|
12B20000
|
trusted library allocation
|
page read and write
|
 |
|
|
| Name: |
00000000.00000002.932089566.0000000012B20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12B20000
|
| Size: |
94208
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Njrat |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| AV process strings found (often used to terminate AV products) |
Lowering of HIPS / PFW / Operating System Security Settings |
Security Software Discovery
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| Yara signature match |
System Summary |
|
|
|
2AF1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1032729871.0000000002AF1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2AF1000
|
| Size: |
1429504
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Njrat |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| AV process strings found (often used to terminate AV products) |
Lowering of HIPS / PFW / Operating System Security Settings |
Security Software Discovery
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
|
|
532000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.921200713.0000000000532000.00000002.00000001.01000000.00000008.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
532000
|
| Size: |
57344
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Njrat |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| AV process strings found (often used to terminate AV products) |
Lowering of HIPS / PFW / Operating System Security Settings |
Security Software Discovery
|
| Yara signature match |
System Summary |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2B11000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931356710.0000000002B11000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B11000
|
| Size: |
4468736
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Njrat |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| AV process strings found (often used to terminate AV products) |
Lowering of HIPS / PFW / Operating System Security Settings |
Security Software Discovery
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| Yara signature match |
System Summary |
|
|
|
3A16000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1390288424.0000000003A16000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A16000
|
| Size: |
176128
|
|
|
A72000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1358159670.0000000000A72000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
A72000
|
| Size: |
4096
|
|
|
29837F30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3351975216.0000029837F30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29837F30000
|
| Size: |
151552
|
|
|
5084000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000005084000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5084000
|
| Size: |
151552
|
|
|
5670000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3374487097.0000000005670000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5670000
|
| Size: |
65536
|
|
|
D26000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1028291242.0000000000D26000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D26000
|
| Size: |
8192
|
|
|
7B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1344762405.00000000007B0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7B0000
|
| Size: |
4096
|
|
|
F621EFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3345787457.000000F621EFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F621EFE000
|
| Size: |
8192
|
|
|
4BD9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004BD9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4BD9000
|
| Size: |
147456
|
|
|
D24000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930926538.0000000000D24000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
D24000
|
| Size: |
16384
|
|
|
500000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1263285754.0000000000500000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
500000
|
| Size: |
16384
|
|
|
7FFB96776000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3357054535.00007FFB96776000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB96776000
|
| Size: |
4096
|
|
|
16845000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.0000000016845000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16845000
|
| Size: |
151552
|
|
|
2981F607000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3349012830.000002981F607000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2981F607000
|
| Size: |
335872
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
A4EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3382776841.000000000A4EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A4EE000
|
| Size: |
8192
|
|
|
B80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1362434176.0000000000B80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
B80000
|
| Size: |
8192
|
|
|
3A95000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1390288424.0000000003A95000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A95000
|
| Size: |
176128
|
|
|
503D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1374345505.000000000503D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
503D000
|
| Size: |
12288
|
|
|
2F56000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931356710.0000000002F56000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2F56000
|
| Size: |
4096
|
|
|
F621FFC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3345889573.000000F621FFC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F621FFC000
|
| Size: |
16384
|
|
|
16B4A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.0000000016B4A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16B4A000
|
| Size: |
151552
|
|
|
1597000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.3347059303.0000000001597000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1597000
|
| Size: |
4096
|
|
|
E3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1369612442.0000000000E3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E3E000
|
| Size: |
8192
|
|
|
2981DB60000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3348582114.000002981DB60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2981DB60000
|
| Size: |
4096
|
|
|
4481000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004481000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4481000
|
| Size: |
172032
|
|
|
B32D000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3384437927.000000000B32D000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B32D000
|
| Size: |
12288
|
|
|
2981F5CB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3349012830.000002981F5CB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2981F5CB000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
8EEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3380650470.0000000008EEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8EEE000
|
| Size: |
8192
|
|
|
D2A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1028880169.0000000000D2A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D2A000
|
| Size: |
4096
|
|
|
7FFB966ED000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3356921407.00007FFB966ED000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB966ED000
|
| Size: |
8192
|
|
|
9E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1020285693.00000000009E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9E0000
|
| Size: |
94208
|
|
|
8B2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3380336916.0000000008B2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8B2E000
|
| Size: |
8192
|
|
|
A75000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930673306.0000000000A75000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A75000
|
| Size: |
8192
|
|
|
5EDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1090615810.0000000005EDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5EDE000
|
| Size: |
8192
|
|
|
70ED000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3378048768.00000000070ED000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
70ED000
|
| Size: |
12288
|
|
|
7FF48D090000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.933092151.00007FF48D090000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF48D090000
|
| Size: |
4096
|
|
|
690000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1272653375.0000000000690000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
690000
|
| Size: |
4096
|
|
|
29B1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1373180112.00000000029B1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
29B1000
|
| Size: |
4096
|
|
|
2E43000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1467997303.0000000002E43000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E43000
|
| Size: |
2777088
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
2ADD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1373180112.0000000002ADD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2ADD000
|
| Size: |
2093056
|
|
|
2981D990000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3346451437.000002981D990000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2981D990000
|
| Size: |
8192
|
|
|
2981DA62000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3346817983.000002981DA62000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2981DA62000
|
| Size: |
20480
|
|
|
652E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3377195984.000000000652E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
652E000
|
| Size: |
8192
|
|
|
1B6B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932602308.000000001B6B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B6B0000
|
| Size: |
16384
|
|
|
52AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1083086893.00000000052AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
52AE000
|
| Size: |
8192
|
|
|
7AED000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3378961420.0000000007AED000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7AED000
|
| Size: |
12288
|
|
|
1B510000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932534936.000000001B510000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B510000
|
| Size: |
8192
|
|
|
2981F510000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3348867293.000002981F510000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2981F510000
|
| Size: |
65536
|
|
|
142E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3346351215.000000000142E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
142E000
|
| Size: |
8192
|
|
|
7FFB9A973000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.933262224.00007FFB9A973000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9A973000
|
| Size: |
4096
|
|
|
1037000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1464310078.0000000001037000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1037000
|
| Size: |
4096
|
|
|
9DE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1020285693.00000000009DE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9DE000
|
| Size: |
4096
|
|
|
7FFB96860000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3357290841.00007FFB96860000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB96860000
|
| Size: |
24576
|
|
|
15CB000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.3347454318.00000000015CB000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
15CB000
|
| Size: |
4096
|
|
|
5D0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1503020194.0000000005D0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5D0E000
|
| Size: |
8192
|
|
|
BDCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3385257556.000000000BDCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BDCE000
|
| Size: |
8192
|
|
|
F30000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1461868448.0000000000F30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F30000
|
| Size: |
24576
|
|
|
1652000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3347476707.0000000001652000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1652000
|
| Size: |
8192
|
|
|
60B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1272653375.000000000060B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
60B000
|
| Size: |
4096
|
|
|
2981DA8E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3346817983.000002981DA8E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2981DA8E000
|
| Size: |
36864
|
|
|
4751000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004751000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4751000
|
| Size: |
151552
|
|
|
971000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930461021.0000000000971000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
971000
|
| Size: |
212992
|
|
|
15C7000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.3347422649.00000000015C7000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
15C7000
|
| Size: |
4096
|
|
|
92AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3380999198.00000000092AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
92AE000
|
| Size: |
8192
|
|
|
5120000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1496273732.0000000005120000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5120000
|
| Size: |
8192
|
|
|
C6F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1026817177.0000000000C6F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C6F000
|
| Size: |
4096
|
|
|
39B4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1390288424.00000000039B4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39B4000
|
| Size: |
184320
|
|
|
8AEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3380301283.0000000008AEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8AEE000
|
| Size: |
8192
|
|
|
BECE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3385368334.000000000BECE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BECE000
|
| Size: |
8192
|
|
|
4DAD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1080285466.0000000004DAD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4DAD000
|
| Size: |
12288
|
|
|
1B6C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932651773.000000001B6C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B6C0000
|
| Size: |
4096
|
|
|
550F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1444897396.000000000550F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
550F000
|
| Size: |
4096
|
|
|
5A10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3375149368.0000000005A10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5A10000
|
| Size: |
4096
|
|
|
8D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1346323563.00000000008D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8D0000
|
| Size: |
4096
|
|
|
1460000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3346502587.0000000001460000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1460000
|
| Size: |
16384
|
|
|
1582000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.3346899286.0000000001582000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1582000
|
| Size: |
24576
|
|
|
2981F5D8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3349012830.000002981F5D8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2981F5D8000
|
| Size: |
36864
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
535B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.000000000535B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
535B000
|
| Size: |
147456
|
|
|
547F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1377876318.000000000547F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
547F000
|
| Size: |
4096
|
|
|
53CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1444043053.00000000053CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
53CE000
|
| Size: |
8192
|
|
|
ABB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3383760418.000000000ABB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
ABB0000
|
| Size: |
28672
|
|
|
165E5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.00000000165E5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
165E5000
|
| Size: |
20480
|
|
|
3483000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3349659015.0000000003483000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3483000
|
| Size: |
3796992
|
|
|
5F7B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3375456867.0000000005F7B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F7B000
|
| Size: |
221184
|
|
|
5C0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3375203852.0000000005C0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5C0E000
|
| Size: |
8192
|
|
|
E50000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1370448286.0000000000E50000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
E50000
|
| Size: |
4096
|
|
|
29837F79000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3351975216.0000029837F79000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29837F79000
|
| Size: |
4096
|
|
|
5B1E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1088774176.0000000005B1E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5B1E000
|
| Size: |
8192
|
|
|
564E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1445507595.000000000564E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
564E000
|
| Size: |
8192
|
|
|
298380E0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3354674981.00000298380E0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
298380E0000
|
| Size: |
4096
|
|
|
573D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3374727566.000000000573D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
573D000
|
| Size: |
12288
|
|
|
4BD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1423103524.0000000004BD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BD0000
|
| Size: |
4096
|
|
|
15E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3347476707.00000000015E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15E0000
|
| Size: |
28672
|
|
|
2982F531000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3351589960.000002982F531000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2982F531000
|
| Size: |
24576
|
|
|
836D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3379663635.000000000836D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
836D000
|
| Size: |
12288
|
|
|
159A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.3347095205.000000000159A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
159A000
|
| Size: |
4096
|
|
|
3A28000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1358006200.0000000003A28000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A28000
|
| Size: |
180224
|
|
|
1B4A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932514263.000000001B4A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B4A0000
|
| Size: |
4096
|
|
|
7C2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3379081370.0000000007C2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7C2E000
|
| Size: |
8192
|
|
|
39B1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1390288424.00000000039B1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39B1000
|
| Size: |
8192
|
|
|
7FFB966C2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3355817343.00007FFB966C2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB966C2000
|
| Size: |
4096
|
|
|
8D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1280011589.00000000008D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8D0000
|
| Size: |
8192
|
|
|
2981F65A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3349012830.000002981F65A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2981F65A000
|
| Size: |
233472
|
|
|
722E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3378157567.000000000722E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
722E000
|
| Size: |
8192
|
|
|
3AF1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1056582287.0000000003AF1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AF1000
|
| Size: |
8192
|
|
|
1CA6D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932775036.000000001CA6D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1CA6D000
|
| Size: |
12288
|
|
|
3DFC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1056582287.0000000003DFC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DFC000
|
| Size: |
176128
|
|
|
BBB000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1367927762.0000000000BBB000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
BBB000
|
| Size: |
4096
|
|
|
51A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.00000000051A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
51A0000
|
| Size: |
151552
|
|
|
47A8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.00000000047A8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
47A8000
|
| Size: |
151552
|
|
|
20A44000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3392990184.0000000020A44000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
20A44000
|
| Size: |
12288
|
|
|
B82E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3384986866.000000000B82E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B82E000
|
| Size: |
8192
|
|
|
D50000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1444979359.0000000000D50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D50000
|
| Size: |
16384
|
|
|
4C66000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004C66000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4C66000
|
| Size: |
151552
|
|
|
4F2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1081249900.0000000004F2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4F2E000
|
| Size: |
8192
|
|
|
2981F5B8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3349012830.000002981F5B8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2981F5B8000
|
| Size: |
8192
|
|
|
7E6D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3379252445.0000000007E6D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7E6D000
|
| Size: |
12288
|
|
|
1E30B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932893290.000000001E30B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1E30B000
|
| Size: |
20480
|
|
|
5680000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.3374601482.0000000005680000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5680000
|
| Size: |
16384
|
|
|
1004000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1371530625.0000000001004000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1004000
|
| Size: |
49152
|
|
|
B7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930714088.0000000000B7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B7E000
|
| Size: |
8192
|
|
|
10E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1465291194.00000000010E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10E0000
|
| Size: |
16384
|
|
|
ADB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3383906541.000000000ADB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
ADB0000
|
| Size: |
16384
|
|
|
52EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1498039206.00000000052EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
52EE000
|
| Size: |
8192
|
|
|
4CCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1079028270.0000000004CCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4CCE000
|
| Size: |
8192
|
|
|
3FC9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1487100647.0000000003FC9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3FC9000
|
| Size: |
151552
|
|
|
905000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1019250673.0000000000905000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
905000
|
| Size: |
12288
|
|
|
8DA000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1282638861.00000000008DA000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
8DA000
|
| Size: |
4096
|
|
|
4C6D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1426546452.0000000004C6D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C6D000
|
| Size: |
12288
|
|
|
601F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1091150003.000000000601F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
601F000
|
| Size: |
4096
|
|
|
AFED000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3384028157.000000000AFED000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
AFED000
|
| Size: |
12288
|
|
|
822D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3379561762.000000000822D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
822D000
|
| Size: |
12288
|
|
|
6D2D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3377743441.0000000006D2D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6D2D000
|
| Size: |
12288
|
|
|
A0A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930510298.0000000000A0A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A0A000
|
| Size: |
20480
|
|
|
AB2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3383630939.000000000AB2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
AB2E000
|
| Size: |
8192
|
|
|
1050000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1372754684.0000000001050000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1050000
|
| Size: |
16384
|
|
|
1340000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1466326902.0000000001340000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1340000
|
| Size: |
12288
|
|
|
5C9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1089191141.0000000005C9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5C9E000
|
| Size: |
8192
|
|
|
570D000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1500748029.000000000570D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
570D000
|
| Size: |
12288
|
|
|
4D00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1080149456.0000000004D00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4D00000
|
| Size: |
8192
|
|
|
37C4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1358006200.00000000037C4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37C4000
|
| Size: |
8192
|
|
|
5ED0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3375456867.0000000005ED0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5ED0000
|
| Size: |
438272
|
|
|
5F8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1272653375.00000000005F8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F8000
|
| Size: |
73728
|
|
|
A10000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1295391185.0000000000A10000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
A10000
|
| Size: |
8192
|
|
|
FD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3345882560.0000000000FD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FD0000
|
| Size: |
8192
|
|
|
8F2000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1283072764.00000000008F2000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
8F2000
|
| Size: |
4096
|
|
|
7FFB9AA1A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.933380119.00007FFB9AA1A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AA1A000
|
| Size: |
4096
|
|
|
55CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1499819621.00000000055CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
55CE000
|
| Size: |
8192
|
|
|
158A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.3346960267.000000000158A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
158A000
|
| Size: |
4096
|
|
|
6AE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3377644078.0000000006AE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6AE0000
|
| Size: |
4096
|
|
|
16501000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.0000000016501000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16501000
|
| Size: |
147456
|
|
|
A8AD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3383340202.000000000A8AD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A8AD000
|
| Size: |
12288
|
|
|
BB7000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1367050656.0000000000BB7000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
BB7000
|
| Size: |
4096
|
|
|
7FFB9A96F000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.933241356.00007FFB9A96F000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9A96F000
|
| Size: |
4096
|
|
|
4B2C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004B2C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4B2C000
|
| Size: |
147456
|
|
|
16B13000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.0000000016B13000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16B13000
|
| Size: |
151552
|
|
|
7FFB9AAF0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.933537783.00007FFB9AAF0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AAF0000
|
| Size: |
20480
|
|
|
D20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1028070538.0000000000D20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
D20000
|
| Size: |
8192
|
|
|
247F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1318330713.000000000247F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
247F000
|
| Size: |
4096
|
|
|
E20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931212734.0000000000E20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E20000
|
| Size: |
16384
|
|
|
538D000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1498269742.000000000538D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
538D000
|
| Size: |
12288
|
|
|
16C6F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.0000000016C6F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16C6F000
|
| Size: |
147456
|
|
|
7AAD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3378917253.0000000007AAD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7AAD000
|
| Size: |
12288
|
|
|
169D8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.00000000169D8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
169D8000
|
| Size: |
151552
|
|
|
4AAF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1420340621.0000000004AAF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4AAF000
|
| Size: |
4096
|
|
|
53EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1084022492.00000000053EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
53EE000
|
| Size: |
8192
|
|
|
653000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1272653375.0000000000653000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
653000
|
| Size: |
167936
|
|
|
6860000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1387774923.0000000006860000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6860000
|
| Size: |
81920
|
|
|
F4D000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1461868448.0000000000F4D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F4D000
|
| Size: |
61440
|
|
|
A9EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3383512915.000000000A9EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A9EE000
|
| Size: |
8192
|
|
|
1110000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1465626997.0000000001110000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1110000
|
| Size: |
16384
|
|
|
B82000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1362832062.0000000000B82000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
B82000
|
| Size: |
12288
|
|
|
3B09000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1358006200.0000000003B09000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B09000
|
| Size: |
176128
|
|
|
7FFB9A960000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.933202816.00007FFB9A960000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9A960000
|
| Size: |
4096
|
|
|
1655000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3347476707.0000000001655000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1655000
|
| Size: |
36864
|
|
|
5FEC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3375456867.0000000005FEC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5FEC000
|
| Size: |
4096
|
|
|
89EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3380238058.00000000089EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
89EE000
|
| Size: |
8192
|
|
|
907000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1283215707.0000000000907000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
907000
|
| Size: |
4096
|
|
|
A20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1301928058.0000000000A20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A20000
|
| Size: |
8192
|
|
|
A40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1024861505.0000000000A40000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A40000
|
| Size: |
4096
|
|
|
8F9000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1016862428.00000000008F9000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8F9000
|
| Size: |
28672
|
|
|
3F70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1487100647.0000000003F70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F70000
|
| Size: |
155648
|
|
|
70AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3378010434.00000000070AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
70AE000
|
| Size: |
8192
|
|
|
107E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1464964184.000000000107E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
107E000
|
| Size: |
8192
|
|
|
5F1E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1090927511.0000000005F1E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5F1E000
|
| Size: |
8192
|
|
|
C80000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.930753833.0000000000C80000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
C80000
|
| Size: |
4096
|
|
|
7FFB9AA02000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.933305389.00007FFB9AA02000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AA02000
|
| Size: |
4096
|
|
|
347D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3349607061.000000000347D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
347D000
|
| Size: |
12288
|
|
|
580E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1501344412.000000000580E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
580E000
|
| Size: |
8192
|
|
|
7FEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3379400446.0000000007FEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7FEE000
|
| Size: |
8192
|
|
|
2CDF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1373180112.0000000002CDF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CDF000
|
| Size: |
606208
|
|
|
2981F5C5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3349012830.000002981F5C5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2981F5C5000
|
| Size: |
8192
|
|
|
20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930059130.0000000000020000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
20000
|
| Size: |
8192
|
|
|
4CA6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004CA6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4CA6000
|
| Size: |
147456
|
|
|
4E51000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004E51000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4E51000
|
| Size: |
20480
|
|
|
554E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1445260321.000000000554E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
554E000
|
| Size: |
8192
|
|
|
6BEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3377698650.0000000006BEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6BEE000
|
| Size: |
8192
|
|
|
400000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.870608791.0000000000400000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
400000
|
| Size: |
4096
|
|
|
2983800D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3353719380.000002983800D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2983800D000
|
| Size: |
24576
|
|
|
8BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1277995629.00000000008BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8BF000
|
| Size: |
4096
|
|
|
C4CD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3385852589.000000000C4CD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C4CD000
|
| Size: |
12288
|
|
|
1572000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.3346740011.0000000001572000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1572000
|
| Size: |
8192
|
|
|
540E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1444480530.000000000540E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
540E000
|
| Size: |
8192
|
|
|
E00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931133186.0000000000E00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
E00000
|
| Size: |
65536
|
|
|
157A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.3346783659.000000000157A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
157A000
|
| Size: |
8192
|
|
|
7FFB9AA1D000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.933399020.00007FFB9AA1D000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AA1D000
|
| Size: |
4096
|
|
|
337D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3349536476.000000000337D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
337D000
|
| Size: |
12288
|
|
|
65B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1343366422.000000000065B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
65B000
|
| Size: |
20480
|
|
|
514E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1442846031.000000000514E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
514E000
|
| Size: |
8192
|
|
|
2D74000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1373180112.0000000002D74000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D74000
|
| Size: |
126976
|
|
|
2981F5C8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3349012830.000002981F5C8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2981F5C8000
|
| Size: |
8192
|
|
|
15B2000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.3347294672.00000000015B2000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
15B2000
|
| Size: |
4096
|
|
|
4F6000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1262821177.00000000004F6000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4F6000
|
| Size: |
40960
|
|
|
1B6E4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932651773.000000001B6E4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B6E4000
|
| Size: |
16384
|
|
|
5B5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1088873641.0000000005B5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5B5E000
|
| Size: |
8192
|
|
|
2E91000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1032729871.0000000002E91000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E91000
|
| Size: |
163840
|
|
|
C00E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3385476409.000000000C00E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C00E000
|
| Size: |
8192
|
|
|
67D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1272653375.000000000067D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67D000
|
| Size: |
65536
|
|
|
5690000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1086667143.0000000005690000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5690000
|
| Size: |
241664
|
|
|
D55000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1444979359.0000000000D55000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D55000
|
| Size: |
12288
|
|
|
1B40A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932457718.000000001B40A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B40A000
|
| Size: |
24576
|
|
|
12B17000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932089566.0000000012B17000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12B17000
|
| Size: |
28672
|
|
|
93E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1020285693.000000000093E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
93E000
|
| Size: |
180224
|
|
|
EBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1032176843.0000000000EBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
EBF000
|
| Size: |
4096
|
|
|
513E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1375573120.000000000513E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
513E000
|
| Size: |
8192
|
|
|
1590000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3347031906.0000000001590000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1590000
|
| Size: |
4096
|
|
|
4D6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1433109633.0000000004D6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4D6E000
|
| Size: |
8192
|
|
|
16BC2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.0000000016BC2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16BC2000
|
| Size: |
147456
|
|
|
7FFB966D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3356453936.00007FFB966D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB966D0000
|
| Size: |
4096
|
|
|
3907000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1358006200.0000000003907000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3907000
|
| Size: |
180224
|
|
|
E8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1447065315.0000000000E8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E8E000
|
| Size: |
8192
|
|
|
55F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1084489939.00000000055F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55F1000
|
| Size: |
98304
|
|
|
7BED000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3379029955.0000000007BED000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7BED000
|
| Size: |
12288
|
|
|
A50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1357042738.0000000000A50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A50000
|
| Size: |
8192
|
|
|
2981DB23000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3348431685.000002981DB23000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2981DB23000
|
| Size: |
53248
|
|
|
3B77000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1056582287.0000000003B77000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B77000
|
| Size: |
180224
|
|
|
2C4F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1032729871.0000000002C4F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C4F000
|
| Size: |
2347008
|
|
|
772E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3378579046.000000000772E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
772E000
|
| Size: |
8192
|
|
|
590000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1267422261.0000000000590000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
590000
|
| Size: |
4096
|
|
|
5D4D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3375301100.0000000005D4D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5D4D000
|
| Size: |
12288
|
|
|
F5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1370969770.0000000000F5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F5E000
|
| Size: |
8192
|
|
|
38A7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1358006200.00000000038A7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
38A7000
|
| Size: |
176128
|
|
|
4C10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004C10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4C10000
|
| Size: |
53248
|
|
|
3AF5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1390288424.0000000003AF5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AF5000
|
| Size: |
176128
|
|
|
407A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1487100647.000000000407A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
407A000
|
| Size: |
151552
|
|
|
9FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1288300622.00000000009FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9FE000
|
| Size: |
8192
|
|
|
15E8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3347476707.00000000015E8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15E8000
|
| Size: |
16384
|
|
|
910000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930310517.0000000000910000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
910000
|
| Size: |
20480
|
|
|
13E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3346197168.00000000013E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13E0000
|
| Size: |
16384
|
|
|
45F5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.00000000045F5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
45F5000
|
| Size: |
151552
|
|
|
1B3ED000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932435677.000000001B3ED000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B3ED000
|
| Size: |
12288
|
|
|
6850000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1387774923.0000000006850000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6850000
|
| Size: |
12288
|
|
|
AFF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3384078639.000000000AFF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AFF0000
|
| Size: |
4096
|
|
|
3A89000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1358006200.0000000003A89000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A89000
|
| Size: |
40960
|
|
|
37C1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1358006200.00000000037C1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37C1000
|
| Size: |
8192
|
|
|
29837C70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3351766634.0000029837C70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29837C70000
|
| Size: |
12288
|
|
|
7FFB966EB000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3356887828.00007FFB966EB000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB966EB000
|
| Size: |
4096
|
|
|
4F13000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004F13000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4F13000
|
| Size: |
147456
|
|
|
A8EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3383413876.000000000A8EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A8EE000
|
| Size: |
8192
|
|
|
786D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3378733575.000000000786D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
786D000
|
| Size: |
12288
|
|
|
88AD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3380137663.00000000088AD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
88AD000
|
| Size: |
12288
|
|
|
1580000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3346847637.0000000001580000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1580000
|
| Size: |
8192
|
|
|
49C4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.00000000049C4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
49C4000
|
| Size: |
151552
|
|
|
8C2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3380401771.0000000008C2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C2E000
|
| Size: |
8192
|
|
|
29837FF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3353719380.0000029837FF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29837FF0000
|
| Size: |
110592
|
|
|
F63000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1461868448.0000000000F63000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F63000
|
| Size: |
278528
|
|
|
9AE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930510298.00000000009AE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9AE000
|
| Size: |
8192
|
|
|
8CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1345836778.00000000008CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8CE000
|
| Size: |
8192
|
|
|
578F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1448030941.000000000578F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
578F000
|
| Size: |
4096
|
|
|
FA8000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1461868448.0000000000FA8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FA8000
|
| Size: |
4096
|
|
|
7FFB9AA82000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.933445408.00007FFB9AA82000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AA82000
|
| Size: |
20480
|
|
|
4AAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1370929748.0000000004AAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4AAE000
|
| Size: |
8192
|
|
|
4EA5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004EA5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4EA5000
|
| Size: |
147456
|
|
|
B6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1026671257.0000000000B6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B6E000
|
| Size: |
8192
|
|
|
5DCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3375383673.0000000005DCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5DCE000
|
| Size: |
8192
|
|
|
4AD5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004AD5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4AD5000
|
| Size: |
151552
|
|
|
6FAD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3377945263.0000000006FAD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6FAD000
|
| Size: |
12288
|
|
|
5150000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1497169544.0000000005150000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5150000
|
| Size: |
4096
|
|
|
167CF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.00000000167CF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
167CF000
|
| Size: |
20480
|
|
|
7FFB966C4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3356047685.00007FFB966C4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB966C4000
|
| Size: |
12288
|
|
|
F6227FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3346039309.000000F6227FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F6227FE000
|
| Size: |
8192
|
|
|
2981D9E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3346527166.000002981D9E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2981D9E0000
|
| Size: |
8192
|
|
|
62CC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3376980954.00000000062CC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
62CC000
|
| Size: |
16384
|
|
|
3BC9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1358006200.0000000003BC9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BC9000
|
| Size: |
180224
|
|
|
7FF48D080000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.933071382.00007FF48D080000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF48D080000
|
| Size: |
4096
|
|
|
4514000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004514000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4514000
|
| Size: |
20480
|
|
|
630D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3377037828.000000000630D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
630D000
|
| Size: |
12288
|
|
|
7FFB9AA90000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.933471576.00007FFB9AA90000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AA90000
|
| Size: |
12288
|
|
|
7FFB9A952000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.933176195.00007FFB9A952000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9A952000
|
| Size: |
45056
|
|
|
2981DA00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3346582954.000002981DA00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2981DA00000
|
| Size: |
4096
|
|
|
ABAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3383722579.000000000ABAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
ABAE000
|
| Size: |
8192
|
|
|
9A8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930510298.00000000009A8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9A8000
|
| Size: |
20480
|
|
|
7FFB9671C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3356967186.00007FFB9671C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9671C000
|
| Size: |
12288
|
|
|
3AC8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1358006200.0000000003AC8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AC8000
|
| Size: |
180224
|
|
|
4545000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004545000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4545000
|
| Size: |
155648
|
|
|
6E2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3377809341.0000000006E2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6E2E000
|
| Size: |
8192
|
|
|
29837FE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3353719380.0000029837FE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29837FE0000
|
| Size: |
4096
|
|
|
55D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1500069325.00000000055D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55D0000
|
| Size: |
208896
|
|
|
29837F56000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3351975216.0000029837F56000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29837F56000
|
| Size: |
12288
|
|
|
CF6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930851853.0000000000CF6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
CF6000
|
| Size: |
8192
|
|
|
16C51000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.0000000016C51000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16C51000
|
| Size: |
12288
|
|
|
29B3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1373180112.00000000029B3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
29B3000
|
| Size: |
1216512
|
|
|
29837F2E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3351975216.0000029837F2E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29837F2E000
|
| Size: |
4096
|
|
|
CEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1027176576.0000000000CEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
CEE000
|
| Size: |
8192
|
|
|
A3EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3382694356.000000000A3EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A3EE000
|
| Size: |
8192
|
|
|
3D5B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1056582287.0000000003D5B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D5B000
|
| Size: |
180224
|
|
|
84ED000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3379808092.00000000084ED000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
84ED000
|
| Size: |
12288
|
|
|
DF4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931057311.0000000000DF4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
DF4000
|
| Size: |
20480
|
|
|
1CB6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932795542.000000001CB6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1CB6E000
|
| Size: |
8192
|
|
|
1010000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1372270026.0000000001010000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1010000
|
| Size: |
8192
|
|
|
1B61D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932573128.000000001B61D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1B61D000
|
| Size: |
12288
|
|
|
29837F5A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3351975216.0000029837F5A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29837F5A000
|
| Size: |
122880
|
|
|
D43000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.930994767.0000000000D43000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
D43000
|
| Size: |
4096
|
|
|
7FFB9AA0A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.933324847.00007FFB9AA0A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AA0A000
|
| Size: |
8192
|
|
|
54FD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3374347570.00000000054FD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
54FD000
|
| Size: |
12288
|
|
|
68FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3377407770.00000000068FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
68FE000
|
| Size: |
8192
|
|
|
97E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1286431373.000000000097E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
97E000
|
| Size: |
8192
|
|
|
862E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3379919635.000000000862E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
862E000
|
| Size: |
8192
|
|
|
5A0D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3375108003.0000000005A0D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5A0D000
|
| Size: |
12288
|
|
|
F0A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1454648242.0000000000F0A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
F0A000
|
| Size: |
4096
|
|
|
84AD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3379767031.00000000084AD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
84AD000
|
| Size: |
12288
|
|
|
9B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1020285693.00000000009B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9B0000
|
| Size: |
143360
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
900000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1019250673.0000000000900000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
900000
|
| Size: |
16384
|
|
|
13E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3346197168.00000000013E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13E5000
|
| Size: |
12288
|
|
|
3968000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1358006200.0000000003968000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3968000
|
| Size: |
176128
|
|
|
AD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1311588467.0000000000AD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD0000
|
| Size: |
16384
|
|
|
16722000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.0000000016722000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16722000
|
| Size: |
20480
|
|
|
AFAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3383993169.000000000AFAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
AFAE000
|
| Size: |
8192
|
|
|
93B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1020285693.000000000093B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
93B000
|
| Size: |
4096
|
|
|
A80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1358745678.0000000000A80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A80000
|
| Size: |
24576
|
|
|
4B63000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004B63000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4B63000
|
| Size: |
147456
|
|
|
2981F603000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3349012830.000002981F603000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2981F603000
|
| Size: |
4096
|
|
|
1020000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1372493781.0000000001020000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1020000
|
| Size: |
8192
|
|
|
4EBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1372971846.0000000004EBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4EBE000
|
| Size: |
8192
|
|
|
53C9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.00000000053C9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
53C9000
|
| Size: |
151552
|
|
|
693E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3377448046.000000000693E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
693E000
|
| Size: |
8192
|
|
|
2981F520000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3348988954.000002981F520000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
2981F520000
|
| Size: |
4096
|
|
|
B01A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3384208821.000000000B01A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B01A000
|
| Size: |
40960
|
|
|
6A3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3377505300.0000000006A3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6A3E000
|
| Size: |
8192
|
|
|
4F69000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004F69000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4F69000
|
| Size: |
151552
|
|
|
7FFB966E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3356800679.00007FFB966E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB966E0000
|
| Size: |
4096
|
|
|
3BB4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1390288424.0000000003BB4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BB4000
|
| Size: |
176128
|
|
|
29839140000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3355005171.0000029839140000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29839140000
|
| Size: |
184320
|
|
|
1450000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3346431648.0000000001450000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1450000
|
| Size: |
8192
|
|
|
B9A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1365678742.0000000000B9A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
B9A000
|
| Size: |
4096
|
|
|
812D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3379495604.000000000812D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
812D000
|
| Size: |
12288
|
|
|
51DF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.00000000051DF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
51DF000
|
| Size: |
147456
|
|
|
AB6D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3383669411.000000000AB6D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
AB6D000
|
| Size: |
12288
|
|
|
B46E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3384581401.000000000B46E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B46E000
|
| Size: |
8192
|
|
|
4E48000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1494627653.0000000004E48000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4E48000
|
| Size: |
4096
|
|
|
50DB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.00000000050DB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
50DB000
|
| Size: |
20480
|
|
|
F22000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1460893237.0000000000F22000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
F22000
|
| Size: |
4096
|
|
|
16CC6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.0000000016CC6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16CC6000
|
| Size: |
4096
|
|
|
80ED000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3379458206.00000000080ED000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
80ED000
|
| Size: |
12288
|
|
|
A9B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1358745678.0000000000A9B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A9B000
|
| Size: |
4096
|
|
|
7FFB966E4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3356831315.00007FFB966E4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB966E4000
|
| Size: |
4096
|
|
|
8D6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3380501581.0000000008D6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8D6E000
|
| Size: |
8192
|
|
|
165F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3348424012.000000000165F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
165F000
|
| Size: |
237568
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
1E310000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932912139.000000001E310000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E310000
|
| Size: |
147456
|
|
|
67FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3377341593.00000000067FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
67FE000
|
| Size: |
8192
|
|
|
4CF0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1080019717.0000000004CF0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CF0000
|
| Size: |
8192
|
|
|
6AD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3377608255.0000000006AD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6AD0000
|
| Size: |
4096
|
|
|
1E20E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932872312.000000001E20E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1E20E000
|
| Size: |
8192
|
|
|
16741000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.0000000016741000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16741000
|
| Size: |
147456
|
|
|
7FFB9AAD0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.933492667.00007FFB9AAD0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AAD0000
|
| Size: |
65536
|
|
|
4A1B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004A1B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4A1B000
|
| Size: |
151552
|
|
|
47FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1369516712.00000000047FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47FE000
|
| Size: |
8192
|
|
|
B8AD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3385070516.000000000B8AD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B8AD000
|
| Size: |
12288
|
|
|
4C7D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1372022059.0000000004C7D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C7D000
|
| Size: |
12288
|
|
|
2983B880000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3355687673.000002983B880000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2983B880000
|
| Size: |
4096
|
|
|
3C73000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1390288424.0000000003C73000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C73000
|
| Size: |
172032
|
|
|
29838135000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3354756670.0000029838135000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29838135000
|
| Size: |
40960
|
|
|
4DE2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004DE2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4DE2000
|
| Size: |
151552
|
|
|
4FDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1495005124.0000000004FDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4FDE000
|
| Size: |
8192
|
|
|
3AF4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1056582287.0000000003AF4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AF4000
|
| Size: |
8192
|
|
|
75ED000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3378469713.00000000075ED000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
75ED000
|
| Size: |
12288
|
|
|
3CB9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1056582287.0000000003CB9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3CB9000
|
| Size: |
180224
|
|
|
93B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930310517.000000000093B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
93B000
|
| Size: |
12288
|
|
|
736E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3378261920.000000000736E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
736E000
|
| Size: |
8192
|
|
|
F6A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3345671868.0000000000F6A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F6A000
|
| Size: |
24576
|
|
|
D40000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.930994767.0000000000D40000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
D40000
|
| Size: |
4096
|
|
|
9EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1353574065.00000000009EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9EF000
|
| Size: |
4096
|
|
|
7FFB96780000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3357144005.00007FFB96780000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB96780000
|
| Size: |
4096
|
|
|
B20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1025344943.0000000000B20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B20000
|
| Size: |
8192
|
|
|
565E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3374452878.000000000565E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
565E000
|
| Size: |
8192
|
|
|
7EAD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3379294281.0000000007EAD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7EAD000
|
| Size: |
12288
|
|
|
5571000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1084489939.0000000005571000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5571000
|
| Size: |
135168
|
|
|
3E41000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1487100647.0000000003E41000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E41000
|
| Size: |
8192
|
|
|
5F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1272653375.00000000005F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F0000
|
| Size: |
24576
|
|
|
4DE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1080636369.0000000004DE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE0000
|
| Size: |
4096
|
|
|
4FA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004FA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4FA0000
|
| Size: |
147456
|
|
|
D36000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1444708664.0000000000D36000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
D36000
|
| Size: |
40960
|
|
|
5130000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1496854795.0000000005130000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5130000
|
| Size: |
8192
|
|
|
C28E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3385682966.000000000C28E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C28E000
|
| Size: |
8192
|
|
|
1694A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.000000001694A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1694A000
|
| Size: |
151552
|
|
|
31A4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1467997303.00000000031A4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
31A4000
|
| Size: |
258048
|
|
|
16DC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3348424012.00000000016DC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16DC000
|
| Size: |
12288
|
|
|
2981DC00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3348742067.000002981DC00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2981DC00000
|
| Size: |
4096
|
|
|
2981D870000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3346268763.000002981D870000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2981D870000
|
| Size: |
4096
|
|
|
4A9E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004A9E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4A9E000
|
| Size: |
147456
|
|
|
AB3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1358745678.0000000000AB3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AB3000
|
| Size: |
278528
|
|
|
5A8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1501853943.0000000005A8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5A8E000
|
| Size: |
8192
|
|
|
1467000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3346502587.0000000001467000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1467000
|
| Size: |
28672
|
|
|
5740000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.3374770776.0000000005740000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5740000
|
| Size: |
12288
|
|
|
15BA000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.3347326960.00000000015BA000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
15BA000
|
| Size: |
4096
|
|
|
3B69000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1358006200.0000000003B69000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B69000
|
| Size: |
176128
|
|
|
2981D970000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3346369589.000002981D970000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2981D970000
|
| Size: |
12288
|
|
|
4CE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1079487534.0000000004CE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4CE0000
|
| Size: |
65536
|
|
|
5181000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1376065266.0000000005181000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5181000
|
| Size: |
4096
|
|
|
732D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3378218526.000000000732D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
732D000
|
| Size: |
12288
|
|
|
D2C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1028998494.0000000000D2C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D2C000
|
| Size: |
4096
|
|
|
9D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1020285693.00000000009D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9D4000
|
| Size: |
20480
|
|
|
2981D7E2000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000001.00000000.920604307.000002981D7E2000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
2981D7E2000
|
| Size: |
12288
|
|
|
2981F5B5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3349012830.000002981F5B5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2981F5B5000
|
| Size: |
8192
|
|
|
A52E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3382844792.000000000A52E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A52E000
|
| Size: |
8192
|
|
|
5ECE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3375418557.0000000005ECE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5ECE000
|
| Size: |
8192
|
|
|
506D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1081680272.000000000506D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
506D000
|
| Size: |
12288
|
|
|
6F6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3377909215.0000000006F6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6F6E000
|
| Size: |
8192
|
|
|
D42000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1029812985.0000000000D42000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D42000
|
| Size: |
4096
|
|
|
7FFB9A94A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.933136060.00007FFB9A94A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9A94A000
|
| Size: |
4096
|
|
|
46FA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.00000000046FA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
46FA000
|
| Size: |
151552
|
|
|
C4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1368926631.0000000000C4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C4E000
|
| Size: |
8192
|
|
|
586E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3375008963.000000000586E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
586E000
|
| Size: |
8192
|
|
|
169F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3348424012.000000000169F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
169F000
|
| Size: |
8192
|
|
|
E90000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1448054483.0000000000E90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E90000
|
| Size: |
4096
|
|
|
3A55000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1390288424.0000000003A55000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A55000
|
| Size: |
49152
|
|
|
3B54000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1390288424.0000000003B54000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B54000
|
| Size: |
176128
|
|
|
29837CA3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3351879135.0000029837CA3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29837CA3000
|
| Size: |
16384
|
|
|
F6220FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3345972926.000000F6220FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F6220FF000
|
| Size: |
4096
|
|
|
169B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3348424012.000000000169B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
169B000
|
| Size: |
8192
|
|
|
548D000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1498852186.000000000548D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
548D000
|
| Size: |
12288
|
|
|
52AD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.00000000052AD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
52AD000
|
| Size: |
147456
|
|
|
916E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3380876543.000000000916E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
916E000
|
| Size: |
8192
|
|
|
8D6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1281508937.00000000008D6000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
8D6000
|
| Size: |
4096
|
|
|
5841000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1381032158.0000000005841000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5841000
|
| Size: |
1556480
|
|
|
1B6B5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932602308.000000001B6B5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B6B5000
|
| Size: |
40960
|
|
|
2981DC40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3348764721.000002981DC40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2981DC40000
|
| Size: |
12288
|
|
|
7FFB9AA10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.933343992.00007FFB9AA10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AA10000
|
| Size: |
4096
|
|
|
537E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1377310201.000000000537E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
537E000
|
| Size: |
8192
|
|
|
4BAF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1421398135.0000000004BAF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4BAF000
|
| Size: |
4096
|
|
|
1000000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1371530625.0000000001000000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1000000
|
| Size: |
12288
|
|
|
D20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930926538.0000000000D20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
D20000
|
| Size: |
4096
|
|
|
5408000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000005408000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5408000
|
| Size: |
147456
|
|
|
7FFB96770000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3357025658.00007FFB96770000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB96770000
|
| Size: |
4096
|
|
|
158C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.3346998593.000000000158C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
158C000
|
| Size: |
4096
|
|
|
94B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930310517.000000000094B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
94B000
|
| Size: |
151552
|
|
|
8EA000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1282862211.00000000008EA000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
8EA000
|
| Size: |
4096
|
|
|
54BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1378617568.00000000054BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
54BE000
|
| Size: |
8192
|
|
|
9F8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1020285693.00000000009F8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9F8000
|
| Size: |
4096
|
|
|
40D3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1487100647.00000000040D3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
40D3000
|
| Size: |
151552
|
|
|
504D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1442249928.000000000504D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
504D000
|
| Size: |
12288
|
|
|
3D1A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1056582287.0000000003D1A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3D1A000
|
| Size: |
180224
|
|
|
2E41000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1467997303.0000000002E41000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E41000
|
| Size: |
4096
|
|
|
7FFB966DD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3356723416.00007FFB966DD000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB966DD000
|
| Size: |
12288
|
|
|
54CD000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1499186943.00000000054CD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
54CD000
|
| Size: |
12288
|
|
|
55B2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1084489939.00000000055B2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
55B2000
|
| Size: |
135168
|
|
|
16C19000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.0000000016C19000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16C19000
|
| Size: |
151552
|
|
|
B5AD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3384716848.000000000B5AD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B5AD000
|
| Size: |
12288
|
|
|
54BD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3374307514.00000000054BD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
54BD000
|
| Size: |
12288
|
|
|
52ED000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1083579454.00000000052ED000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
52ED000
|
| Size: |
12288
|
|
|
7FAD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3379358271.0000000007FAD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7FAD000
|
| Size: |
12288
|
|
|
2981DA15000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3346646274.000002981DA15000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2981DA15000
|
| Size: |
40960
|
|
|
9DA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1020285693.00000000009DA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9DA000
|
| Size: |
12288
|
|
|
1CD6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932852405.000000001CD6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1CD6E000
|
| Size: |
8192
|
|
|
495E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1369857134.000000000495E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
495E000
|
| Size: |
8192
|
|
|
7FFB9A966000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.933222386.00007FFB9A966000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9A966000
|
| Size: |
4096
|
|
|
598E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1501700517.000000000598E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
598E000
|
| Size: |
8192
|
|
|
E25000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931212734.0000000000E25000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E25000
|
| Size: |
40960
|
|
|
D2A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930926538.0000000000D2A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
D2A000
|
| Size: |
24576
|
|
|
2981DBF0000
|
trusted library section
|
page readonly
|
|
|
|
| Name: |
00000001.00000002.3348673767.000002981DBF0000.00000002.08000000.00040000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page readonly
|
| Base address: |
2981DBF0000
|
| Size: |
4096
|
|
|
46C4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.00000000046C4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
46C4000
|
| Size: |
12288
|
|
|
61CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3376797867.00000000061CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
61CE000
|
| Size: |
8192
|
|
|
27AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1032614321.00000000027AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
27AE000
|
| Size: |
8192
|
|
|
8FA000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1283190498.00000000008FA000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
8FA000
|
| Size: |
4096
|
|
|
E1A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931158551.0000000000E1A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
E1A000
|
| Size: |
24576
|
|
|
8E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1347737783.00000000008E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8E5000
|
| Size: |
12288
|
|
|
B86000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1362832062.0000000000B86000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
B86000
|
| Size: |
4096
|
|
|
4EFC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004EFC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4EFC000
|
| Size: |
16384
|
|
|
3C13000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1390288424.0000000003C13000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C13000
|
| Size: |
176128
|
|
|
12B11000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932089566.0000000012B11000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12B11000
|
| Size: |
12288
|
|
|
F1A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1460233135.0000000000F1A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
F1A000
|
| Size: |
4096
|
|
|
2981F5F7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3349012830.000002981F5F7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2981F5F7000
|
| Size: |
4096
|
|
|
16ABE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.0000000016ABE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16ABE000
|
| Size: |
147456
|
|
|
4C80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1372273775.0000000004C80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4C80000
|
| Size: |
4096
|
|
|
A76E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3383194393.000000000A76E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A76E000
|
| Size: |
8192
|
|
|
2981D7E6000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000001.00000000.920633932.000002981D7E6000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
2981D7E6000
|
| Size: |
4096
|
|
|
402000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.870625252.0000000000402000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
402000
|
| Size: |
20480
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
1B400000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932457718.000000001B400000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1B400000
|
| Size: |
32768
|
|
|
B8A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1364886466.0000000000B8A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
B8A000
|
| Size: |
4096
|
|
|
7FFB9A9A4000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.933281095.00007FFB9A9A4000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9A9A4000
|
| Size: |
4096
|
|
|
9B1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930510298.00000000009B1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9B1000
|
| Size: |
45056
|
|
|
C24E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3385645260.000000000C24E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C24E000
|
| Size: |
8192
|
|
|
74AD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3378364111.00000000074AD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
74AD000
|
| Size: |
12288
|
|
|
5169000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000005169000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5169000
|
| Size: |
147456
|
|
|
584E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1501469214.000000000584E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
584E000
|
| Size: |
8192
|
|
|
916000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930310517.0000000000916000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
916000
|
| Size: |
147456
|
|
|
5D9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1090079366.0000000005D9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5D9E000
|
| Size: |
8192
|
|
|
B86E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3385038201.000000000B86E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B86E000
|
| Size: |
8192
|
|
|
EFA000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1449207393.0000000000EFA000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
EFA000
|
| Size: |
8192
|
|
|
131F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1466072019.000000000131F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
131F000
|
| Size: |
4096
|
|
|
4D6B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004D6B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4D6B000
|
| Size: |
147456
|
|
|
5140000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1376065266.0000000005140000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5140000
|
| Size: |
241664
|
|
|
7FFB96880000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3357546284.00007FFB96880000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB96880000
|
| Size: |
4096
|
|
|
3E66000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1487100647.0000000003E66000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E66000
|
| Size: |
155648
|
|
|
528F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1443341637.000000000528F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
528F000
|
| Size: |
4096
|
|
|
400000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000002.930078168.0000000000400000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
400000
|
| Size: |
4096
|
|
|
C38E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3385743873.000000000C38E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C38E000
|
| Size: |
8192
|
|
|
872D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3379978924.000000000872D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
872D000
|
| Size: |
12288
|
|
|
4FD7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004FD7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4FD7000
|
| Size: |
151552
|
|
|
1CC6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932829455.000000001CC6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1CC6E000
|
| Size: |
8192
|
|
|
4D34000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004D34000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4D34000
|
| Size: |
147456
|
|
|
5BCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1502156767.0000000005BCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5BCE000
|
| Size: |
8192
|
|
|
BA2000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1366000147.0000000000BA2000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
BA2000
|
| Size: |
4096
|
|
|
51ED000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1497650979.00000000051ED000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
51ED000
|
| Size: |
12288
|
|
|
8C2000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1278424091.00000000008C2000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
8C2000
|
| Size: |
4096
|
|
|
756000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1344257837.0000000000756000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
756000
|
| Size: |
40960
|
|
|
16538000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.0000000016538000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16538000
|
| Size: |
147456
|
|
|
2981DA20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3346817983.000002981DA20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2981DA20000
|
| Size: |
20480
|
|
|
782E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3378651821.000000000782E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
782E000
|
| Size: |
8192
|
|
|
2981F5BE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3349012830.000002981F5BE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2981F5BE000
|
| Size: |
12288
|
|
|
29838130000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3354756670.0000029838130000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29838130000
|
| Size: |
16384
|
|
|
B8C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1365397115.0000000000B8C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
B8C000
|
| Size: |
4096
|
|
|
6310000
|
unclassified section
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3377079113.0000000006310000.00000004.10000000.00040000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page read and write
|
| Base address: |
6310000
|
| Size: |
4096
|
|
|
4855000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004855000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4855000
|
| Size: |
147456
|
|
|
590000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930151843.0000000000590000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
590000
|
| Size: |
4096
|
|
|
1689C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.000000001689C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1689C000
|
| Size: |
151552
|
|
|
B7EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3384943083.000000000B7EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B7EE000
|
| Size: |
8192
|
|
|
1344000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1466326902.0000000001344000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1344000
|
| Size: |
49152
|
|
|
85ED000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3379878720.00000000085ED000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
85ED000
|
| Size: |
12288
|
|
|
8E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930282162.00000000008E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8E0000
|
| Size: |
4096
|
|
|
7FFB967E0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3357229583.00007FFB967E0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB967E0000
|
| Size: |
24576
|
|
|
BFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1368142839.0000000000BFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BFE000
|
| Size: |
8192
|
|
|
16E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3349218458.00000000016E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16E0000
|
| Size: |
4096
|
|
|
2981DA60000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3346817983.000002981DA60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2981DA60000
|
| Size: |
4096
|
|
|
685C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1387774923.000000000685C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
685C000
|
| Size: |
4096
|
|
|
CA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1027052242.0000000000CA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
CA0000
|
| Size: |
16384
|
|
|
2981F5BB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3349012830.000002981F5BB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2981F5BB000
|
| Size: |
8192
|
|
|
4E19000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004E19000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4E19000
|
| Size: |
151552
|
|
|
5DB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1016236838.00000000005DB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5DB000
|
| Size: |
20480
|
|
|
93F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930310517.000000000093F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
93F000
|
| Size: |
45056
|
|
|
594F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1501587428.000000000594F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
594F000
|
| Size: |
4096
|
|
|
1330000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1466188905.0000000001330000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
1330000
|
| Size: |
4096
|
|
|
2981DB20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3348431685.000002981DB20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2981DB20000
|
| Size: |
8192
|
|
|
1C7C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932734447.000000001C7C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1C7C0000
|
| Size: |
106496
|
|
|
59CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3375073740.00000000059CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
59CE000
|
| Size: |
8192
|
|
|
3C59000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1056582287.0000000003C59000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C59000
|
| Size: |
176128
|
|
|
A62E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3383002747.000000000A62E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A62E000
|
| Size: |
8192
|
|
|
F02000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1450814226.0000000000F02000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
F02000
|
| Size: |
12288
|
|
|
A30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1305427502.0000000000A30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A30000
|
| Size: |
16384
|
|
|
7FFB96890000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3357577437.00007FFB96890000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB96890000
|
| Size: |
16384
|
|
|
29837C90000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3351813432.0000029837C90000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
29837C90000
|
| Size: |
8192
|
|
|
4AF8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1069151429.0000000004AF8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4AF8000
|
| Size: |
4096
|
|
|
2E8D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1032729871.0000000002E8D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E8D000
|
| Size: |
8192
|
|
|
2FFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3349464938.0000000002FFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2FFE000
|
| Size: |
8192
|
|
|
518E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1443083458.000000000518E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
518E000
|
| Size: |
8192
|
|
|
61BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1092054537.00000000061BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
61BE000
|
| Size: |
8192
|
|
|
7FFB966CD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3356272138.00007FFB966CD000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB966CD000
|
| Size: |
12288
|
|
|
89AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3380204607.00000000089AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
89AE000
|
| Size: |
8192
|
|
|
CF3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930851853.0000000000CF3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
CF3000
|
| Size: |
8192
|
|
|
EE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1448208598.0000000000EE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
EE0000
|
| Size: |
8192
|
|
|
4EFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1373188014.0000000004EFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4EFE000
|
| Size: |
8192
|
|
|
30EA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1467997303.00000000030EA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
30EA000
|
| Size: |
753664
|
|
|
1B513000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932534936.000000001B513000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B513000
|
| Size: |
12288
|
|
|
464C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.000000000464C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
464C000
|
| Size: |
151552
|
|
|
EF2000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1448664342.0000000000EF2000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
EF2000
|
| Size: |
4096
|
|
|
1E510000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932998637.000000001E510000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1E510000
|
| Size: |
4096
|
|
|
543F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.000000000543F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
543F000
|
| Size: |
151552
|
|
|
10F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1465523331.00000000010F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10F0000
|
| Size: |
4096
|
|
|
D3A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1029215958.0000000000D3A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D3A000
|
| Size: |
4096
|
|
|
980000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1286923888.0000000000980000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
980000
|
| Size: |
4096
|
|
|
12F9000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3346042181.00000000012F9000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
12F9000
|
| Size: |
28672
|
|
|
F06000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1450814226.0000000000F06000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
F06000
|
| Size: |
4096
|
|
|
930000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1284733540.0000000000930000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
930000
|
| Size: |
16384
|
|
|
BFCD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3385435759.000000000BFCD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BFCD000
|
| Size: |
12288
|
|
|
16B8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3348424012.00000000016B8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16B8000
|
| Size: |
135168
|
|
|
7FFB96870000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3357389422.00007FFB96870000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB96870000
|
| Size: |
65536
|
|
|
1350000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1467485384.0000000001350000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1350000
|
| Size: |
16384
|
|
|
6A7D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3377537763.0000000006A7D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6A7D000
|
| Size: |
12288
|
|
|
2981DA26000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3346817983.000002981DA26000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2981DA26000
|
| Size: |
20480
|
|
|
7FFB9677C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3357105885.00007FFB9677C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9677C000
|
| Size: |
4096
|
|
|
5DDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1090293642.0000000005DDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5DDE000
|
| Size: |
8192
|
|
|
83AD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3379701685.00000000083AD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
83AD000
|
| Size: |
12288
|
|
|
90B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1283779038.000000000090B000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
90B000
|
| Size: |
4096
|
|
|
15C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3347357969.00000000015C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
15C0000
|
| Size: |
4096
|
|
|
540000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1263737906.0000000000540000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
540000
|
| Size: |
4096
|
|
|
DFA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931057311.0000000000DFA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
DFA000
|
| Size: |
24576
|
|
|
A70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930673306.0000000000A70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A70000
|
| Size: |
12288
|
|
|
16674000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.0000000016674000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16674000
|
| Size: |
151552
|
|
|
60D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1272653375.000000000060D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
60D000
|
| Size: |
282624
|
|
|
B6AD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3384790270.000000000B6AD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B6AD000
|
| Size: |
12288
|
|
|
1717000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3349248975.0000000001717000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1717000
|
| Size: |
28672
|
|
|
1EEDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.933052882.000000001EEDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1EEDE000
|
| Size: |
8192
|
|
|
5C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930227173.00000000005C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5C0000
|
| Size: |
8192
|
|
|
15C2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3347394346.00000000015C2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
15C2000
|
| Size: |
4096
|
|
|
5690000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3374649693.0000000005690000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5690000
|
| Size: |
16384
|
|
|
5D8D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3375338716.0000000005D8D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5D8D000
|
| Size: |
12288
|
|
|
2981F531000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3349012830.000002981F531000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2981F531000
|
| Size: |
536576
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
65AD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3377272122.00000000065AD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
65AD000
|
| Size: |
12288
|
|
|
4CFD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004CFD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4CFD000
|
| Size: |
147456
|
|
|
F621AF0000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3345658756.000000F621AF0000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F621AF0000
|
| Size: |
65536
|
|
|
628B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3376926454.000000000628B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
628B000
|
| Size: |
20480
|
|
|
27C1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1319645416.00000000027C1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
27C1000
|
| Size: |
5238784
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| AV process strings found (often used to terminate AV products) |
Lowering of HIPS / PFW / Operating System Security Settings |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
F38000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1461868448.0000000000F38000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F38000
|
| Size: |
73728
|
|
|
1658E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.000000001658E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1658E000
|
| Size: |
151552
|
|
|
7FFB966C3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3355886998.00007FFB966C3000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB966C3000
|
| Size: |
4096
|
|
|
4DBD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1372500251.0000000004DBD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4DBD000
|
| Size: |
12288
|
|
|
16A4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3348424012.00000000016A4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16A4000
|
| Size: |
45056
|
|
|
5C0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1502282083.0000000005C0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5C0E000
|
| Size: |
8192
|
|
|
516E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1082494160.000000000516E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
516E000
|
| Size: |
8192
|
|
|
459E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.000000000459E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
459E000
|
| Size: |
147456
|
|
|
29837CA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3351879135.0000029837CA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29837CA0000
|
| Size: |
8192
|
|
|
568E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1446941195.000000000568E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
568E000
|
| Size: |
8192
|
|
|
D60000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1031870921.0000000000D60000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
D60000
|
| Size: |
4096
|
|
|
624D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3376879591.000000000624D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
624D000
|
| Size: |
12288
|
|
|
9BF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930510298.00000000009BF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9BF000
|
| Size: |
303104
|
|
|
2981D950000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3346314765.000002981D950000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2981D950000
|
| Size: |
4096
|
|
|
D12000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1027692889.0000000000D12000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D12000
|
| Size: |
4096
|
|
|
8C6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3380434830.0000000008C6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8C6E000
|
| Size: |
8192
|
|
|
AF8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1358745678.0000000000AF8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AF8000
|
| Size: |
8192
|
|
|
902D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3380745885.000000000902D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
902D000
|
| Size: |
12288
|
|
|
5276000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000005276000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5276000
|
| Size: |
147456
|
|
|
8D2000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1281508937.00000000008D2000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
8D2000
|
| Size: |
12288
|
|
|
3C2A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1358006200.0000000003C2A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C2A000
|
| Size: |
176128
|
|
|
5530000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1084489939.0000000005530000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5530000
|
| Size: |
241664
|
|
|
970000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1020285693.0000000000970000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
970000
|
| Size: |
258048
|
|
|
573E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1379608173.000000000573E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
573E000
|
| Size: |
8192
|
|
|
A9D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1358745678.0000000000A9D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A9D000
|
| Size: |
61440
|
|
|
29839AD2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3355606546.0000029839AD2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
29839AD2000
|
| Size: |
12288
|
|
|
7FFB9A942000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.933110842.00007FFB9A942000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9A942000
|
| Size: |
12288
|
|
|
642E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3377135105.000000000642E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
642E000
|
| Size: |
8192
|
|
|
16778000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.0000000016778000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16778000
|
| Size: |
151552
|
|
|
5E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930252241.00000000005E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5E0000
|
| Size: |
4096
|
|
|
2981F5E3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3349012830.000002981F5E3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2981F5E3000
|
| Size: |
65536
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
4EEF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1081033826.0000000004EEF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4EEF000
|
| Size: |
4096
|
|
|
DF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931057311.0000000000DF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
DF0000
|
| Size: |
4096
|
|
|
39C8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1358006200.00000000039C8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39C8000
|
| Size: |
176128
|
|
|
C60000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1369365025.0000000000C60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C60000
|
| Size: |
16384
|
|
|
2981DA98000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3346817983.000002981DA98000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2981DA98000
|
| Size: |
552960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
2981D7E0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000001.00000002.3346203574.000002981D7E0000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
2981D7E0000
|
| Size: |
4096
|
|
|
27CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931331446.00000000027CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
27CE000
|
| Size: |
8192
|
|
|
7D6D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3379186490.0000000007D6D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7D6D000
|
| Size: |
12288
|
|
|
5A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930174858.00000000005A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5A0000
|
| Size: |
4096
|
|
|
545000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930127663.0000000000545000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
545000
|
| Size: |
45056
|
|
|
166EB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.00000000166EB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
166EB000
|
| Size: |
147456
|
|
|
502E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.000000000502E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
502E000
|
| Size: |
151552
|
|
|
37E6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1358006200.00000000037E6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37E6000
|
| Size: |
180224
|
|
|
166AB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.00000000166AB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
166AB000
|
| Size: |
151552
|
|
|
79AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3378855502.00000000079AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
79AE000
|
| Size: |
8192
|
|
|
5ACE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1501950101.0000000005ACE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5ACE000
|
| Size: |
8192
|
|
|
1030000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1464060212.0000000001030000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1030000
|
| Size: |
4096
|
|
|
930000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1020285693.0000000000930000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
930000
|
| Size: |
40960
|
|
|
1E33B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932968931.000000001E33B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E33B000
|
| Size: |
24576
|
|
|
8CA000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1278688286.00000000008CA000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
8CA000
|
| Size: |
8192
|
|
|
4F0D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1437377913.0000000004F0D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4F0D000
|
| Size: |
12288
|
|
|
5236000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000005236000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5236000
|
| Size: |
147456
|
|
|
2981D7E0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000001.00000000.920577683.000002981D7E0000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
2981D7E0000
|
| Size: |
4096
|
|
|
D4A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1030951219.0000000000D4A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D4A000
|
| Size: |
4096
|
|
|
5C5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1088992125.0000000005C5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5C5E000
|
| Size: |
8192
|
|
|
6A6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1394121802.0000000006A6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6A6E000
|
| Size: |
8192
|
|
|
2981DBC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3348606474.000002981DBC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2981DBC0000
|
| Size: |
28672
|
|
|
3847000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1358006200.0000000003847000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3847000
|
| Size: |
176128
|
|
|
385F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3349659015.000000000385F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
385F000
|
| Size: |
3670016
|
|
|
2EFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3349394461.0000000002EFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2EFE000
|
| Size: |
8192
|
|
|
8EAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3380607303.0000000008EAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8EAE000
|
| Size: |
8192
|
|
|
15A7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3347130920.00000000015A7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15A7000
|
| Size: |
28672
|
|
|
1663D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.000000001663D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1663D000
|
| Size: |
147456
|
|
|
4B7D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1371241102.0000000004B7D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4B7D000
|
| Size: |
12288
|
|
|
15A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3347130920.00000000015A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15A0000
|
| Size: |
20480
|
|
|
605C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1091468340.000000000605C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
605C000
|
| Size: |
16384
|
|
|
C3CD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3385787997.000000000C3CD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C3CD000
|
| Size: |
12288
|
|
|
29837F19000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3351975216.0000029837F19000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29837F19000
|
| Size: |
77824
|
|
|
7FFB9AAE0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.933520349.00007FFB9AAE0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AAE0000
|
| Size: |
4096
|
|
|
EC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1032274529.0000000000EC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EC0000
|
| Size: |
4096
|
|
|
3823000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3349659015.0000000003823000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3823000
|
| Size: |
241664
|
|
|
10CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1465180031.00000000010CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
10CE000
|
| Size: |
8192
|
|
|
5750000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3374837981.0000000005750000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5750000
|
| Size: |
65536
|
|
|
B42E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3384528059.000000000B42E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B42E000
|
| Size: |
8192
|
|
|
2981DC45000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3348764721.000002981DC45000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2981DC45000
|
| Size: |
12288
|
|
|
103B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1464858653.000000000103B000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
103B000
|
| Size: |
4096
|
|
|
D00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1027403722.0000000000D00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
D00000
|
| Size: |
8192
|
|
|
55BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1379265582.00000000055BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
55BE000
|
| Size: |
8192
|
|
|
555E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3374390033.000000000555E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
555E000
|
| Size: |
8192
|
|
|
D57000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1031460793.0000000000D57000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D57000
|
| Size: |
4096
|
|
|
1B6D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932651773.000000001B6D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1B6D0000
|
| Size: |
69632
|
|
|
876D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3380019229.000000000876D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
876D000
|
| Size: |
12288
|
|
|
F2A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1461570644.0000000000F2A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
F2A000
|
| Size: |
4096
|
|
|
3481000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3349659015.0000000003481000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3481000
|
| Size: |
4096
|
|
|
FC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3345830314.0000000000FC0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FC0000
|
| Size: |
4096
|
|
|
6E6D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3377846539.0000000006E6D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6E6D000
|
| Size: |
12288
|
|
|
93AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3381062511.00000000093AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
93AE000
|
| Size: |
8192
|
|
|
71EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3378120229.00000000071EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
71EE000
|
| Size: |
8192
|
|
|
8DAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3380537386.0000000008DAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8DAE000
|
| Size: |
8192
|
|
|
2981DA2C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3346817983.000002981DA2C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2981DA2C000
|
| Size: |
122880
|
|
|
76EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3378536660.00000000076EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
76EE000
|
| Size: |
8192
|
|
|
7D2D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3379145005.0000000007D2D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7D2D000
|
| Size: |
12288
|
|
|
2981F5F5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3349012830.000002981F5F5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2981F5F5000
|
| Size: |
4096
|
|
|
620D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3376839223.000000000620D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
620D000
|
| Size: |
12288
|
|
|
A7A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1358446308.0000000000A7A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
A7A000
|
| Size: |
8192
|
|
|
5E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1272237176.00000000005E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5E0000
|
| Size: |
8192
|
|
|
44BD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.00000000044BD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
44BD000
|
| Size: |
151552
|
|
|
55FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1379548569.00000000055FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
55FE000
|
| Size: |
8192
|
|
|
AFF2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3384078639.000000000AFF2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AFF2000
|
| Size: |
45056
|
|
|
A10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1355669917.0000000000A10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A10000
|
| Size: |
4096
|
|
|
5112000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000005112000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5112000
|
| Size: |
147456
|
|
|
4903000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004903000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4903000
|
| Size: |
151552
|
|
|
A7AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3383258274.000000000A7AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A7AE000
|
| Size: |
8192
|
|
|
FF0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.3345938240.0000000000FF0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
FF0000
|
| Size: |
8192
|
|
|
15EE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3347476707.00000000015EE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15EE000
|
| Size: |
405504
|
|
|
886D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3380100065.000000000886D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
886D000
|
| Size: |
12288
|
|
|
AA2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3383552705.000000000AA2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
AA2E000
|
| Size: |
8192
|
|
|
3EBD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1056582287.0000000003EBD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EBD000
|
| Size: |
135168
|
|
|
C3B000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1444052912.0000000000C3B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C3B000
|
| Size: |
20480
|
|
|
ACD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1310269952.0000000000ACD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
ACD000
|
| Size: |
12288
|
|
|
8E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1347737783.00000000008E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8E0000
|
| Size: |
16384
|
|
|
4E0D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1434812501.0000000004E0D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4E0D000
|
| Size: |
12288
|
|
|
B6EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3384878002.000000000B6EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B6EE000
|
| Size: |
8192
|
|
|
796D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3378816462.000000000796D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
796D000
|
| Size: |
12288
|
|
|
29837C93000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3351813432.0000029837C93000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
29837C93000
|
| Size: |
8192
|
|
|
A66E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3383072093.000000000A66E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A66E000
|
| Size: |
8192
|
|
|
DB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931036914.0000000000DB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DB0000
|
| Size: |
4096
|
|
|
D70000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1445593664.0000000000D70000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D70000
|
| Size: |
4096
|
|
|
62BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1092633860.00000000062BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
62BF000
|
| Size: |
4096
|
|
|
F6228FC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3346108121.000000F6228FC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F6228FC000
|
| Size: |
16384
|
|
|
6AC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3377578668.0000000006AC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6AC0000
|
| Size: |
4096
|
|
|
746E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3378328517.000000000746E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
746E000
|
| Size: |
8192
|
|
|
926E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3380959237.000000000926E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
926E000
|
| Size: |
8192
|
|
|
DAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1031979485.0000000000DAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DAE000
|
| Size: |
8192
|
|
|
A7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1307512466.0000000000A7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A7E000
|
| Size: |
8192
|
|
|
75AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3378435053.00000000075AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
75AE000
|
| Size: |
8192
|
|
|
4C30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004C30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4C30000
|
| Size: |
147456
|
|
|
3DBC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1056582287.0000000003DBC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3DBC000
|
| Size: |
40960
|
|
|
501E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1495475821.000000000501E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
501E000
|
| Size: |
8192
|
|
|
ACB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3383828802.000000000ACB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
ACB0000
|
| Size: |
24576
|
|
|
56FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1379578262.00000000056FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
56FE000
|
| Size: |
8192
|
|
|
656D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3377230330.000000000656D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
656D000
|
| Size: |
12288
|
|
|
F2F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931267759.0000000000F2F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F2F000
|
| Size: |
4096
|
|
|
167EE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.00000000167EE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
167EE000
|
| Size: |
151552
|
|
|
58E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1265331949.000000000058E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
58E000
|
| Size: |
8192
|
|
|
3E44000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1487100647.0000000003E44000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E44000
|
| Size: |
8192
|
|
|
237E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1315924400.000000000237E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
237E000
|
| Size: |
8192
|
|
|
29837F9F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3351975216.0000029837F9F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29837F9F000
|
| Size: |
20480
|
|
|
4F10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1437826289.0000000004F10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4F10000
|
| Size: |
237568
|
|
|
4FFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1373339848.0000000004FFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4FFE000
|
| Size: |
8192
|
|
|
E10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931158551.0000000000E10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
E10000
|
| Size: |
4096
|
|
|
8DC000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1282749909.00000000008DC000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
8DC000
|
| Size: |
4096
|
|
|
9B0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1287114945.00000000009B0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
9B0000
|
| Size: |
4096
|
|
|
A00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1290788541.0000000000A00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A00000
|
| Size: |
65536
|
|
|
A60000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1357873427.0000000000A60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A60000
|
| Size: |
16384
|
|
|
16A0F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.0000000016A0F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16A0F000
|
| Size: |
151552
|
|
|
4021000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1487100647.0000000004021000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4021000
|
| Size: |
155648
|
|
|
5760000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3374951971.0000000005760000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5760000
|
| Size: |
4096
|
|
|
4F4F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1437826289.0000000004F4F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4F4F000
|
| Size: |
241664
|
|
|
16A86000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.0000000016A86000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16A86000
|
| Size: |
151552
|
|
|
12F6000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3346042181.00000000012F6000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
12F6000
|
| Size: |
8192
|
|
|
B1EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3384317981.000000000B1EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B1EE000
|
| Size: |
8192
|
|
|
2981F5C2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3349012830.000002981F5C2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2981F5C2000
|
| Size: |
8192
|
|
|
D1A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1027961647.0000000000D1A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D1A000
|
| Size: |
8192
|
|
|
D22000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1028291242.0000000000D22000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D22000
|
| Size: |
12288
|
|
|
1687C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.000000001687C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
1687C000
|
| Size: |
20480
|
|
|
168D3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.00000000168D3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
168D3000
|
| Size: |
151552
|
|
|
912E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3380822231.000000000912E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
912E000
|
| Size: |
8192
|
|
|
C7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930735761.0000000000C7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C7E000
|
| Size: |
8192
|
|
|
552E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1084246951.000000000552E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
552E000
|
| Size: |
8192
|
|
|
12B15000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932089566.0000000012B15000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
12B15000
|
| Size: |
4096
|
|
|
583E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1380224103.000000000583E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
583E000
|
| Size: |
8192
|
|
|
B2ED000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3384390661.000000000B2ED000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B2ED000
|
| Size: |
12288
|
|
|
7FF4E97C0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3355718892.00007FF4E97C0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FF4E97C0000
|
| Size: |
4096
|
|
|
4BCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1075512752.0000000004BCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4BCE000
|
| Size: |
8192
|
|
|
6922000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1387774923.0000000006922000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6922000
|
| Size: |
24576
|
|
|
3E7C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1056582287.0000000003E7C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3E7C000
|
| Size: |
180224
|
|
|
2981DA10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3346646274.000002981DA10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2981DA10000
|
| Size: |
16384
|
|
|
B56E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3384648754.000000000B56E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B56E000
|
| Size: |
8192
|
|
|
CF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930851853.0000000000CF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
CF0000
|
| Size: |
8192
|
|
|
2981DA4B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3346817983.000002981DA4B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2981DA4B000
|
| Size: |
81920
|
|
|
16982000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3386107914.0000000016982000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
16982000
|
| Size: |
147456
|
|
|
BAA000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000009.00000002.1366306760.0000000000BAA000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
BAA000
|
| Size: |
4096
|
|
|
502D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1081434646.000000000502D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
502D000
|
| Size: |
12288
|
|
|
4E6E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004E6E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4E6E000
|
| Size: |
147456
|
|
|
2981DBFE000
|
trusted library section
|
page readonly
|
|
|
|
| Name: |
00000001.00000002.3348673767.000002981DBFE000.00000002.08000000.00040000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page readonly
|
| Base address: |
2981DBFE000
|
| Size: |
8192
|
|
|
156D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3346675495.000000000156D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
156D000
|
| Size: |
12288
|
|
|
7FFB967A6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.3357204705.00007FFB967A6000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB967A6000
|
| Size: |
4096
|
|
|
498D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.000000000498D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
498D000
|
| Size: |
147456
|
|
|
5D0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3375265569.0000000005D0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5D0E000
|
| Size: |
8192
|
|
|
F0C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.1459680387.0000000000F0C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
F0C000
|
| Size: |
4096
|
|
|
1710000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3349248975.0000000001710000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1710000
|
| Size: |
20480
|
|
|
7FFB966D2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3356453936.00007FFB966D2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB966D2000
|
| Size: |
45056
|
|
|
505000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1263285754.0000000000505000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
505000
|
| Size: |
12288
|
|
|
CB0000
|
trusted library section
|
page readonly
|
|
|
|
| Name: |
00000000.00000002.930782293.0000000000CB0000.00000002.08000000.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library section
|
| Protect: |
page readonly
|
| Base address: |
CB0000
|
| Size: |
61440
|
|
|
F00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1032382160.0000000000F00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F00000
|
| Size: |
20480
|
|
|
A88000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1358745678.0000000000A88000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A88000
|
| Size: |
73728
|
|
|
7FFB9AA42000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.933420887.00007FFB9AA42000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FFB9AA42000
|
| Size: |
4096
|
|
|
542E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1084122933.000000000542E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
542E000
|
| Size: |
8192
|
|
|
7FFB9A950000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.933156994.00007FFB9A950000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9A950000
|
| Size: |
4096
|
|
|
3EBF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1487100647.0000000003EBF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3EBF000
|
| Size: |
151552
|
|
|
826E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3379604332.000000000826E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
826E000
|
| Size: |
8192
|
|
|
3BF8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1056582287.0000000003BF8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BF8000
|
| Size: |
176128
|
|
|
2981DA8C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3346817983.000002981DA8C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2981DA8C000
|
| Size: |
4096
|
|
|
1DB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1262343790.00000000001DB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1DB000
|
| Size: |
20480
|
|
|
5A1E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1087417264.0000000005A1E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5A1E000
|
| Size: |
8192
|
|
|
F4B000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1461868448.0000000000F4B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F4B000
|
| Size: |
4096
|
|
|
52CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1443588348.00000000052CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
52CE000
|
| Size: |
8192
|
|
|
4B30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1371108118.0000000004B30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B30000
|
| Size: |
4096
|
|
|
511F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1495956635.000000000511F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
511F000
|
| Size: |
4096
|
|
|
8F6000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1016862428.00000000008F6000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8F6000
|
| Size: |
8192
|
|
|
530000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.921185896.0000000000530000.00000002.00000001.01000000.00000008.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
530000
|
| Size: |
4096
|
|
|
7FFB9AA15000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.933362402.00007FFB9AA15000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
7FFB9AA15000
|
| Size: |
4096
|
|
|
51AD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1082769646.00000000051AD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
51AD000
|
| Size: |
12288
|
|
|
4B99000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000004B99000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4B99000
|
| Size: |
151552
|
|
|
C14E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3385587852.000000000C14E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C14E000
|
| Size: |
8192
|
|
|
5F45000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3375456867.0000000005F45000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F45000
|
| Size: |
212992
|
|
|
121F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1465740532.000000000121F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
121F000
|
| Size: |
4096
|
|
|
47FE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.00000000047FE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
47FE000
|
| Size: |
147456
|
|
|
F00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1449565440.0000000000F00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
F00000
|
| Size: |
8192
|
|
|
8FEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3380711525.0000000008FEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8FEE000
|
| Size: |
8192
|
|
|
615C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1091818695.000000000615C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
615C000
|
| Size: |
16384
|
|
|
29837F7B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3351975216.0000029837F7B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29837F7B000
|
| Size: |
143360
|
|
|
F68000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000009.00000002.1371103874.0000000000F68000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
9
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
F68000
|
| Size: |
4096
|
|
|
29837EE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3351975216.0000029837EE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29837EE0000
|
| Size: |
229376
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to debug symbols |
Compliance, System Summary |
|
|
|
2982F538000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.3351589960.000002982F538000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2982F538000
|
| Size: |
32768
|
|
|
E14000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931158551.0000000000E14000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
E14000
|
| Size: |
16384
|
|
|
5392000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3361554647.0000000005392000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5392000
|
| Size: |
147456
|
|
|
DB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1032080679.0000000000DB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DB0000
|
| Size: |
20480
|
|
|
D5B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1031662867.0000000000D5B000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
D5B000
|
| Size: |
4096
|
|
|
3F18000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.1487100647.0000000003F18000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3F18000
|
| Size: |
151552
|
|
|
C10E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.3385532554.000000000C10E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C10E000
|
| Size: |
8192
|
|
