE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1443485356.00000000067DE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67DE000
|
| Size: |
843776
|
|
|
62F6000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1513175216.00000000062F6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62F6000
|
| Size: |
843776
|
|
|
9EB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1325688509.00000000009EB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9EB000
|
| Size: |
126976
|
|
|
35B4000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1323767366.00000000035B4000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
35B4000
|
| Size: |
4096
|
|
|
6F8000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1475960653.00000000006F8000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6F8000
|
| Size: |
32768
|
|
|
604A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1356856586.000000000604A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
604A000
|
| Size: |
843776
|
|
|
612F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1341145689.000000000612F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
612F000
|
| Size: |
843776
|
|
|
217A000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.000000000217A000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
217A000
|
| Size: |
4096
|
|
|
5CC4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1339712031.0000000005CC4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5CC4000
|
| Size: |
843776
|
|
|
6452000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1429958117.0000000006452000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6452000
|
| Size: |
843776
|
|
|
24A8000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.00000000024A8000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
24A8000
|
| Size: |
4096
|
|
|
6127000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1351227758.0000000006127000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6127000
|
| Size: |
843776
|
|
|
6536000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1425532826.0000000006536000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6536000
|
| Size: |
843776
|
|
|
62FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1528612655.00000000062FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62FA000
|
| Size: |
843776
|
|
|
67D8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1424321568.00000000067D8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67D8000
|
| Size: |
843776
|
|
|
47AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1478164090.00000000047AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47AE000
|
| Size: |
8192
|
|
|
604B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1357639221.000000000604B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
604B000
|
| Size: |
843776
|
|
|
5F6B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1337644717.0000000005F6B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F6B000
|
| Size: |
843776
|
|
|
10EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3776920733.00000000010EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
10EE000
|
| Size: |
8192
|
|
|
5DAD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1340015114.0000000005DAD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5DAD000
|
| Size: |
843776
|
|
|
6000000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1417975190.0000000006000000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6000000
|
| Size: |
843776
|
|
|
61EA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1336816145.00000000061EA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
61EA000
|
| Size: |
843776
|
|
|
6137000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1511595719.0000000006137000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6137000
|
| Size: |
843776
|
|
|
22B0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.00000000022B0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
22B0000
|
| Size: |
4096
|
|
|
AD1000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000006.00000000.1413604786.0000000000AD1000.00000020.00000001.01000000.00000010.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
AD1000
|
| Size: |
638976
|
|
|
A29000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1318993245.0000000000A29000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A29000
|
| Size: |
86016
|
|
|
5BF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1503924829.0000000005BF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5BF0000
|
| Size: |
843776
|
|
|
62EE000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1505318235.00000000062EE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62EE000
|
| Size: |
843776
|
|
|
66F9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1426042048.00000000066F9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66F9000
|
| Size: |
843776
|
|
|
1110000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3776956163.0000000001110000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1110000
|
| Size: |
16384
|
|
|
C76000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000C76000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
C76000
|
| Size: |
4096
|
|
|
6000000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1424514486.0000000006000000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6000000
|
| Size: |
843776
|
|
|
C51000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000C51000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
C51000
|
| Size: |
8192
|
|
|
6452000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1426948528.0000000006452000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6452000
|
| Size: |
843776
|
|
|
C10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000C10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
C10000
|
| Size: |
8192
|
|
|
CE0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000000.1322855086.0000000000CE0000.00000002.00000001.01000000.0000000E.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
CE0000
|
| Size: |
4096
|
|
|
1530000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1557378479.0000000001530000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1530000
|
| Size: |
12288
|
|
|
63C5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1528820582.00000000063C5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63C5000
|
| Size: |
843776
|
|
|
9D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1476705116.00000000009D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
9D0000
|
| Size: |
8192
|
|
|
6533000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1442972957.0000000006533000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6533000
|
| Size: |
843776
|
|
|
5DA4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1342280525.0000000005DA4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5DA4000
|
| Size: |
843776
|
|
|
2366000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.0000000002366000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2366000
|
| Size: |
4096
|
|
|
6210000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1532453630.0000000006210000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6210000
|
| Size: |
843776
|
|
|
103E000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1556736370.000000000103E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
103E000
|
| Size: |
8192
|
|
|
67D3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1425209529.00000000067D3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67D3000
|
| Size: |
843776
|
|
|
6210000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1528474479.0000000006210000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6210000
|
| Size: |
843776
|
|
|
5450000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3780587968.0000000005450000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5450000
|
| Size: |
8192
|
|
|
6377000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1425331292.0000000006377000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6377000
|
| Size: |
843776
|
|
|
604E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1353183987.000000000604E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
604E000
|
| Size: |
843776
|
|
|
4C2D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1478612249.0000000004C2D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C2D000
|
| Size: |
12288
|
|
|
99000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1316907574.0000000000099000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
99000
|
| Size: |
28672
|
|
|
605B000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1514616712.000000000605B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
605B000
|
| Size: |
843776
|
|
|
CDD000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000CDD000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
CDD000
|
| Size: |
8192
|
|
|
2620000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1477585481.0000000002620000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2620000
|
| Size: |
45056
|
|
|
1564000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1324602937.0000000001564000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1564000
|
| Size: |
131072
|
|
|
64B2000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1514106456.00000000064B2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64B2000
|
| Size: |
843776
|
|
|
C02000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000C02000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
C02000
|
| Size: |
8192
|
|
|
38AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318897006.00000000038AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38AE000
|
| Size: |
8192
|
|
|
DAD000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000004.00000000.1323061804.0000000000DAD000.00000008.00000001.01000000.0000000E.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
DAD000
|
| Size: |
4096
|
|
|
2770000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1327307589.0000000002770000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2770000
|
| Size: |
4096
|
|
|
570000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1321156555.0000000000570000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
570000
|
| Size: |
24576
|
|
|
21D9000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.00000000021D9000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
21D9000
|
| Size: |
4096
|
|
|
35E8000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1323767366.00000000035E8000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
35E8000
|
| Size: |
4096
|
|
|
21FD000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.00000000021FD000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
21FD000
|
| Size: |
28672
|
|
|
66FB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1441919482.00000000066FB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66FB000
|
| Size: |
843776
|
|
|
62FF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1515781845.00000000062FF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62FF000
|
| Size: |
843776
|
|
|
5E87000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1334712794.0000000005E87000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5E87000
|
| Size: |
843776
|
|
|
2FE1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3779557919.0000000002FE1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2FE1000
|
| Size: |
163840
|
|
|
6537000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1426822097.0000000006537000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6537000
|
| Size: |
843776
|
|
|
6126000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1353480181.0000000006126000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6126000
|
| Size: |
843776
|
|
|
401000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000001.00000000.1309838294.0000000000401000.00000020.00000001.01000000.00000004.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
401000
|
| Size: |
2895872
|
|
|
4D6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1479418496.0000000004D6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4D6E000
|
| Size: |
8192
|
|
|
53C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1558139364.00000000053C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
53C0000
|
| Size: |
20480
|
|
|
5F70000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1509326155.0000000005F70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F70000
|
| Size: |
843776
|
|
|
6125000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1330368470.0000000006125000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6125000
|
| Size: |
843776
|
|
|
66F5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1419104110.00000000066F5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66F5000
|
| Size: |
843776
|
|
|
C59000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000C59000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
C59000
|
| Size: |
4096
|
|
|
3E71000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1557788036.0000000003E71000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E71000
|
| Size: |
12288
|
|
|
3B2F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1319053294.0000000003B2F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B2F000
|
| Size: |
4096
|
|
|
6101000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1338734057.0000000006101000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6101000
|
| Size: |
843776
|
|
|
A80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1325747249.0000000000A80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A80000
|
| Size: |
4096
|
|
|
A0D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1325555300.0000000000A0D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A0D000
|
| Size: |
143360
|
|
|
A7C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1325747249.0000000000A7C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A7C000
|
| Size: |
12288
|
|
|
63CF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1533617038.00000000063CF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63CF000
|
| Size: |
843776
|
|
|
579E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3781599342.000000000579E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
579E000
|
| Size: |
8192
|
|
|
5F68000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1332877336.0000000005F68000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F68000
|
| Size: |
843776
|
|
|
27A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1327333252.00000000027A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
27A0000
|
| Size: |
4096
|
|
|
895000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1476537736.0000000000895000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
895000
|
| Size: |
12288
|
|
|
CAA000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000CAA000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
CAA000
|
| Size: |
61440
|
|
|
66EB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1421073976.00000000066EB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66EB000
|
| Size: |
843776
|
|
|
C6F000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000C6F000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
C6F000
|
| Size: |
4096
|
|
|
27A3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1327333252.00000000027A3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
27A3000
|
| Size: |
28672
|
|
|
5454000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3780587968.0000000005454000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5454000
|
| Size: |
8192
|
|
|
6030000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1336481930.0000000006030000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6030000
|
| Size: |
843776
|
|
|
2C94000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1557470719.0000000002C94000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C94000
|
| Size: |
4096
|
|
|
62F8000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1511692570.00000000062F8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62F8000
|
| Size: |
843776
|
|
|
6000000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1422439512.0000000006000000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6000000
|
| Size: |
843776
|
|
|
21EF000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.00000000021EF000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
21EF000
|
| Size: |
4096
|
|
|
2680000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1318499952.0000000002680000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2680000
|
| Size: |
4096
|
|
|
62F5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1516167682.00000000062F5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62F5000
|
| Size: |
843776
|
|
|
67C6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1429817640.00000000067C6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67C6000
|
| Size: |
843776
|
|
|
13BD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1324676390.00000000013BD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13BD000
|
| Size: |
954368
|
|
|
6000000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1423356933.0000000006000000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6000000
|
| Size: |
843776
|
|
|
A28000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326460704.0000000000A28000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A28000
|
| Size: |
8192
|
|
|
C41000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000C41000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
C41000
|
| Size: |
16384
|
|
|
235F000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.000000000235F000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
235F000
|
| Size: |
4096
|
|
|
5E82000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1356172782.0000000005E82000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5E82000
|
| Size: |
843776
|
|
|
5F6A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1334051396.0000000005F6A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F6A000
|
| Size: |
843776
|
|
|
66F9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1418785115.00000000066F9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66F9000
|
| Size: |
843776
|
|
|
109A000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1556736370.000000000109A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
109A000
|
| Size: |
81920
|
|
|
D7D000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000000.1323000541.0000000000D7D000.00000002.00000001.01000000.0000000E.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
D7D000
|
| Size: |
143360
|
|
|
23F2000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.00000000023F2000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
23F2000
|
| Size: |
8192
|
|
|
A93000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1477072376.0000000000A93000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A93000
|
| Size: |
45056
|
|
|
5461000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3780587968.0000000005461000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5461000
|
| Size: |
8192
|
|
|
A01000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326460704.0000000000A01000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A01000
|
| Size: |
8192
|
|
|
3B6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1319108872.0000000003B6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B6E000
|
| Size: |
8192
|
|
|
23C0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.00000000023C0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
23C0000
|
| Size: |
36864
|
|
|
9D8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326362000.00000000009D8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9D8000
|
| Size: |
77824
|
|
|
AD0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000B.00000000.1499488218.0000000000AD0000.00000002.00000001.01000000.00000010.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
AD0000
|
| Size: |
4096
|
|
|
6534000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1440870741.0000000006534000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6534000
|
| Size: |
843776
|
|
|
219E000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.000000000219E000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
219E000
|
| Size: |
4096
|
|
|
6058000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1520040603.0000000006058000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6058000
|
| Size: |
843776
|
|
|
A25000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326460704.0000000000A25000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A25000
|
| Size: |
8192
|
|
|
2221000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.0000000002221000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2221000
|
| Size: |
12288
|
|
|
A33000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1476933667.0000000000A33000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
A33000
|
| Size: |
4096
|
|
|
55A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3781402055.00000000055A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
55A0000
|
| Size: |
20480
|
|
|
9FF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326460704.00000000009FF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9FF000
|
| Size: |
4096
|
|
|
BA1000
|
unkown
|
page write copy
|
|
|
|
| Name: |
0000000B.00000000.1499706591.0000000000BA1000.00000008.00000001.01000000.00000010.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
BA1000
|
| Size: |
4096
|
|
|
888000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1329292773.0000000000888000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
888000
|
| Size: |
77824
|
|
|
5CCB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1334333810.0000000005CCB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5CCB000
|
| Size: |
843776
|
|
|
6458000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1420267517.0000000006458000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6458000
|
| Size: |
843776
|
|
|
66FE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1423601429.00000000066FE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66FE000
|
| Size: |
843776
|
|
|
A2B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1327050766.0000000000A2B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A2B000
|
| Size: |
8192
|
|
|
6CE000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326065801.00000000006CE000.00000004.00000001.01000000.0000000B.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
6CE000
|
| Size: |
4096
|
|
|
63D3000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1517275791.00000000063D3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63D3000
|
| Size: |
843776
|
|
|
242C000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.000000000242C000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
242C000
|
| Size: |
28672
|
|
|
604E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1340535766.000000000604E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
604E000
|
| Size: |
843776
|
|
|
2DCC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3779092383.0000000002DCC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DCC000
|
| Size: |
4096
|
|
|
136C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3777372209.000000000136C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
136C000
|
| Size: |
61440
|
|
|
603C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1335228295.000000000603C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
603C000
|
| Size: |
843776
|
|
|
661B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1427438991.000000000661B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
661B000
|
| Size: |
843776
|
|
|
256E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1477518090.000000000256E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
256E000
|
| Size: |
8192
|
|
|
850000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317668271.0000000000850000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
850000
|
| Size: |
4096
|
|
|
6216000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1527412948.0000000006216000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6216000
|
| Size: |
843776
|
|
|
400000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000001.00000000.1309823707.0000000000400000.00000002.00000001.01000000.00000004.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
400000
|
| Size: |
4096
|
|
|
6054000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1533930827.0000000006054000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6054000
|
| Size: |
843776
|
|
|
22A1000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.00000000022A1000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
22A1000
|
| Size: |
4096
|
|
|
620E000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1504402807.000000000620E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
620E000
|
| Size: |
843776
|
|
|
2332000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.0000000002332000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2332000
|
| Size: |
12288
|
|
|
177E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1557401004.000000000177E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
177E000
|
| Size: |
8192
|
|
|
6043000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1351867778.0000000006043000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6043000
|
| Size: |
843776
|
|
|
139F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1557358864.000000000139F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
139F000
|
| Size: |
4096
|
|
|
6127000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1333788581.0000000006127000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6127000
|
| Size: |
843776
|
|
|
63DB000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1529281519.00000000063DB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63DB000
|
| Size: |
843776
|
|
|
6609000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1420724794.0000000006609000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6609000
|
| Size: |
843776
|
|
|
5F6A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1353756463.0000000005F6A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F6A000
|
| Size: |
843776
|
|
|
2E40000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1557702445.0000000002E40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E40000
|
| Size: |
4096
|
|
|
2300000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1327757450.0000000002300000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2300000
|
| Size: |
8192
|
|
|
62F6000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1526515801.00000000062F6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62F6000
|
| Size: |
843776
|
|
|
5F63000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1341467189.0000000005F63000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F63000
|
| Size: |
843776
|
|
|
66FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1427542610.00000000066FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66FA000
|
| Size: |
843776
|
|
|
604E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1340880010.000000000604E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
604E000
|
| Size: |
843776
|
|
|
BCB000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1556589919.0000000000BCB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BCB000
|
| Size: |
20480
|
|
|
63C1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1531196911.00000000063C1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63C1000
|
| Size: |
843776
|
|
|
5CC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1319373478.0000000005CC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5CC1000
|
| Size: |
274432
|
|
|
1500000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3778321680.0000000001500000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1500000
|
| Size: |
8192
|
|
|
F40000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.3776618673.0000000000F40000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
F40000
|
| Size: |
4096
|
|
|
67DD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1426684764.00000000067DD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67DD000
|
| Size: |
843776
|
|
|
6139000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1515034820.0000000006139000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6139000
|
| Size: |
843776
|
|
|
5F74000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1527836420.0000000005F74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F74000
|
| Size: |
843776
|
|
|
62F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1533852216.00000000062F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62F0000
|
| Size: |
843776
|
|
|
2630000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1477649596.0000000002630000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
2630000
|
| Size: |
4096
|
|
|
63D8000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1510573122.00000000063D8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63D8000
|
| Size: |
843776
|
|
|
6601000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1420865025.0000000006601000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6601000
|
| Size: |
843776
|
|
|
2FDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3779521451.0000000002FDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2FDE000
|
| Size: |
8192
|
|
|
223F000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.000000000223F000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
223F000
|
| Size: |
4096
|
|
|
100E000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.3776618673.000000000100E000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
100E000
|
| Size: |
4096
|
|
|
5F63000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1346288919.0000000005F63000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F63000
|
| Size: |
843776
|
|
|
A21000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1326460704.0000000000A21000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A21000
|
| Size: |
4096
|
|
|
5CCB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1342995800.0000000005CCB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5CCB000
|
| Size: |
843776
|
|
|
4D70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1479767942.0000000004D70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D70000
|
| Size: |
4096
|
|
|
1028000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1556736370.0000000001028000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1028000
|
| Size: |
86016
|
|
|
611F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1354865115.000000000611F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
611F000
|
| Size: |
843776
|
|
|
63D3000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1532886939.00000000063D3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63D3000
|
| Size: |
843776
|
|
|
63DA000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1511142842.00000000063DA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63DA000
|
| Size: |
843776
|
|
|
620A000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1504253583.000000000620A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
620A000
|
| Size: |
843776
|
|
|
67DA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1419524669.00000000067DA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67DA000
|
| Size: |
843776
|
|
|
6056000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1515138516.0000000006056000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6056000
|
| Size: |
843776
|
|
|
3A2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1319016375.0000000003A2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A2E000
|
| Size: |
8192
|
|
|
2AB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1329461476.0000000002AB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AB0000
|
| Size: |
4096
|
|
|
E3B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3776448292.0000000000E3B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E3B000
|
| Size: |
20480
|
|
|
21C9000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.00000000021C9000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
21C9000
|
| Size: |
8192
|
|
|
6536000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1427191865.0000000006536000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6536000
|
| Size: |
843776
|
|
|
C9B000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000C9B000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
C9B000
|
| Size: |
8192
|
|
|
621B000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1531598764.000000000621B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
621B000
|
| Size: |
843776
|
|
|
66F6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1422505605.00000000066F6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66F6000
|
| Size: |
843776
|
|
|
63D8000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1510989405.00000000063D8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63D8000
|
| Size: |
843776
|
|
|
8D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317722682.00000000008D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8D0000
|
| Size: |
12288
|
|
|
5F69000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1329939480.0000000005F69000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F69000
|
| Size: |
843776
|
|
|
2520000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1477490599.0000000002520000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2520000
|
| Size: |
4096
|
|
|
5DAB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1337231828.0000000005DAB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5DAB000
|
| Size: |
843776
|
|
|
CE1000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000004.00000000.1322897499.0000000000CE1000.00000020.00000001.01000000.0000000E.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
CE1000
|
| Size: |
638976
|
|
|
3035000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3779557919.0000000003035000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3035000
|
| Size: |
28672
|
|
|
A78000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1477072376.0000000000A78000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A78000
|
| Size: |
86016
|
|
|
603B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1337913284.000000000603B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
603B000
|
| Size: |
843776
|
|
|
12F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3777372209.00000000012F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12F0000
|
| Size: |
24576
|
|
|
560000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1321103406.0000000000560000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
560000
|
| Size: |
4096
|
|
|
613C000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1512436666.000000000613C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
613C000
|
| Size: |
843776
|
|
|
6987000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1429370390.0000000006987000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6987000
|
| Size: |
843776
|
|
|
1352000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3777372209.0000000001352000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1352000
|
| Size: |
12288
|
|
|
B6D000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000B.00000000.1499644151.0000000000B6D000.00000002.00000001.01000000.00000010.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B6D000
|
| Size: |
143360
|
|
|
62FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1526205205.00000000062FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62FA000
|
| Size: |
843776
|
|
|
3591000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1323767366.0000000003591000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3591000
|
| Size: |
77824
|
|
|
6376000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1430096732.0000000006376000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6376000
|
| Size: |
843776
|
|
|
5F69000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1357500052.0000000005F69000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F69000
|
| Size: |
843776
|
|
|
6608000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1420996360.0000000006608000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6608000
|
| Size: |
843776
|
|
|
604D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1331925718.000000000604D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
604D000
|
| Size: |
843776
|
|
|
1324000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3777372209.0000000001324000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1324000
|
| Size: |
4096
|
|
|
603A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1338213233.000000000603A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
603A000
|
| Size: |
843776
|
|
|
5CC3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1357779142.0000000005CC3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5CC3000
|
| Size: |
843776
|
|
|
3DAD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1319403699.0000000003DAD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3DAD000
|
| Size: |
12288
|
|
|
6458000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1421846432.0000000006458000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6458000
|
| Size: |
843776
|
|
|
BE3000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1324141738.0000000000BE3000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
BE3000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
21BB000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.00000000021BB000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
21BB000
|
| Size: |
4096
|
|
|
F00000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1556650077.0000000000F00000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
F00000
|
| Size: |
4096
|
|
|
1700000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3778832019.0000000001700000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1700000
|
| Size: |
4096
|
|
|
245F000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.000000000245F000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
245F000
|
| Size: |
4096
|
|
|
2254000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1319576432.0000000002254000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2254000
|
| Size: |
8192
|
|
|
613F000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1509643430.000000000613F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
613F000
|
| Size: |
843776
|
|
|
66FA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1419926599.00000000066FA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66FA000
|
| Size: |
843776
|
|
|
6055000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1531809961.0000000006055000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6055000
|
| Size: |
843776
|
|
|
5CC5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1355791637.0000000005CC5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5CC5000
|
| Size: |
843776
|
|
|
247D000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.1314189446.000000000247D000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
247D000
|
| Size: |
8192
|
|
|
620A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1331472657.000000000620A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
620A000
|
| Size: |
843776
|
|
|
5F69000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1356384572.0000000005F69000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F69000
|
| Size: |
843776
|
|
|
6040000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1333206397.0000000006040000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6040000
|
| Size: |
843776
|
|
|
61BE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1418108297.00000000061BE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
61BE000
|
| Size: |
843776
|
|
|
6139000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1514422522.0000000006139000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6139000
|
| Size: |
843776
|
|
|
5F68000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1340155038.0000000005F68000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F68000
|
| Size: |
843776
|
|
|
62FF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1526664123.00000000062FF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62FF000
|
| Size: |
843776
|
|
|
4B7000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1320796544.00000000004B7000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
4B7000
|
| Size: |
4096
|
|
|
5DA7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1358082439.0000000005DA7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5DA7000
|
| Size: |
466944
|
|
|
FCE000
|
remote allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1556650077.0000000000FCE000.00000040.00000400.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
remote allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
FCE000
|
| Size: |
4096
|
|
|
5444000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3780587968.0000000005444000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5444000
|
| Size: |
4096
|
|
|
B91000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000B.00000000.1499644151.0000000000B91000.00000002.00000001.01000000.00000010.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B91000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
|
|
6454000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1425267325.0000000006454000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6454000
|
| Size: |
843776
|
|
|
61BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.3781726542.00000000061BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
61BE000
|
| Size: |
8192
|
|
|
8D9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.1317722682.00000000008D9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8D9000
|
| Size: |
24576
|
|
|
68AB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000003.1429200744.00000000068AB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
68AB000
|
| Size: |
843776
|
|
|
5BFE000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000B.00000003.1503836918.0000000005BFE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
11
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5BFE000
|
| Size: |
843776
|
|
|
6041000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1348617849.0000000006041000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6041000
|
| Size: |
843776
|
|
