|
25E1000
|
trusted library allocation
|
page read and write
|
 |
|
|
| Name: |
00000002.00000002.3860853264.00000000025E1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
25E1000
|
| Size: |
5828608
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found malware configuration |
AV Detection |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Njrat |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
|
|
2754000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1794822972.0000000002754000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2754000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Njrat |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
|
|
26B8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1878562030.00000000026B8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
26B8000
|
| Size: |
53248
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Njrat |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
|
|
2758000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1794822972.0000000002758000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2758000
|
| Size: |
53248
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Njrat |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
|
|
26B4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1878562030.00000000026B4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
26B4000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Njrat |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
2701000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1459824202.0000000002701000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2701000
|
| Size: |
233472
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Njrat |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
|
|
26E1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1709528247.00000000026E1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
26E1000
|
| Size: |
278528
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Malicious sample detected (through community Yara rule) |
System Summary |
|
| Yara detected Njrat |
AV Detection, E-Banking Fraud, Stealing of Sensitive Information, Remote Access Functionality |
|
| Yara signature match |
System Summary |
|
|
|
42C000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1392261723.000000000042C000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
42C000
|
| Size: |
4096
|
|
|
47BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1879780901.00000000047BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47BF000
|
| Size: |
4096
|
|
|
930000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1793411337.0000000000930000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
930000
|
| Size: |
8192
|
|
|
636000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1528972453.0000000000636000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
636000
|
| Size: |
499712
|
|
|
4BBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1795419685.0000000004BBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4BBE000
|
| Size: |
8192
|
|
|
98B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000006.00000002.1709151214.000000000098B000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
98B000
|
| Size: |
4096
|
|
|
6B1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1532650589.00000000006B1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B1000
|
| Size: |
8192
|
|
|
4C5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1792608138.00000000004C5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4C5000
|
| Size: |
12288
|
|
|
47F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1880236670.00000000047F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
47F0000
|
| Size: |
8192
|
|
|
726000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1708382218.0000000000726000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
726000
|
| Size: |
225280
|
|
|
2147000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3860748810.0000000002147000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2147000
|
| Size: |
4096
|
|
|
47FC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1880236670.00000000047FC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
47FC000
|
| Size: |
16384
|
|
|
637000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526604769.0000000000637000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
637000
|
| Size: |
364544
|
|
|
36AB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1878824863.00000000036AB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36AB000
|
| Size: |
8192
|
|
|
600000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534085646.0000000000600000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
600000
|
| Size: |
90112
|
|
|
19B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1533247501.000000000019B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
19B000
|
| Size: |
20480
|
|
|
830000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3860484303.0000000000830000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
830000
|
| Size: |
8192
|
|
|
BDF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1794457115.0000000000BDF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BDF000
|
| Size: |
4096
|
|
|
6B5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529455885.00000000006B5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B5000
|
| Size: |
12288
|
|
|
42A000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000000.00000000.1392238608.000000000042A000.00000008.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
42A000
|
| Size: |
4096
|
|
|
47C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3862494751.00000000047C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
47C0000
|
| Size: |
8192
|
|
|
6D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3860249344.00000000006D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6D0000
|
| Size: |
32768
|
|
|
360B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3862269817.000000000360B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
360B000
|
| Size: |
16384
|
|
|
6B5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534370017.00000000006B5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B5000
|
| Size: |
12288
|
|
|
A74000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1794003626.0000000000A74000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A74000
|
| Size: |
28672
|
|
|
36E4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1709581118.00000000036E4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36E4000
|
| Size: |
4096
|
|
|
787000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1459061471.0000000000787000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
787000
|
| Size: |
4096
|
|
|
47F6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1880236670.00000000047F6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
47F6000
|
| Size: |
4096
|
|
|
63A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526333054.000000000063A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63A000
|
| Size: |
98304
|
|
|
689000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529686219.0000000000689000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
689000
|
| Size: |
159744
|
|
|
7E0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1877117857.00000000007E0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
7E0000
|
| Size: |
4096
|
|
|
6A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1792704993.00000000006A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6A0000
|
| Size: |
24576
|
|
|
46BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1878899587.00000000046BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
46BE000
|
| Size: |
8192
|
|
|
47F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1709685497.00000000047F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
47F0000
|
| Size: |
65536
|
|
|
740000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1458943299.0000000000740000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
740000
|
| Size: |
8192
|
|
|
1060000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534737074.0000000001060000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1060000
|
| Size: |
4096
|
|
|
3701000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1459877618.0000000003701000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3701000
|
| Size: |
8192
|
|
|
862000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3860584454.0000000000862000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
862000
|
| Size: |
28672
|
|
|
6E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1458855455.00000000006E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6E0000
|
| Size: |
4096
|
|
|
4DFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1795476146.0000000004DFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4DFF000
|
| Size: |
4096
|
|
|
4830000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3862731739.0000000004830000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4830000
|
| Size: |
12288
|
|
|
910000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1793218679.0000000000910000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
910000
|
| Size: |
8192
|
|
|
47DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1709667558.00000000047DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47DF000
|
| Size: |
4096
|
|
|
560000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1875370112.0000000000560000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
560000
|
| Size: |
4096
|
|
|
84A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1877231650.000000000084A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
84A000
|
| Size: |
8192
|
|
|
627000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526764021.0000000000627000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
627000
|
| Size: |
16384
|
|
|
942000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000006.00000002.1708633115.0000000000942000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
942000
|
| Size: |
4096
|
|
|
6DE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534515790.00000000006DE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6DE000
|
| Size: |
4096
|
|
|
830000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1877158447.0000000000830000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
830000
|
| Size: |
8192
|
|
|
2681000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1878562030.0000000002681000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2681000
|
| Size: |
131072
|
|
|
1170000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534755629.0000000001170000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1170000
|
| Size: |
40960
|
|
|
4D18000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527357338.0000000004D18000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D18000
|
| Size: |
8192
|
|
|
98F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1459576062.000000000098F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
98F000
|
| Size: |
4096
|
|
|
430000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1792009331.0000000000430000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
430000
|
| Size: |
4096
|
|
|
372E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1459877618.000000000372E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
372E000
|
| Size: |
163840
|
|
|
877000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3860628665.0000000000877000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
877000
|
| Size: |
4096
|
|
|
47F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3862599407.00000000047F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
47F0000
|
| Size: |
65536
|
|
|
68F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527167653.000000000068F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
68F000
|
| Size: |
327680
|
|
|
63A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529268404.000000000063A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63A000
|
| Size: |
274432
|
|
|
629000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526269723.0000000000629000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
629000
|
| Size: |
20480
|
|
|
50AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1460209621.00000000050AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
50AF000
|
| Size: |
4096
|
|
|
67D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529133523.000000000067D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67D000
|
| Size: |
208896
|
|
|
62E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526210425.000000000062E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62E000
|
| Size: |
147456
|
|
|
4BDF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1710015319.0000000004BDF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4BDF000
|
| Size: |
4096
|
|
|
498E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1709809663.000000000498E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
498E000
|
| Size: |
8192
|
|
|
E2F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534705621.0000000000E2F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E2F000
|
| Size: |
4096
|
|
|
62B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526703656.000000000062B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62B000
|
| Size: |
12288
|
|
|
87A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3860645016.000000000087A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
87A000
|
| Size: |
4096
|
|
|
4800000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1460006672.0000000004800000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4800000
|
| Size: |
65536
|
|
|
67E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529917785.000000000067E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67E000
|
| Size: |
24576
|
|
|
9DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1878000491.00000000009DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9DF000
|
| Size: |
4096
|
|
|
5C5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1875400121.00000000005C5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5C5000
|
| Size: |
184320
|
|
|
534F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1460300427.000000000534F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
534F000
|
| Size: |
4096
|
|
|
3704000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1459877618.0000000003704000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3704000
|
| Size: |
167936
|
|
|
196000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1708071602.0000000000196000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
196000
|
| Size: |
8192
|
|
|
EA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1532004246.0000000000EA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EA0000
|
| Size: |
4096
|
|
|
94A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000006.00000002.1708652373.000000000094A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
94A000
|
| Size: |
8192
|
|
|
4930000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1460044824.0000000004930000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4930000
|
| Size: |
4096
|
|
|
4A9F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1880926558.0000000004A9F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A9F000
|
| Size: |
4096
|
|
|
598000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1875400121.0000000000598000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
598000
|
| Size: |
81920
|
|
|
69F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1792688150.000000000069F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
69F000
|
| Size: |
4096
|
|
|
595000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1708244489.0000000000595000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
595000
|
| Size: |
12288
|
|
|
66F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526333054.000000000066F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66F000
|
| Size: |
57344
|
|
|
62D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534129327.000000000062D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62D000
|
| Size: |
20480
|
|
|
590000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1708244489.0000000000590000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
590000
|
| Size: |
16384
|
|
|
47F3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1880236670.00000000047F3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
47F3000
|
| Size: |
8192
|
|
|
199000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1708071602.0000000000199000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
199000
|
| Size: |
28672
|
|
|
68B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526938049.000000000068B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
68B000
|
| Size: |
20480
|
|
|
54E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1708183695.000000000054E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
54E000
|
| Size: |
8192
|
|
|
6D9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529557109.00000000006D9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6D9000
|
| Size: |
24576
|
|
|
678000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526472165.0000000000678000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
678000
|
| Size: |
20480
|
|
|
196000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1791871706.0000000000196000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
196000
|
| Size: |
8192
|
|
|
4D18000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527580061.0000000004D18000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D18000
|
| Size: |
8192
|
|
|
47FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1459989447.00000000047FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47FF000
|
| Size: |
4096
|
|
|
2132000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3860679010.0000000002132000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2132000
|
| Size: |
4096
|
|
|
228F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3860832523.000000000228F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
228F000
|
| Size: |
4096
|
|
|
6BD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1792704993.00000000006BD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6BD000
|
| Size: |
65536
|
|
|
A84000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1709337240.0000000000A84000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A84000
|
| Size: |
28672
|
|
|
6B5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529686219.00000000006B5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B5000
|
| Size: |
12288
|
|
|
550000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1533810276.0000000000550000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
550000
|
| Size: |
8192
|
|
|
68A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527918194.000000000068A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
68A000
|
| Size: |
20480
|
|
|
6DA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529813408.00000000006DA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6DA000
|
| Size: |
20480
|
|
|
481F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1795265202.000000000481F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
481F000
|
| Size: |
4096
|
|
|
402000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000000.00000000.1392207775.0000000000402000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
402000
|
| Size: |
159744
|
|
|
74C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1459010394.000000000074C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
74C000
|
| Size: |
4096
|
|
|
639000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526815366.0000000000639000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
639000
|
| Size: |
225280
|
|
|
616000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1533094660.0000000000616000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
616000
|
| Size: |
69632
|
|
|
199000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1875253433.0000000000199000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
199000
|
| Size: |
28672
|
|
|
4D18000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534932193.0000000004D18000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D18000
|
| Size: |
8192
|
|
|
4CFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1795454084.0000000004CFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4CFF000
|
| Size: |
4096
|
|
|
A60000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534563147.0000000000A60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A60000
|
| Size: |
16384
|
|
|
580000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1875385614.0000000000580000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
580000
|
| Size: |
12288
|
|
|
AA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1794146296.0000000000AA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AA0000
|
| Size: |
12288
|
|
|
4B9F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1880965062.0000000004B9F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4B9F000
|
| Size: |
4096
|
|
|
8D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1877972252.00000000008D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8D0000
|
| Size: |
12288
|
|
|
550000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1708203942.0000000000550000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
550000
|
| Size: |
4096
|
|
|
603000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1875400121.0000000000603000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
603000
|
| Size: |
12288
|
|
|
74A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1458996749.000000000074A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
74A000
|
| Size: |
4096
|
|
|
6CE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1528972453.00000000006CE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6CE000
|
| Size: |
69632
|
|
|
4FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1533269381.00000000004FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4FE000
|
| Size: |
8192
|
|
|
810000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3860462919.0000000000810000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
810000
|
| Size: |
12288
|
|
|
AC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1459655432.0000000000AC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AC0000
|
| Size: |
16384
|
|
|
64C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526891055.000000000064C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64C000
|
| Size: |
147456
|
|
|
4F6F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1460175761.0000000004F6F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4F6F000
|
| Size: |
4096
|
|
|
62A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527894043.000000000062A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62A000
|
| Size: |
32768
|
|
|
4D1B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527255806.0000000004D1B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D1B000
|
| Size: |
61440
|
|
|
6A8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1792704993.00000000006A8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6A8000
|
| Size: |
81920
|
|
|
524E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1460260235.000000000524E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
524E000
|
| Size: |
8192
|
|
|
510000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1458387591.0000000000510000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
510000
|
| Size: |
8192
|
|
|
35E1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3862269817.00000000035E1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
35E1000
|
| Size: |
16384
|
|
|
A90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1878240041.0000000000A90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A90000
|
| Size: |
12288
|
|
|
87A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1877872839.000000000087A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
87A000
|
| Size: |
4096
|
|
|
4A7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1795382702.0000000004A7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A7E000
|
| Size: |
8192
|
|
|
A70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1794003626.0000000000A70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A70000
|
| Size: |
12288
|
|
|
214B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3860767258.000000000214B000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
214B000
|
| Size: |
4096
|
|
|
4D1A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1528946068.0000000004D1A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D1A000
|
| Size: |
36864
|
|
|
26A8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1878562030.00000000026A8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
26A8000
|
| Size: |
4096
|
|
|
73A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1458922671.000000000073A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
73A000
|
| Size: |
8192
|
|
|
4800000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1880731195.0000000004800000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4800000
|
| Size: |
65536
|
|
|
6BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1458814302.00000000006BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6BF000
|
| Size: |
4096
|
|
|
440000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1875336836.0000000000440000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
440000
|
| Size: |
4096
|
|
|
218E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3860787759.000000000218E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
218E000
|
| Size: |
8192
|
|
|
635000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527539481.0000000000635000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
635000
|
| Size: |
241664
|
|
|
6B1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529133523.00000000006B1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B1000
|
| Size: |
8192
|
|
|
7CF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1459362294.00000000007CF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7CF000
|
| Size: |
233472
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
627000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529833082.0000000000627000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
627000
|
| Size: |
4096
|
|
|
6F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1708382218.00000000006F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6F0000
|
| Size: |
24576
|
|
|
417000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000000.00000002.1458114902.0000000000417000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
417000
|
| Size: |
4096
|
|
|
4E2F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1460141933.0000000004E2F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4E2F000
|
| Size: |
4096
|
|
|
49CC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3862919133.00000000049CC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
49CC000
|
| Size: |
16384
|
|
|
4FB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1533269381.00000000004FB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4FB000
|
| Size: |
4096
|
|
|
6D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527421822.00000000006D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6D5000
|
| Size: |
24576
|
|
|
4D1A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527333990.0000000004D1A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D1A000
|
| Size: |
4096
|
|
|
5F3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1875400121.00000000005F3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F3000
|
| Size: |
61440
|
|
|
49CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1709837285.00000000049CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
49CE000
|
| Size: |
8192
|
|
|
686000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526918521.0000000000686000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
686000
|
| Size: |
40960
|
|
|
64C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527964001.000000000064C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64C000
|
| Size: |
147456
|
|
|
880000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3860659730.0000000000880000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
880000
|
| Size: |
12288
|
|
|
600000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1533151081.0000000000600000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
600000
|
| Size: |
90112
|
|
|
850000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1877280009.0000000000850000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
850000
|
| Size: |
8192
|
|
|
5E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1533896595.00000000005E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5E0000
|
| Size: |
36864
|
|
|
49D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1709858284.00000000049D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
49D0000
|
| Size: |
4096
|
|
|
3681000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1878824863.0000000003681000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3681000
|
| Size: |
8192
|
|
|
6B1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534370017.00000000006B1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B1000
|
| Size: |
8192
|
|
|
970000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1793869535.0000000000970000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
970000
|
| Size: |
12288
|
|
|
9A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3860043574.000000000009A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9A000
|
| Size: |
24576
|
|
|
4BEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1460093106.0000000004BEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4BEE000
|
| Size: |
8192
|
|
|
6D3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534499581.00000000006D3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6D3000
|
| Size: |
8192
|
|
|
70F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3860249344.000000000070F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
70F000
|
| Size: |
225280
|
|
|
C30000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1794684576.0000000000C30000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
C30000
|
| Size: |
4096
|
|
|
762000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3860249344.0000000000762000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
762000
|
| Size: |
4096
|
|
|
5F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1532337838.00000000005F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F1000
|
| Size: |
57344
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
747000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1458967083.0000000000747000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
747000
|
| Size: |
8192
|
|
|
A80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1709337240.0000000000A80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
A80000
|
| Size: |
12288
|
|
|
627000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527060570.0000000000627000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
627000
|
| Size: |
28672
|
|
|
689000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527441481.0000000000689000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
689000
|
| Size: |
24576
|
|
|
952000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000006.00000002.1708689449.0000000000952000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
952000
|
| Size: |
16384
|
|
|
4D2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1460127746.0000000004D2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4D2E000
|
| Size: |
8192
|
|
|
23BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1459807377.00000000023BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
23BF000
|
| Size: |
4096
|
|
|
6D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1792704993.00000000006D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6D5000
|
| Size: |
233472
|
|
|
36E1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1709581118.00000000036E1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
36E1000
|
| Size: |
8192
|
|
|
67D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526294205.000000000067D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67D000
|
| Size: |
77824
|
|
|
AC0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1794235387.0000000000AC0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
AC0000
|
| Size: |
65536
|
|
|
47C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1879880176.00000000047C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
47C0000
|
| Size: |
12288
|
|
|
3724000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1795178969.0000000003724000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3724000
|
| Size: |
4096
|
|
|
4C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1792608138.00000000004C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4C0000
|
| Size: |
16384
|
|
|
A90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1709424102.0000000000A90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A90000
|
| Size: |
12288
|
|
|
850000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3860544906.0000000000850000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
850000
|
| Size: |
12288
|
|
|
4800000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000006.00000002.1709721466.0000000004800000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4800000
|
| Size: |
65536
|
|
|
494D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3862835979.000000000494D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
494D000
|
| Size: |
12288
|
|
|
676000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527459653.0000000000676000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
676000
|
| Size: |
77824
|
|
|
500000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1533768913.0000000000500000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
500000
|
| Size: |
4096
|
|
|
4CDF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1710037850.0000000004CDF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4CDF000
|
| Size: |
4096
|
|
|
66F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526526529.000000000066F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66F000
|
| Size: |
4096
|
|
|
6B1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527218072.00000000006B1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B1000
|
| Size: |
188416
|
|
|
4E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3860210568.00000000004E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4E5000
|
| Size: |
12288
|
|
|
B00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1459729950.0000000000B00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
B00000
|
| Size: |
65536
|
|
|
673000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526865339.0000000000673000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
673000
|
| Size: |
40960
|
|
|
6B1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1528972453.00000000006B1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B1000
|
| Size: |
8192
|
|
|
852000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1877421854.0000000000852000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
852000
|
| Size: |
16384
|
|
|
86A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3860607130.000000000086A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
86A000
|
| Size: |
12288
|
|
|
684000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527943824.0000000000684000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
684000
|
| Size: |
20480
|
|
|
6CE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1532650589.00000000006CE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6CE000
|
| Size: |
4096
|
|
|
860000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3860563475.0000000000860000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
860000
|
| Size: |
8192
|
|
|
75E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1708382218.000000000075E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
75E000
|
| Size: |
28672
|
|
|
95A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000006.00000002.1708762257.000000000095A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
95A000
|
| Size: |
4096
|
|
|
987000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000006.00000002.1709076307.0000000000987000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
987000
|
| Size: |
4096
|
|
|
937000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1793429150.0000000000937000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
937000
|
| Size: |
8192
|
|
|
972000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000006.00000002.1708923454.0000000000972000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
972000
|
| Size: |
4096
|
|
|
8F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1708567161.00000000008F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8F0000
|
| Size: |
4096
|
|
|
8CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1877942556.00000000008CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8CE000
|
| Size: |
8192
|
|
|
952000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1793656839.0000000000952000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
952000
|
| Size: |
4096
|
|
|
4A30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3863040974.0000000004A30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A30000
|
| Size: |
237568
|
|
|
670000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526799054.0000000000670000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
670000
|
| Size: |
53248
|
|
|
AD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1459706676.0000000000AD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
AD0000
|
| Size: |
49152
|
|
|
63B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527665399.000000000063B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63B000
|
| Size: |
217088
|
|
|
239F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1709509958.000000000239F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
239F000
|
| Size: |
4096
|
|
|
70D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1708382218.000000000070D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
70D000
|
| Size: |
69632
|
|
|
ABE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1459638053.0000000000ABE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
ABE000
|
| Size: |
8192
|
|
|
54E000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1533789955.000000000054E000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
54E000
|
| Size: |
8192
|
|
|
85A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1877607789.000000000085A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
85A000
|
| Size: |
4096
|
|
|
600000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1532337838.0000000000600000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
600000
|
| Size: |
159744
|
|
|
95A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1793707106.000000000095A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
95A000
|
| Size: |
4096
|
|
|
4E6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1460158674.0000000004E6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4E6E000
|
| Size: |
8192
|
|
|
684000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529455885.0000000000684000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
684000
|
| Size: |
180224
|
|
|
632000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527665399.0000000000632000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
632000
|
| Size: |
12288
|
|
|
670000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526435982.0000000000670000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
670000
|
| Size: |
53248
|
|
|
742000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1458967083.0000000000742000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
742000
|
| Size: |
16384
|
|
|
632000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529268404.0000000000632000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
632000
|
| Size: |
16384
|
|
|
48D0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1460028596.00000000048D0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
48D0000
|
| Size: |
4096
|
|
|
85C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1877767681.000000000085C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
85C000
|
| Size: |
4096
|
|
|
26A3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1878562030.00000000026A3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
26A3000
|
| Size: |
8192
|
|
|
619000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534085646.0000000000619000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
619000
|
| Size: |
57344
|
|
|
9CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1459594420.00000000009CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9CE000
|
| Size: |
8192
|
|
|
64D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529984690.000000000064D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64D000
|
| Size: |
143360
|
|
|
4EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1533269381.00000000004EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4EE000
|
| Size: |
8192
|
|
|
4CBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1795437595.0000000004CBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4CBF000
|
| Size: |
4096
|
|
|
4CF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534904762.0000000004CF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CF0000
|
| Size: |
135168
|
|
|
6DE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3860249344.00000000006DE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6DE000
|
| Size: |
192512
|
|
|
4BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1792496715.00000000004BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4BE000
|
| Size: |
8192
|
|
|
6DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1708361194.00000000006DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6DE000
|
| Size: |
8192
|
|
|
493E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1795297730.000000000493E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
493E000
|
| Size: |
8192
|
|
|
674000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534280676.0000000000674000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
674000
|
| Size: |
36864
|
|
|
430000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3860139211.0000000000430000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
430000
|
| Size: |
4096
|
|
|
6AE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527489796.00000000006AE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6AE000
|
| Size: |
12288
|
|
|
4A10000
|
unclassified section
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3863004927.0000000004A10000.00000004.10000000.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unclassified section
|
| Protect: |
page read and write
|
| Base address: |
4A10000
|
| Size: |
4096
|
|
|
199000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1457998330.0000000000199000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
199000
|
| Size: |
28672
|
|
|
A66000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534563147.0000000000A66000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A66000
|
| Size: |
36864
|
|
|
82F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1459362294.000000000082F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
82F000
|
| Size: |
61440
|
|
|
7CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1877093456.00000000007CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7CE000
|
| Size: |
8192
|
|
|
4890000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1795280295.0000000004890000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4890000
|
| Size: |
4096
|
|
|
6D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527489796.00000000006D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6D0000
|
| Size: |
20480
|
|
|
6CE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529133523.00000000006CE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6CE000
|
| Size: |
69632
|
|
|
67F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526399680.000000000067F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67F000
|
| Size: |
8192
|
|
|
47C7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3862494751.00000000047C7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
47C7000
|
| Size: |
4096
|
|
|
B10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1459758100.0000000000B10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B10000
|
| Size: |
16384
|
|
|
887000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1877897108.0000000000887000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
887000
|
| Size: |
4096
|
|
|
6B5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529133523.00000000006B5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B5000
|
| Size: |
12288
|
|
|
842000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1877176003.0000000000842000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
842000
|
| Size: |
4096
|
|
|
857000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1877421854.0000000000857000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
857000
|
| Size: |
8192
|
|
|
770000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1459047918.0000000000770000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
770000
|
| Size: |
12288
|
|
|
682000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526718624.0000000000682000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
682000
|
| Size: |
57344
|
|
|
199000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3860094637.0000000000199000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
199000
|
| Size: |
28672
|
|
|
4B0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3860175057.00000000004B0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
4B0000
|
| Size: |
8192
|
|
|
2751000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1794822972.0000000002751000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2751000
|
| Size: |
4096
|
|
|
3721000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1795178969.0000000003721000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3721000
|
| Size: |
8192
|
|
|
63B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526979870.000000000063B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63B000
|
| Size: |
348160
|
|
|
5D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1533877500.00000000005D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5D0000
|
| Size: |
4096
|
|
|
430000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1708163168.0000000000430000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
430000
|
| Size: |
4096
|
|
|
6DB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527400173.00000000006DB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6DB000
|
| Size: |
16384
|
|
|
627000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527637292.0000000000627000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
627000
|
| Size: |
57344
|
|
|
1E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1875292741.00000000001E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E0000
|
| Size: |
16384
|
|
|
78B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1459324689.000000000078B000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
78B000
|
| Size: |
4096
|
|
|
4D18000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527745178.0000000004D18000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D18000
|
| Size: |
8192
|
|
|
720000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1458878727.0000000000720000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
720000
|
| Size: |
8192
|
|
|
AF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1709464224.0000000000AF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AF0000
|
| Size: |
12288
|
|
|
62D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526764021.000000000062D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62D000
|
| Size: |
4096
|
|
|
922000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1793343445.0000000000922000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
922000
|
| Size: |
4096
|
|
|
62E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526604769.000000000062E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62E000
|
| Size: |
4096
|
|
|
9B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1874560539.000000000009B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9B000
|
| Size: |
20480
|
|
|
841000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1459362294.0000000000841000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
841000
|
| Size: |
102400
|
|
|
79E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1459362294.000000000079E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79E000
|
| Size: |
94208
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
4F3000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1533269381.00000000004F3000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4F3000
|
| Size: |
20480
|
|
|
4D17000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527280024.0000000004D17000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D17000
|
| Size: |
16384
|
|
|
790000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1459362294.0000000000790000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
790000
|
| Size: |
36864
|
|
|
47C9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3862494751.00000000047C9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
47C9000
|
| Size: |
24576
|
|
|
AD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1794265693.0000000000AD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AD0000
|
| Size: |
12288
|
|
|
680000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534300301.0000000000680000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
680000
|
| Size: |
16384
|
|
|
494E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1880807238.000000000494E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
494E000
|
| Size: |
8192
|
|
|
AB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1794166622.0000000000AB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
AB0000
|
| Size: |
65536
|
|
|
196000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1457998330.0000000000196000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
196000
|
| Size: |
8192
|
|
|
440000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3860157776.0000000000440000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
440000
|
| Size: |
4096
|
|
|
6CE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529455885.00000000006CE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6CE000
|
| Size: |
69632
|
|
|
84A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3860526121.000000000084A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
84A000
|
| Size: |
8192
|
|
|
5EB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1533896595.00000000005EB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5EB000
|
| Size: |
24576
|
|
|
55E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1875354923.000000000055E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
55E000
|
| Size: |
8192
|
|
|
79A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1459362294.000000000079A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
79A000
|
| Size: |
8192
|
|
|
400000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1392184162.0000000000400000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
400000
|
| Size: |
4096
|
|
|
2748000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1794822972.0000000002748000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2748000
|
| Size: |
4096
|
|
|
6CE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529686219.00000000006CE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6CE000
|
| Size: |
28672
|
|
|
196000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1875253433.0000000000196000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
196000
|
| Size: |
8192
|
|
|
92A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1793392628.000000000092A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
92A000
|
| Size: |
8192
|
|
|
920000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1708587628.0000000000920000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
920000
|
| Size: |
8192
|
|
|
677000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527607550.0000000000677000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
677000
|
| Size: |
73728
|
|
|
7B6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1459362294.00000000007B6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7B6000
|
| Size: |
73728
|
|
|
6B5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1528972453.00000000006B5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B5000
|
| Size: |
12288
|
|
|
12EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534818094.00000000012EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
12EE000
|
| Size: |
8192
|
|
|
4C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3860192346.00000000004C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4C0000
|
| Size: |
4096
|
|
|
4DDF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1710058697.0000000004DDF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4DDF000
|
| Size: |
4096
|
|
|
47C5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3862494751.00000000047C5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
47C5000
|
| Size: |
4096
|
|
|
4CEF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1460111406.0000000004CEF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4CEF000
|
| Size: |
4096
|
|
|
3684000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1878824863.0000000003684000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3684000
|
| Size: |
4096
|
|
|
6CF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529904125.00000000006CF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6CF000
|
| Size: |
24576
|
|
|
66F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526210425.000000000066F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66F000
|
| Size: |
135168
|
|
|
6D5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529642410.00000000006D5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6D5000
|
| Size: |
16384
|
|
|
4CEF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534874407.0000000004CEF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4CEF000
|
| Size: |
4096
|
|
|
2140000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3860715220.0000000002140000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2140000
|
| Size: |
4096
|
|
|
C1E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1794567687.0000000000C1E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C1E000
|
| Size: |
8192
|
|
|
47E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1792401943.000000000047E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47E000
|
| Size: |
8192
|
|
|
680000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526660380.0000000000680000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
680000
|
| Size: |
65536
|
|
|
55E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1458411040.000000000055E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
55E000
|
| Size: |
8192
|
|
|
62E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526979870.000000000062E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62E000
|
| Size: |
8192
|
|
|
6DA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529642410.00000000006DA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6DA000
|
| Size: |
20480
|
|
|
809000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1459362294.0000000000809000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
809000
|
| Size: |
131072
|
|
|
957000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000006.00000002.1708689449.0000000000957000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
957000
|
| Size: |
8192
|
|
|
76A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1459035923.000000000076A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
76A000
|
| Size: |
4096
|
|
|
670000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529791628.0000000000670000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
670000
|
| Size: |
53248
|
|
|
4B7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1795400707.0000000004B7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4B7F000
|
| Size: |
4096
|
|
|
673000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526815366.0000000000673000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
673000
|
| Size: |
40960
|
|
|
51EC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1460242359.00000000051EC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
51EC000
|
| Size: |
16384
|
|
|
89F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1792948125.000000000089F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
89F000
|
| Size: |
4096
|
|
|
4A0D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3862966811.0000000004A0D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A0D000
|
| Size: |
12288
|
|
|
ADE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1709445581.0000000000ADE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
ADE000
|
| Size: |
8192
|
|
|
4C9F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1881016502.0000000004C9F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C9F000
|
| Size: |
4096
|
|
|
671000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529917785.0000000000671000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
671000
|
| Size: |
49152
|
|
|
8A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1793049203.00000000008A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8A0000
|
| Size: |
4096
|
|
|
7F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1877139461.00000000007F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7F0000
|
| Size: |
4096
|
|
|
9B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1457918651.000000000009B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9B000
|
| Size: |
20480
|
|
|
67E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529966863.000000000067E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67E000
|
| Size: |
24576
|
|
|
590000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1875400121.0000000000590000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
590000
|
| Size: |
24576
|
|
|
64F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534223429.000000000064F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64F000
|
| Size: |
135168
|
|
|
430000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1458338858.0000000000430000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
430000
|
| Size: |
4096
|
|
|
4E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3860210568.00000000004E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4E0000
|
| Size: |
16384
|
|
|
4BAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1460077929.0000000004BAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4BAE000
|
| Size: |
8192
|
|
|
9BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1793959781.00000000009BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9BE000
|
| Size: |
8192
|
|
|
233F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1878506055.000000000233F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
233F000
|
| Size: |
4096
|
|
|
687000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534353718.0000000000687000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
687000
|
| Size: |
8192
|
|
|
97A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000006.00000002.1708997203.000000000097A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
97A000
|
| Size: |
4096
|
|
|
732000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1458903680.0000000000732000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
732000
|
| Size: |
4096
|
|
|
67D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526682219.000000000067D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67D000
|
| Size: |
12288
|
|
|
685000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1533127189.0000000000685000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
685000
|
| Size: |
16384
|
|
|
4D18000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529577479.0000000004D18000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D18000
|
| Size: |
8192
|
|
|
9B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1708013891.000000000009B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9B000
|
| Size: |
20480
|
|
|
273B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1459824202.000000000273B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
273B000
|
| Size: |
49152
|
|
|
374B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1795178969.000000000374B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
374B000
|
| Size: |
8192
|
|
|
9B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1791512683.000000000009B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9B000
|
| Size: |
20480
|
|
|
580000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1533861391.0000000000580000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
580000
|
| Size: |
4096
|
|
|
762000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1459023460.0000000000762000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
762000
|
| Size: |
4096
|
|
|
570000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000006.00000002.1708223909.0000000000570000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
570000
|
| Size: |
4096
|
|
|
47BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3862467596.00000000047BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47BF000
|
| Size: |
4096
|
|
|
490E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1709760245.000000000490E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
490E000
|
| Size: |
8192
|
|
|
4800000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3862639023.0000000004800000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4800000
|
| Size: |
65536
|
|
|
2142000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3860731442.0000000002142000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2142000
|
| Size: |
4096
|
|
|
9CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1709269204.00000000009CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
9CE000
|
| Size: |
8192
|
|
|
6B1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529455885.00000000006B1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B1000
|
| Size: |
8192
|
|
|
8EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1708546186.00000000008EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8EF000
|
| Size: |
4096
|
|
|
6F8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1708382218.00000000006F8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6F8000
|
| Size: |
81920
|
|
|
47C4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1879880176.00000000047C4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
47C4000
|
| Size: |
28672
|
|
|
4D11000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529577479.0000000004D11000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D11000
|
| Size: |
8192
|
|
|
6D0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1458837348.00000000006D0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
6D0000
|
| Size: |
4096
|
|
|
686000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526381918.0000000000686000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
686000
|
| Size: |
40960
|
|
|
69F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1708345062.000000000069F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
69F000
|
| Size: |
4096
|
|
|
4D11000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527745178.0000000004D11000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D11000
|
| Size: |
4096
|
|
|
64C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526526529.000000000064C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64C000
|
| Size: |
24576
|
|
|
967000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1793829562.0000000000967000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
967000
|
| Size: |
4096
|
|
|
196000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3860094637.0000000000196000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
196000
|
| Size: |
8192
|
|
|
747000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3860249344.0000000000747000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
747000
|
| Size: |
81920
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
670000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527303126.0000000000670000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
670000
|
| Size: |
126976
|
|
|
930000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1708609728.0000000000930000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
930000
|
| Size: |
12288
|
|
|
4D12000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527357338.0000000004D12000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D12000
|
| Size: |
20480
|
|
|
6B1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529686219.00000000006B1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B1000
|
| Size: |
8192
|
|
|
93C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1793634956.000000000093C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
93C000
|
| Size: |
4096
|
|
|
4FAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1460191761.0000000004FAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4FAE000
|
| Size: |
8192
|
|
|
4850000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3862795520.0000000004850000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4850000
|
| Size: |
4096
|
|
|
83F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1459362294.000000000083F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
83F000
|
| Size: |
4096
|
|
|
46BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3862414262.00000000046BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
46BE000
|
| Size: |
8192
|
|
|
2721000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1794822972.0000000002721000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2721000
|
| Size: |
131072
|
|
|
842000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3860505424.0000000000842000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
842000
|
| Size: |
8192
|
|
|
8AF000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534532636.00000000008AF000.00000004.00000001.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
8AF000
|
| Size: |
4096
|
|
|
70F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1792704993.000000000070F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
70F000
|
| Size: |
20480
|
|
|
570000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1533827143.0000000000570000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
570000
|
| Size: |
16384
|
|
|
67D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527040276.000000000067D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67D000
|
| Size: |
77824
|
|
|
950000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1708671246.0000000000950000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
950000
|
| Size: |
8192
|
|
|
4ADF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1709994184.0000000004ADF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4ADF000
|
| Size: |
4096
|
|
|
4AAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1460062058.0000000004AAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4AAE000
|
| Size: |
8192
|
|
|
4A3F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1795364063.0000000004A3F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A3F000
|
| Size: |
4096
|
|
|
362F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3862269817.000000000362F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
362F000
|
| Size: |
4096
|
|
|
4820000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3862709536.0000000004820000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4820000
|
| Size: |
12288
|
|
|
5AD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1875400121.00000000005AD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5AD000
|
| Size: |
65536
|
|
|
681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526315309.0000000000681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
681000
|
| Size: |
61440
|
|
|
93A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1793518393.000000000093A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
93A000
|
| Size: |
4096
|
|
|
4D13000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529334047.0000000004D13000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D13000
|
| Size: |
28672
|
|
|
D2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534641329.0000000000D2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
D2E000
|
| Size: |
8192
|
|
|
4840000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3862755360.0000000004840000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4840000
|
| Size: |
65536
|
|
|
498C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3862882899.000000000498C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
498C000
|
| Size: |
16384
|
|
|
490E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1880771423.000000000490E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
490E000
|
| Size: |
8192
|
|
|
5F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1533896595.00000000005F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5F4000
|
| Size: |
45056
|
|
|
68A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1532650589.000000000068A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
68A000
|
| Size: |
155648
|
|
|
6CE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534370017.00000000006CE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6CE000
|
| Size: |
4096
|
|
|
199000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1791871706.0000000000199000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
199000
|
| Size: |
28672
|
|
|
45E8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3862353605.00000000045E8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
45E8000
|
| Size: |
8192
|
|
|
67F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526718624.000000000067F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
67F000
|
| Size: |
4096
|
|
|
4BEF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534841725.0000000004BEF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4BEF000
|
| Size: |
4096
|
|
|
66F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526487182.000000000066F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66F000
|
| Size: |
4096
|
|
|
62D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529833082.000000000062D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
62D000
|
| Size: |
20480
|
|
|
68C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534370017.000000000068C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
68C000
|
| Size: |
147456
|
|
|
678000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1527076356.0000000000678000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
678000
|
| Size: |
20480
|
|
|
5B5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1458732273.00000000005B5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5B5000
|
| Size: |
16384
|
|
|
26B1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1878562030.00000000026B1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
26B1000
|
| Size: |
4096
|
|
|
95C000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000006.00000002.1708809825.000000000095C000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
95C000
|
| Size: |
4096
|
|
|
59E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1458710302.000000000059E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
59E000
|
| Size: |
8192
|
|
|
88B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1877918775.000000000088B000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
88B000
|
| Size: |
4096
|
|
|
213A000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3860694971.000000000213A000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
213A000
|
| Size: |
4096
|
|
|
63B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526487182.000000000063B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63B000
|
| Size: |
94208
|
|
|
6DA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3860249344.00000000006DA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6DA000
|
| Size: |
8192
|
|
|
8D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1793141320.00000000008D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8D0000
|
| Size: |
4096
|
|
|
1E5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1875292741.00000000001E5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1E5000
|
| Size: |
12288
|
|
|
575000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1533827143.0000000000575000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
575000
|
| Size: |
12288
|
|
|
12AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534776493.00000000012AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
12AE000
|
| Size: |
8192
|
|
|
689000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526455704.0000000000689000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
689000
|
| Size: |
28672
|
|
|
4990000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1880859872.0000000004990000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4990000
|
| Size: |
4096
|
|
|
498E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1880833010.000000000498E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
498E000
|
| Size: |
8192
|
|
|
6B5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1532650589.00000000006B5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B5000
|
| Size: |
12288
|
|
|
402000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000000.00000002.1458114902.0000000000402000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
402000
|
| Size: |
36864
|
|
|
96B000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1793851630.000000000096B000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
96B000
|
| Size: |
4096
|
|
|
494E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1709784258.000000000494E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
494E000
|
| Size: |
8192
|
|
|
932000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000007.00000002.1793429150.0000000000932000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
932000
|
| Size: |
16384
|
|
|
64C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529361593.000000000064C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
64C000
|
| Size: |
200704
|
|
|
41A000
|
unkown
|
page execute read
|
|
|
|
| Name: |
00000000.00000002.1458114902.000000000041A000.00000020.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute read
|
| Base address: |
41A000
|
| Size: |
8192
|
|
|
2743000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000007.00000002.1794822972.0000000002743000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
7
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2743000
|
| Size: |
8192
|
|
|
75C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3860249344.000000000075C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
75C000
|
| Size: |
20480
|
|
|
682000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1526399680.0000000000682000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
682000
|
| Size: |
16384
|
|
|
50EC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1460225957.00000000050EC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
50EC000
|
| Size: |
16384
|
|
|
872000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000008.00000002.1877795982.0000000000872000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
872000
|
| Size: |
4096
|
|
|
5B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1458732273.00000000005B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5B0000
|
| Size: |
16384
|
|
|
63A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1534180934.000000000063A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63A000
|
| Size: |
73728
|
|
|
370B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000006.00000002.1709581118.000000000370B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
6
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
370B000
|
| Size: |
8192
|
|
|
628000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1529614052.0000000000628000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
628000
|
| Size: |
40960
|
|
|
78F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000008.00000002.1876973832.000000000078F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
8
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
78F000
|
| Size: |
4096
|
|
