|
2876000
|
trusted library allocation
|
page read and write
|
 |
|
|
| Name: |
00000000.00000002.1189062404.0000000002876000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2876000
|
| Size: |
294912
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected RedLine Stealer |
Stealing of Sensitive Information, Remote Access Functionality |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
| Yara detected Credential Stealer |
Stealing of Sensitive Information |
|
| URLs found in memory or binary data |
Networking |
|
|
|
462000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1045515269.0000000000462000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
462000
|
| Size: |
192512
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected RedLine Stealer |
Stealing of Sensitive Information, Remote Access Functionality |
|
|
|
2D30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002D30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D30000
|
| Size: |
16384
|
|
|
7430000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1203523585.0000000007430000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7430000
|
| Size: |
53248
|
|
|
A73000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188131163.0000000000A73000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A73000
|
| Size: |
4096
|
|
|
3B46000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003B46000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B46000
|
| Size: |
4096
|
|
|
2ADB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002ADB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2ADB000
|
| Size: |
8192
|
|
|
5D55000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1199512902.0000000005D55000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5D55000
|
| Size: |
28672
|
|
|
E0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188813723.0000000000E0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E0E000
|
| Size: |
8192
|
|
|
2BF9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002BF9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BF9000
|
| Size: |
8192
|
|
|
3BEC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003BEC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BEC000
|
| Size: |
8192
|
|
|
4C8D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195180657.0000000004C8D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4C8D000
|
| Size: |
16384
|
|
|
2960000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002960000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2960000
|
| Size: |
286720
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
5CD6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1198401935.0000000005CD6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5CD6000
|
| Size: |
81920
|
|
|
9C5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188085189.00000000009C5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9C5000
|
| Size: |
16384
|
|
|
4F10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195905042.0000000004F10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4F10000
|
| Size: |
12288
|
|
|
28E5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.00000000028E5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
28E5000
|
| Size: |
126976
|
|
|
6A1F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1201145237.0000000006A1F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6A1F000
|
| Size: |
4096
|
|
|
714F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1203107910.000000000714F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
714F000
|
| Size: |
4096
|
|
|
97D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1187968169.000000000097D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
97D000
|
| Size: |
12288
|
|
|
590E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1196290678.000000000590E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
590E000
|
| Size: |
8192
|
|
|
69CD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1201040959.00000000069CD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
69CD000
|
| Size: |
12288
|
|
|
29A7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.00000000029A7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
29A7000
|
| Size: |
8192
|
|
|
747B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207521052.000000000747B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
747B000
|
| Size: |
8192
|
|
|
9B4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188051377.00000000009B4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
9B4000
|
| Size: |
12288
|
|
|
CC2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188658005.0000000000CC2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
CC2000
|
| Size: |
4096
|
|
|
28DC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.00000000028DC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
28DC000
|
| Size: |
8192
|
|
|
27DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189043006.00000000027DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
27DE000
|
| Size: |
8192
|
|
|
295A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.000000000295A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
295A000
|
| Size: |
12288
|
|
|
520E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1196184021.000000000520E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
520E000
|
| Size: |
8192
|
|
|
3923000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003923000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3923000
|
| Size: |
20480
|
|
|
3BF1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003BF1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BF1000
|
| Size: |
8192
|
|
|
3AA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003AA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AA0000
|
| Size: |
16384
|
|
|
530E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1196209203.000000000530E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
530E000
|
| Size: |
8192
|
|
|
3AF4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003AF4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AF4000
|
| Size: |
4096
|
|
|
2C0C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002C0C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C0C000
|
| Size: |
4096
|
|
|
29B6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.00000000029B6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
29B6000
|
| Size: |
12288
|
|
|
508F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1196095191.000000000508F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
508F000
|
| Size: |
4096
|
|
|
2DCD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002DCD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DCD000
|
| Size: |
28672
|
|
|
2CAD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002CAD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CAD000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
CC7000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1188695640.0000000000CC7000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
CC7000
|
| Size: |
4096
|
|
|
3B39000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003B39000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B39000
|
| Size: |
8192
|
|
|
2905000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002905000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2905000
|
| Size: |
4096
|
|
|
6A32000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1202441482.0000000006A32000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6A32000
|
| Size: |
8192
|
|
|
684D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1200719232.000000000684D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
684D000
|
| Size: |
12288
|
|
|
2A10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002A10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2A10000
|
| Size: |
176128
|
|
|
392A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.000000000392A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
392A000
|
| Size: |
86016
|
|
|
6ABD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1202666095.0000000006ABD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6ABD000
|
| Size: |
12288
|
|
|
5DC3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1199724900.0000000005DC3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5DC3000
|
| Size: |
36864
|
|
|
4CA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195466311.0000000004CA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4CA0000
|
| Size: |
65536
|
|
|
6A0F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1201145237.0000000006A0F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6A0F000
|
| Size: |
8192
|
|
|
5A3E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1196335203.0000000005A3E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5A3E000
|
| Size: |
8192
|
|
|
7474000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207493970.0000000007474000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7474000
|
| Size: |
20480
|
|
|
2D20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002D20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D20000
|
| Size: |
32768
|
|
|
39A5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.00000000039A5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39A5000
|
| Size: |
8192
|
|
|
2D4D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002D4D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D4D000
|
| Size: |
4096
|
|
|
28CF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.00000000028CF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
28CF000
|
| Size: |
16384
|
|
|
39BB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.00000000039BB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39BB000
|
| Size: |
4096
|
|
|
2956000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002956000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2956000
|
| Size: |
4096
|
|
|
8F7000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1187927087.00000000008F7000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8F7000
|
| Size: |
36864
|
|
|
2B21000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002B21000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B21000
|
| Size: |
8192
|
|
|
39D2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.00000000039D2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39D2000
|
| Size: |
16384
|
|
|
FDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188833446.0000000000FDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
FDE000
|
| Size: |
8192
|
|
|
39B2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.00000000039B2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39B2000
|
| Size: |
4096
|
|
|
29D6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.00000000029D6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
29D6000
|
| Size: |
8192
|
|
|
3C36000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003C36000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C36000
|
| Size: |
8192
|
|
|
26D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189021986.00000000026D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
26D0000
|
| Size: |
4096
|
|
|
5C90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1198064394.0000000005C90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5C90000
|
| Size: |
65536
|
|
|
69F0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1201145237.00000000069F0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
69F0000
|
| Size: |
4096
|
|
|
5DCE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1199913093.0000000005DCE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5DCE000
|
| Size: |
4096
|
|
|
6B20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1202873968.0000000006B20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6B20000
|
| Size: |
4096
|
|
|
7A70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207922439.0000000007A70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7A70000
|
| Size: |
323584
|
|
|
5CA0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1198151075.0000000005CA0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5CA0000
|
| Size: |
65536
|
|
|
5E40000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1200329419.0000000005E40000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5E40000
|
| Size: |
16384
|
|
|
3C3B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003C3B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C3B000
|
| Size: |
700416
|
|
|
2958000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002958000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2958000
|
| Size: |
4096
|
|
|
79D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207876657.00000000079D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
79D0000
|
| Size: |
53248
|
|
|
600A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1200501940.000000000600A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
600A000
|
| Size: |
24576
|
|
|
4D40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195726527.0000000004D40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D40000
|
| Size: |
4096
|
|
|
4F15000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195905042.0000000004F15000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4F15000
|
| Size: |
8192
|
|
|
4F18000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195905042.0000000004F18000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4F18000
|
| Size: |
4096
|
|
|
39C9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.00000000039C9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39C9000
|
| Size: |
8192
|
|
|
5A32000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1196335203.0000000005A32000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5A32000
|
| Size: |
36864
|
|
|
3C2B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003C2B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C2B000
|
| Size: |
8192
|
|
|
93E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1187949853.000000000093E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
93E000
|
| Size: |
8192
|
|
|
3907000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003907000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3907000
|
| Size: |
4096
|
|
|
5DAE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1199724900.0000000005DAE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5DAE000
|
| Size: |
45056
|
|
|
2C16000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002C16000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C16000
|
| Size: |
4096
|
|
|
5A0F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1196313168.0000000005A0F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5A0F000
|
| Size: |
4096
|
|
|
2BE5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002BE5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BE5000
|
| Size: |
8192
|
|
|
2C8E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002C8E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C8E000
|
| Size: |
8192
|
|
|
2C11000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002C11000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C11000
|
| Size: |
4096
|
|
|
3966000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003966000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3966000
|
| Size: |
8192
|
|
|
2E04000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002E04000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E04000
|
| Size: |
8192
|
|
|
6A20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1202041012.0000000006A20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6A20000
|
| Size: |
4096
|
|
|
5D51000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1199489596.0000000005D51000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5D51000
|
| Size: |
8192
|
|
|
5A10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1196335203.0000000005A10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5A10000
|
| Size: |
36864
|
|
|
3918000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003918000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3918000
|
| Size: |
8192
|
|
|
9D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188131163.00000000009D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9D0000
|
| Size: |
49152
|
|
|
76EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207725422.00000000076EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
76EE000
|
| Size: |
8192
|
|
|
3940000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003940000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3940000
|
| Size: |
4096
|
|
|
3C12000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003C12000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C12000
|
| Size: |
8192
|
|
|
3978000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003978000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3978000
|
| Size: |
8192
|
|
|
2AA8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002AA8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2AA8000
|
| Size: |
16384
|
|
|
3B8A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003B8A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B8A000
|
| Size: |
12288
|
|
|
5B50000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1197762315.0000000005B50000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5B50000
|
| Size: |
65536
|
|
|
4C92000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195180657.0000000004C92000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4C92000
|
| Size: |
49152
|
|
|
9BD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1188069442.00000000009BD000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
9BD000
|
| Size: |
4096
|
|
|
5D35000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1199405550.0000000005D35000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5D35000
|
| Size: |
57344
|
|
|
3C18000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003C18000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C18000
|
| Size: |
8192
|
|
|
2DD5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002DD5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DD5000
|
| Size: |
4096
|
|
|
6A08000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1201145237.0000000006A08000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6A08000
|
| Size: |
4096
|
|
|
3BB9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003BB9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BB9000
|
| Size: |
16384
|
|
|
4C64000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195180657.0000000004C64000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4C64000
|
| Size: |
16384
|
|
|
4D50000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195742367.0000000004D50000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4D50000
|
| Size: |
4096
|
|
|
5A1B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1196335203.0000000005A1B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5A1B000
|
| Size: |
20480
|
|
|
FF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188870570.0000000000FF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FF0000
|
| Size: |
16384
|
|
|
78E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207795496.00000000078E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
78E1000
|
| Size: |
4096
|
|
|
5A21000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1196335203.0000000005A21000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5A21000
|
| Size: |
16384
|
|
|
C9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188490944.0000000000C9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C9E000
|
| Size: |
8192
|
|
|
39E3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.00000000039E3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39E3000
|
| Size: |
679936
|
|
|
4A6000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1045548463.00000000004A6000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
4A6000
|
| Size: |
36864
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
2AF1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002AF1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2AF1000
|
| Size: |
12288
|
|
|
70CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1203049563.00000000070CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
70CE000
|
| Size: |
8192
|
|
|
3B2E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003B2E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B2E000
|
| Size: |
8192
|
|
|
5A26000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1196335203.0000000005A26000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5A26000
|
| Size: |
45056
|
|
|
3C30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003C30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C30000
|
| Size: |
8192
|
|
|
6890000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1200790370.0000000006890000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6890000
|
| Size: |
65536
|
|
|
2CB3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002CB3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CB3000
|
| Size: |
438272
|
|
|
6A1A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1201145237.0000000006A1A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6A1A000
|
| Size: |
8192
|
|
|
9DE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188131163.00000000009DE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9DE000
|
| Size: |
98304
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Sample file is different than original file name gathered from version info |
System Summary |
|
|
|
CF0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1188761419.0000000000CF0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
CF0000
|
| Size: |
65536
|
|
|
2B42000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002B42000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B42000
|
| Size: |
483328
|
|
|
5D64000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1199551910.0000000005D64000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5D64000
|
| Size: |
20480
|
|
|
3916000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003916000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3916000
|
| Size: |
4096
|
|
|
2618000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188942025.0000000002618000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2618000
|
| Size: |
8192
|
|
|
26B0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1188974894.00000000026B0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
26B0000
|
| Size: |
4096
|
|
|
5FA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1200425778.0000000005FA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5FA0000
|
| Size: |
65536
|
|
|
29DD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.00000000029DD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
29DD000
|
| Size: |
8192
|
|
|
CCB000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1188714536.0000000000CCB000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
CCB000
|
| Size: |
8192
|
|
|
5D7A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1199608131.0000000005D7A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5D7A000
|
| Size: |
61440
|
|
|
2E0F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002E0F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E0F000
|
| Size: |
8192
|
|
|
50CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1196132897.00000000050CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
50CE000
|
| Size: |
8192
|
|
|
2B2B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002B2B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B2B000
|
| Size: |
8192
|
|
|
6B6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1202919854.0000000006B6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6B6E000
|
| Size: |
8192
|
|
|
497000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1045548463.0000000000497000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
497000
|
| Size: |
57344
|
|
|
3B66000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003B66000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B66000
|
| Size: |
12288
|
|
|
3BE5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003BE5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BE5000
|
| Size: |
8192
|
|
|
5A80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1197096143.0000000005A80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5A80000
|
| Size: |
65536
|
|
|
FE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188851115.0000000000FE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
FE0000
|
| Size: |
12288
|
|
|
391E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.000000000391E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
391E000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
5DA2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1199724900.0000000005DA2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5DA2000
|
| Size: |
8192
|
|
|
CE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188734121.0000000000CE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
CE0000
|
| Size: |
4096
|
|
|
2C84000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002C84000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C84000
|
| Size: |
36864
|
|
|
5DD0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1199951662.0000000005DD0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5DD0000
|
| Size: |
65536
|
|
|
3B8F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003B8F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B8F000
|
| Size: |
118784
|
|
|
5E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1187912850.00000000005E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5E0000
|
| Size: |
4096
|
|
|
29AA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.00000000029AA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
29AA000
|
| Size: |
32768
|
|
|
743E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1203523585.000000000743E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
743E000
|
| Size: |
73728
|
|
|
73D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1203295152.00000000073D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
73D0000
|
| Size: |
20480
|
|
|
CAD000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1188534164.0000000000CAD000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
CAD000
|
| Size: |
4096
|
|
|
2952000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002952000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2952000
|
| Size: |
12288
|
|
|
75E7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207627460.00000000075E7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
75E7000
|
| Size: |
4096
|
|
|
2D29000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002D29000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D29000
|
| Size: |
24576
|
|
|
3BC6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003BC6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BC6000
|
| Size: |
8192
|
|
|
3B27000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003B27000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B27000
|
| Size: |
8192
|
|
|
2C05000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002C05000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C05000
|
| Size: |
4096
|
|
|
5DBC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1199724900.0000000005DBC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5DBC000
|
| Size: |
4096
|
|
|
AB9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188131163.0000000000AB9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
AB9000
|
| Size: |
90112
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
2AE5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002AE5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2AE5000
|
| Size: |
8192
|
|
|
3B1A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003B1A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B1A000
|
| Size: |
8192
|
|
|
6BAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1202973760.0000000006BAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6BAE000
|
| Size: |
8192
|
|
|
2E20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002E20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E20000
|
| Size: |
8192
|
|
|
3801000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003801000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3801000
|
| Size: |
708608
|
|
|
29B3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.00000000029B3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
29B3000
|
| Size: |
8192
|
|
|
3C1F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003C1F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C1F000
|
| Size: |
4096
|
|
|
729F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1203249582.000000000729F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
729F000
|
| Size: |
4096
|
|
|
69F2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1201145237.00000000069F2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
69F2000
|
| Size: |
8192
|
|
|
69F9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1201145237.00000000069F9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
69F9000
|
| Size: |
8192
|
|
|
4F70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1196040981.0000000004F70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4F70000
|
| Size: |
36864
|
|
|
5B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1187796018.00000000005B0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5B0000
|
| Size: |
4096
|
|
|
710E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1203081319.000000000710E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
710E000
|
| Size: |
8192
|
|
|
2AC9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002AC9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2AC9000
|
| Size: |
8192
|
|
|
688B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1200759557.000000000688B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
688B000
|
| Size: |
20480
|
|
|
460000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1045496771.0000000000460000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
460000
|
| Size: |
4096
|
|
|
28BF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.00000000028BF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
28BF000
|
| Size: |
8192
|
|
|
3BDA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003BDA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BDA000
|
| Size: |
8192
|
|
|
2DC4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002DC4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DC4000
|
| Size: |
32768
|
|
|
3C28000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003C28000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C28000
|
| Size: |
4096
|
|
|
2A04000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002A04000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2A04000
|
| Size: |
16384
|
|
|
7453000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207421228.0000000007453000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7453000
|
| Size: |
131072
|
|
|
3A90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003A90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3A90000
|
| Size: |
4096
|
|
|
7411000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1203523585.0000000007411000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7411000
|
| Size: |
65536
|
|
|
4CF0000
|
heap
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1195673602.0000000004CF0000.00000040.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page execute and read and write
|
| Base address: |
4CF0000
|
| Size: |
4096
|
|
|
9B3000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1188033442.00000000009B3000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
9B3000
|
| Size: |
4096
|
|
|
5CD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1198401935.0000000005CD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5CD0000
|
| Size: |
12288
|
|
|
3AA8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003AA8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3AA8000
|
| Size: |
163840
|
|
|
CB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188555574.0000000000CB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
CB0000
|
| Size: |
4096
|
|
|
54A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1187776118.000000000054A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
54A000
|
| Size: |
24576
|
|
|
491C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195126028.000000000491C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
491C000
|
| Size: |
16384
|
|
|
5CB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1198242183.0000000005CB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5CB0000
|
| Size: |
65536
|
|
|
A75000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188131163.0000000000A75000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A75000
|
| Size: |
36864
|
|
|
4F80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1196067422.0000000004F80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4F80000
|
| Size: |
8192
|
|
|
9A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1187983719.00000000009A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
9A0000
|
| Size: |
8192
|
|
|
3C0B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003C0B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C0B000
|
| Size: |
8192
|
|
|
396D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.000000000396D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
396D000
|
| Size: |
8192
|
|
|
2BCB000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002BCB000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BCB000
|
| Size: |
8192
|
|
|
9B0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188000541.00000000009B0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
9B0000
|
| Size: |
12288
|
|
|
4F6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1196016646.0000000004F6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4F6E000
|
| Size: |
8192
|
|
|
3BD3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003BD3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BD3000
|
| Size: |
8192
|
|
|
4F00000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1195846314.0000000004F00000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F00000
|
| Size: |
65536
|
|
|
293C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.000000000293C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
293C000
|
| Size: |
86016
|
|
|
2BBA000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002BBA000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BBA000
|
| Size: |
32768
|
|
|
492000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1045548463.0000000000492000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
492000
|
| Size: |
16384
|
|
|
3C01000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003C01000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C01000
|
| Size: |
16384
|
|
|
3913000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003913000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3913000
|
| Size: |
8192
|
|
|
74C1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207605872.00000000074C1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
74C1000
|
| Size: |
4096
|
|
|
390A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.000000000390A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
390A000
|
| Size: |
8192
|
|
|
68C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1200965349.00000000068C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
68C0000
|
| Size: |
8192
|
|
|
6A30000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1202441482.0000000006A30000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6A30000
|
| Size: |
4096
|
|
|
73D6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1203385413.00000000073D6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
73D6000
|
| Size: |
20480
|
|
|
4D63000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195783124.0000000004D63000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D63000
|
| Size: |
8192
|
|
|
69F5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1201145237.00000000069F5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
69F5000
|
| Size: |
12288
|
|
|
5CF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1198401935.0000000005CF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5CF4000
|
| Size: |
8192
|
|
|
3B40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003B40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B40000
|
| Size: |
8192
|
|
|
78D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207758205.00000000078D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
78D0000
|
| Size: |
12288
|
|
|
6000000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1200501940.0000000006000000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6000000
|
| Size: |
36864
|
|
|
29C9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.00000000029C9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
29C9000
|
| Size: |
8192
|
|
|
6A24000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1202041012.0000000006A24000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6A24000
|
| Size: |
36864
|
|
|
3B7C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003B7C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B7C000
|
| Size: |
8192
|
|
|
39CE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.00000000039CE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39CE000
|
| Size: |
4096
|
|
|
78E6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207834508.00000000078E6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
78E6000
|
| Size: |
12288
|
|
|
5D00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1198401935.0000000005D00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5D00000
|
| Size: |
8192
|
|
|
2DF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002DF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DF0000
|
| Size: |
8192
|
|
|
5A65000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1196917770.0000000005A65000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5A65000
|
| Size: |
4096
|
|
|
3BF6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003BF6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BF6000
|
| Size: |
8192
|
|
|
39BF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.00000000039BF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39BF000
|
| Size: |
4096
|
|
|
5B00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1197602320.0000000005B00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5B00000
|
| Size: |
65536
|
|
|
FF6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188870570.0000000000FF6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FF6000
|
| Size: |
28672
|
|
|
29EF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.00000000029EF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
29EF000
|
| Size: |
8192
|
|
|
6B00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1202715506.0000000006B00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6B00000
|
| Size: |
40960
|
|
|
4CBE000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195506069.0000000004CBE000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4CBE000
|
| Size: |
8192
|
|
|
6A15000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1201145237.0000000006A15000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6A15000
|
| Size: |
4096
|
|
|
5D29000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1199363239.0000000005D29000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5D29000
|
| Size: |
12288
|
|
|
3B73000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003B73000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B73000
|
| Size: |
8192
|
|
|
5B60000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1197825009.0000000005B60000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5B60000
|
| Size: |
65536
|
|
|
39B6000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.00000000039B6000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39B6000
|
| Size: |
4096
|
|
|
CC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188639253.0000000000CC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
CC0000
|
| Size: |
4096
|
|
|
6A35000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1202441482.0000000006A35000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6A35000
|
| Size: |
45056
|
|
|
3989000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003989000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3989000
|
| Size: |
8192
|
|
|
2E16000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002E16000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E16000
|
| Size: |
8192
|
|
|
27E1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.00000000027E1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
27E1000
|
| Size: |
483328
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
4CC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195563564.0000000004CC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4CC0000
|
| Size: |
16384
|
|
|
5E2C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1200162223.0000000005E2C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5E2C000
|
| Size: |
16384
|
|
|
FFE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188920272.0000000000FFE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FFE000
|
| Size: |
4096
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
73F6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1203523585.00000000073F6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
73F6000
|
| Size: |
90112
|
|
|
5AA0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1197174964.0000000005AA0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5AA0000
|
| Size: |
65536
|
|
|
2A9A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002A9A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2A9A000
|
| Size: |
4096
|
|
|
2A3C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002A3C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2A3C000
|
| Size: |
307200
|
|
|
39AC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.00000000039AC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39AC000
|
| Size: |
4096
|
|
|
4C81000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195180657.0000000004C81000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4C81000
|
| Size: |
16384
|
|
|
2B26000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002B26000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B26000
|
| Size: |
8192
|
|
|
3984000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003984000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3984000
|
| Size: |
8192
|
|
|
3B85000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003B85000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B85000
|
| Size: |
4096
|
|
|
2DFD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002DFD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DFD000
|
| Size: |
8192
|
|
|
5AD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1197225828.0000000005AD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5AD0000
|
| Size: |
65536
|
|
|
2915000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002915000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2915000
|
| Size: |
4096
|
|
|
A13000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188131163.0000000000A13000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A13000
|
| Size: |
389120
|
|
|
4D60000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195783124.0000000004D60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D60000
|
| Size: |
4096
|
|
|
5B70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1197963151.0000000005B70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5B70000
|
| Size: |
65536
|
|
|
719E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1203225496.000000000719E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
719E000
|
| Size: |
8192
|
|
|
4C60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195180657.0000000004C60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4C60000
|
| Size: |
12288
|
|
|
6A0A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1201145237.0000000006A0A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6A0A000
|
| Size: |
8192
|
|
|
5A60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1196917770.0000000005A60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5A60000
|
| Size: |
4096
|
|
|
29BC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.00000000029BC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
29BC000
|
| Size: |
16384
|
|
|
295E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.000000000295E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
295E000
|
| Size: |
4096
|
|
|
399E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.000000000399E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
399E000
|
| Size: |
8192
|
|
|
39C1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.00000000039C1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39C1000
|
| Size: |
4096
|
|
|
4CD0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195631366.0000000004CD0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4CD0000
|
| Size: |
65536
|
|
|
75E0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207627460.00000000075E0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
75E0000
|
| Size: |
16384
|
|
|
3C22000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003C22000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C22000
|
| Size: |
8192
|
|
|
29F4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.00000000029F4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
29F4000
|
| Size: |
8192
|
|
|
4D52000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195742367.0000000004D52000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4D52000
|
| Size: |
12288
|
|
|
5CF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1198401935.0000000005CF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5CF0000
|
| Size: |
4096
|
|
|
5D91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1199687417.0000000005D91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5D91000
|
| Size: |
49152
|
|
|
5A90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1197136778.0000000005A90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5A90000
|
| Size: |
65536
|
|
|
2C7B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002C7B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C7B000
|
| Size: |
32768
|
|
|
3B77000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003B77000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B77000
|
| Size: |
4096
|
|
|
2BF2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002BF2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BF2000
|
| Size: |
8192
|
|
|
2C97000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002C97000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C97000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
7FC10000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1208131416.000000007FC10000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7FC10000
|
| Size: |
4096
|
|
|
5CF2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1198401935.0000000005CF2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5CF2000
|
| Size: |
4096
|
|
|
3B60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003B60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B60000
|
| Size: |
4096
|
|
|
4C7E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195180657.0000000004C7E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4C7E000
|
| Size: |
4096
|
|
|
26C0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188994343.00000000026C0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
26C0000
|
| Size: |
65536
|
|
|
5A51000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1196851275.0000000005A51000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5A51000
|
| Size: |
61440
|
|
|
5AF0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1197442444.0000000005AF0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5AF0000
|
| Size: |
65536
|
|
|
5CD4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1198401935.0000000005CD4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5CD4000
|
| Size: |
4096
|
|
|
5D12000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1198401935.0000000005D12000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5D12000
|
| Size: |
90112
|
|
|
2E1B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002E1B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E1B000
|
| Size: |
8192
|
|
|
3959000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003959000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3959000
|
| Size: |
8192
|
|
|
2E2B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002E2B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E2B000
|
| Size: |
16384
|
|
|
39C4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.00000000039C4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
39C4000
|
| Size: |
4096
|
|
|
2BC3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002BC3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BC3000
|
| Size: |
24576
|
|
|
5CC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1198352112.0000000005CC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5CC0000
|
| Size: |
65536
|
|
|
2936000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002936000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2936000
|
| Size: |
12288
|
|
|
D00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188791497.0000000000D00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D00000
|
| Size: |
16384
|
|
|
3B56000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003B56000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B56000
|
| Size: |
12288
|
|
|
A7F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188131163.0000000000A7F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A7F000
|
| Size: |
208896
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| AV process strings found (often used to terminate AV products) |
Lowering of HIPS / PFW / Operating System Security Settings |
Security Software Discovery
|
|
|
2B1A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002B1A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B1A000
|
| Size: |
8192
|
|
|
4CB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195506069.0000000004CB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4CB0000
|
| Size: |
53248
|
|
|
9C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188085189.00000000009C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9C0000
|
| Size: |
16384
|
|
|
CBA000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1188614596.0000000000CBA000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
CBA000
|
| Size: |
20480
|
|
|
2A9C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002A9C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2A9C000
|
| Size: |
4096
|
|
|
CB2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188576282.0000000000CB2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
CB2000
|
| Size: |
4096
|
|
|
2B36000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002B36000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2B36000
|
| Size: |
16384
|
|
|
2CA8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002CA8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CA8000
|
| Size: |
8192
|
|
|
3B6D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003B6D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B6D000
|
| Size: |
4096
|
|
|
4C6B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195180657.0000000004C6B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4C6B000
|
| Size: |
61440
|
|
|
2DD7000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002DD7000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DD7000
|
| Size: |
4096
|
|
|
747E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207521052.000000000747E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
747E000
|
| Size: |
8192
|
|
|
A04000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188131163.0000000000A04000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A04000
|
| Size: |
28672
|
|
|
2D51000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002D51000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D51000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
2C21000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002C21000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C21000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
29E8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.00000000029E8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
29E8000
|
| Size: |
8192
|
|
|
3C2E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003C2E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3C2E000
|
| Size: |
4096
|
|
|
2AFC000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002AFC000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2AFC000
|
| Size: |
94208
|
|
|
37E1000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.00000000037E1000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37E1000
|
| Size: |
36864
|
|
|
397F000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.000000000397F000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
397F000
|
| Size: |
8192
|
|
|
75E9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1207627460.00000000075E9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
75E9000
|
| Size: |
28672
|
|
|
4C86000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195180657.0000000004C86000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4C86000
|
| Size: |
16384
|
|
|
5F4C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1200367811.0000000005F4C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5F4C000
|
| Size: |
16384
|
|
|
29F9000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.00000000029F9000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
29F9000
|
| Size: |
8192
|
|
|
9F7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188131163.00000000009F7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9F7000
|
| Size: |
49152
|
|
|
5A4A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1196335203.0000000005A4A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5A4A000
|
| Size: |
12288
|
|
|
4CC5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195563564.0000000004CC5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4CC5000
|
| Size: |
45056
|
|
|
6B19000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1202780266.0000000006B19000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6B19000
|
| Size: |
8192
|
|
|
394C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.000000000394C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
394C000
|
| Size: |
16384
|
|
|
5A6B000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1196917770.0000000005A6B000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5A6B000
|
| Size: |
8192
|
|
|
2A93000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002A93000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2A93000
|
| Size: |
24576
|
|
|
7150000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1203177042.0000000007150000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
7150000
|
| Size: |
24576
|
|
|
2CA3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002CA3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2CA3000
|
| Size: |
8192
|
|
|
5310000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1196242147.0000000005310000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5310000
|
| Size: |
65536
|
|
|
A11000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188131163.0000000000A11000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A11000
|
| Size: |
4096
|
|
|
2AD4000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002AD4000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2AD4000
|
| Size: |
8192
|
|
|
2D57000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002D57000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D57000
|
| Size: |
438272
|
|
|
2DE3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002DE3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2DE3000
|
| Size: |
16384
|
|
|
2D3C000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002D3C000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D3C000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| SQL strings found in memory and binary data |
System Summary |
|
|
|
3995000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003995000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3995000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
68A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1200937894.00000000068A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
68A0000
|
| Size: |
4096
|
|
|
CB6000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1188592849.0000000000CB6000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
CB6000
|
| Size: |
12288
|
|
|
6AFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1202691783.0000000006AFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6AFF000
|
| Size: |
4096
|
|
|
674C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1200649721.000000000674C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
674C000
|
| Size: |
16384
|
|
|
28C3000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.00000000028C3000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
28C3000
|
| Size: |
12288
|
|
|
2AC2000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002AC2000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2AC2000
|
| Size: |
8192
|
|
|
5A6E000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1196917770.0000000005A6E000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5A6E000
|
| Size: |
8192
|
|
|
73DF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1203468358.00000000073DF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
73DF000
|
| Size: |
36864
|
|
|
2C2D000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002C2D000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2C2D000
|
| Size: |
311296
|
|
|
5CED000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1198401935.0000000005CED000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5CED000
|
| Size: |
8192
|
|
|
3B4A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003B4A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B4A000
|
| Size: |
8192
|
|
|
5AE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1197283412.0000000005AE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5AE0000
|
| Size: |
65536
|
|
|
37EF000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.00000000037EF000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
37EF000
|
| Size: |
20480
|
|
|
3B82000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003B82000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B82000
|
| Size: |
8192
|
|
|
5DA8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1199724900.0000000005DA8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5DA8000
|
| Size: |
4096
|
|
|
2AB5000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002AB5000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2AB5000
|
| Size: |
8192
|
|
|
5C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1187892742.00000000005C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5C0000
|
| Size: |
12288
|
|
|
3910000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003910000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3910000
|
| Size: |
4096
|
|
|
4D00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195692211.0000000004D00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4D00000
|
| Size: |
61440
|
|
|
CA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1188514048.0000000000CA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
CA0000
|
| Size: |
45056
|
|
|
2A89000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002A89000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2A89000
|
| Size: |
36864
|
|
|
6A70000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1202593853.0000000006A70000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6A70000
|
| Size: |
65536
|
|
|
72DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1203271547.00000000072DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
72DE000
|
| Size: |
8192
|
|
|
CC5000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1188676626.0000000000CC5000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
CC5000
|
| Size: |
4096
|
|
|
3BAD000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003BAD000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3BAD000
|
| Size: |
4096
|
|
|
2E37000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002E37000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2E37000
|
| Size: |
532480
|
|
|
2BD8000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002BD8000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2BD8000
|
| Size: |
16384
|
|
|
5DE0000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1200000713.0000000005DE0000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5DE0000
|
| Size: |
65536
|
|
|
3B80000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1191863641.0000000003B80000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
3B80000
|
| Size: |
4096
|
|
|
5D45000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1199405550.0000000005D45000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5D45000
|
| Size: |
36864
|
|
|
6B10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1202780266.0000000006B10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6B10000
|
| Size: |
32768
|
|
|
5A70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1197042059.0000000005A70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5A70000
|
| Size: |
65536
|
|
|
5A41000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1196335203.0000000005A41000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5A41000
|
| Size: |
32768
|
|
|
51CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1196163288.00000000051CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
51CE000
|
| Size: |
8192
|
|
|
5F9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1200402786.0000000005F9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5F9E000
|
| Size: |
8192
|
|
|
5D8A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1199608131.0000000005D8A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5D8A000
|
| Size: |
8192
|
|
|
481B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195098309.000000000481B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
481B000
|
| Size: |
20480
|
|
|
6A40000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1202535498.0000000006A40000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
6A40000
|
| Size: |
65536
|
|
|
2AE0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002AE0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2AE0000
|
| Size: |
8192
|
|
|
5FFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1200478196.0000000005FFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5FFE000
|
| Size: |
8192
|
|
|
4F1A000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1195905042.0000000004F1A000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4F1A000
|
| Size: |
24576
|
|
|
2D48000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1189062404.0000000002D48000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2D48000
|
| Size: |
4096
|
|
|
5D6B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1199551910.0000000005D6B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5D6B000
|
| Size: |
24576
|
|
|
6020000
|
trusted library allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1200601506.0000000006020000.00000040.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
6020000
|
| Size: |
65536
|
|
|
6FCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1203024958.0000000006FCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6FCE000
|
| Size: |
8192
|
|
