|
4C90000
|
direct allocation
|
page read and write
|
 |
|
|
| Name: |
0000000A.00000003.1297610885.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found malware configuration |
AV Detection |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
| Sample uses string decryption to hide its real strings |
AV Detection |
|
|
|
951000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.938169753.0000000000951000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
951000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
E41000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.971269603.0000000000E41000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
E41000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
5190000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.930944384.0000000005190000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5190000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
E41000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.3349572345.0000000000E41000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
E41000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
5130000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.897858235.0000000005130000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5130000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
E10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1296687305.0000000000E10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E10000
|
| Size: |
53248
|
|
|
43CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940050395.00000000043CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
43CF000
|
| Size: |
4096
|
|
|
9BD000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000000.00000000.890543736.00000000009BD000.00000008.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
9BD000
|
| Size: |
4096
|
|
|
12E8000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000001.00000002.971785410.00000000012E8000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
12E8000
|
| Size: |
8192
|
|
|
4D11000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.930318157.0000000004D11000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D11000
|
| Size: |
49152
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1325459156.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
C5F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3349092094.0000000000C5F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C5F000
|
| Size: |
4096
|
|
|
669E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940930370.000000000669E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
669E000
|
| Size: |
8192
|
|
|
40CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352324881.00000000040CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
40CE000
|
| Size: |
8192
|
|
|
4ACE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972715522.0000000004ACE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4ACE000
|
| Size: |
8192
|
|
|
52B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.898258185.00000000052B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52B0000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.901032859.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4D11000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.933379459.0000000004D11000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D11000
|
| Size: |
49152
|
|
|
4CCC000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352891408.0000000004CCC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4CCC000
|
| Size: |
16384
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.905208765.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
308E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3351624723.000000000308E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
308E000
|
| Size: |
8192
|
|
|
1490000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.971880605.0000000001490000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1490000
|
| Size: |
4096
|
|
|
2DCF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3351504487.0000000002DCF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2DCF000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.896810339.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
1140000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.3349887207.0000000001140000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
1140000
|
| Size: |
45056
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1327160825.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1326427819.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
12E8000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
0000000A.00000002.3351405712.00000000012E8000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
12E8000
|
| Size: |
8192
|
|
|
9EF000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3348235431.00000000009EF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9EF000
|
| Size: |
102400
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
45CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352597902.00000000045CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
45CE000
|
| Size: |
8192
|
|
|
38CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939714446.00000000038CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38CE000
|
| Size: |
8192
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.901084428.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904965592.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
358E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972133180.000000000358E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
358E000
|
| Size: |
8192
|
|
|
14B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.929107399.00000000014B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14B4000
|
| Size: |
4096
|
|
|
167E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.971966331.000000000167E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
167E000
|
| Size: |
155648
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1301108985.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
E10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1295598757.0000000000E10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E10000
|
| Size: |
53248
|
|
|
1284000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.938941712.0000000001284000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1284000
|
| Size: |
94208
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.901008398.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
6B41000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.915471449.0000000006B41000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B41000
|
| Size: |
4096
|
|
|
5380000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.972949440.0000000005380000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5380000
|
| Size: |
4096
|
|
|
39CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939736056.00000000039CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
39CF000
|
| Size: |
4096
|
|
|
5290000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.898329947.0000000005290000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5290000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.897339287.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
354F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972117424.000000000354F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
354F000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.906588013.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1301170954.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
1277000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.922543064.0000000001277000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1277000
|
| Size: |
8192
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.905042767.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
6EBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.941176906.0000000006EBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6EBE000
|
| Size: |
8192
|
|
|
368F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972149992.000000000368F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
368F000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1329278829.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
52C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.940636170.00000000052C0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52C0000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1326289677.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
5310000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.972839673.0000000005310000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5310000
|
| Size: |
4096
|
|
|
168E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939215406.000000000168E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
168E000
|
| Size: |
8192
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.907116195.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.900434240.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4EB0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.3353214376.0000000004EB0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4EB0000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1301848789.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.906759873.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1324851065.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
66A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.916324355.00000000066A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66A0000
|
| Size: |
8192
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1325131632.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903579071.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
5360000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.940843628.0000000005360000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5360000
|
| Size: |
4096
|
|
|
14B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.971901571.00000000014B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14B0000
|
| Size: |
16384
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903555060.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.896176954.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
8A31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.907547422.0000000008A31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8A31000
|
| Size: |
262144
|
|
|
51F5000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.930944384.00000000051F5000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
51F5000
|
| Size: |
12288
|
|
|
58FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3353579670.00000000058FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
58FE000
|
| Size: |
8192
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1329376590.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1325954616.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
378E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939668531.000000000378E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
378E000
|
| Size: |
8192
|
|
|
12BF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.906291109.00000000012BF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12BF000
|
| Size: |
8192
|
|
|
C50000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.938273046.0000000000C50000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
C50000
|
| Size: |
45056
|
|
|
E40000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000001.00000000.916405830.0000000000E40000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
E40000
|
| Size: |
4096
|
|
|
143E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.971816932.000000000143E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
143E000
|
| Size: |
8192
|
|
|
66A5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.916253975.00000000066A5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66A5000
|
| Size: |
8192
|
|
|
498E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972677655.000000000498E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
498E000
|
| Size: |
8192
|
|
|
4CA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940442874.0000000004CA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA0000
|
| Size: |
36864
|
|
|
54B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940883412.00000000054B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
54B4000
|
| Size: |
12288
|
|
|
561C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3353445189.000000000561C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
561C000
|
| Size: |
16384
|
|
|
5300000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.940711204.0000000005300000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5300000
|
| Size: |
4096
|
|
|
52F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.940691684.00000000052F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52F0000
|
| Size: |
4096
|
|
|
14B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.929124637.00000000014B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14B4000
|
| Size: |
4096
|
|
|
DC7000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3349299076.0000000000DC7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DC7000
|
| Size: |
12288
|
|
|
E10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1296237331.0000000000E10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E10000
|
| Size: |
53248
|
|
|
C61000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000000.00000002.938546922.0000000000C61000.00000080.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
C61000
|
| Size: |
1658880
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1326901908.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
E10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1296392009.0000000000E10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E10000
|
| Size: |
53248
|
|
|
458F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352566323.000000000458F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
458F000
|
| Size: |
4096
|
|
|
12DE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.906271760.00000000012DE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12DE000
|
| Size: |
36864
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1317409893.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904728531.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.901707082.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
14B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.929042023.00000000014B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14B4000
|
| Size: |
4096
|
|
|
3B4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939795665.0000000003B4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B4E000
|
| Size: |
8192
|
|
|
102F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.971346080.000000000102F000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
102F000
|
| Size: |
897024
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
3A4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972252310.0000000003A4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A4F000
|
| Size: |
4096
|
|
|
14A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.929187392.00000000014A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
14A0000
|
| Size: |
53248
|
|
|
444F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352499618.000000000444F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
444F000
|
| Size: |
4096
|
|
|
484E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972639479.000000000484E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
484E000
|
| Size: |
8192
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1329311472.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.901180560.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
DA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3349211773.0000000000DA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DA0000
|
| Size: |
4096
|
|
|
1283000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.928227534.0000000001283000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1283000
|
| Size: |
98304
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1325766680.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1326720815.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903618806.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904504719.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
125B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.926458328.000000000125B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
125B000
|
| Size: |
4096
|
|
|
12B3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.906056361.00000000012B3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12B3000
|
| Size: |
77824
|
|
|
52B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.898222575.00000000052B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52B0000
|
| Size: |
4096
|
|
|
45CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972569265.00000000045CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
45CE000
|
| Size: |
8192
|
|
|
344E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972100098.000000000344E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
344E000
|
| Size: |
8192
|
|
|
52B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.898181577.00000000052B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52B0000
|
| Size: |
4096
|
|
|
EAD000
|
unkown
|
page write copy
|
|
|
|
| Name: |
0000000A.00000000.1287112571.0000000000EAD000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
EAD000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.901761057.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
2EC7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939324286.0000000002EC7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2EC7000
|
| Size: |
32768
|
|
|
3D8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939853647.0000000003D8F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3D8F000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903527176.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
14A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.930074790.00000000014A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
14A0000
|
| Size: |
53248
|
|
|
565D000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3353474608.000000000565D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
565D000
|
| Size: |
12288
|
|
|
14B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.933488755.00000000014B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14B4000
|
| Size: |
4096
|
|
|
4E00000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000003.1298121572.0000000004E00000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4E00000
|
| Size: |
4096
|
|
|
EAD000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000001.00000002.971331276.0000000000EAD000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
EAD000
|
| Size: |
4096
|
|
|
54CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3353387949.00000000054CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
54CF000
|
| Size: |
4096
|
|
|
46CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352629134.00000000046CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
46CF000
|
| Size: |
4096
|
|
|
14A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.929832811.00000000014A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
14A0000
|
| Size: |
53248
|
|
|
4E00000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000003.1298015474.0000000004E00000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4E00000
|
| Size: |
8192
|
|
|
4DA0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.895945166.0000000004DA0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4DA0000
|
| Size: |
176128
|
|
|
5360000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.972916995.0000000005360000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5360000
|
| Size: |
4096
|
|
|
490E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940257146.000000000490E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
490E000
|
| Size: |
8192
|
|
|
108B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.938701280.000000000108B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
108B000
|
| Size: |
20480
|
|
|
DCD000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3349299076.0000000000DCD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DCD000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1326606031.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
14B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.930420069.00000000014B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14B4000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.902912029.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
5340000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.940799562.0000000005340000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5340000
|
| Size: |
4096
|
|
|
14A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.929327298.00000000014A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
14A0000
|
| Size: |
53248
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1329443704.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.905676939.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.901914673.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
494F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972661748.000000000494F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
494F000
|
| Size: |
4096
|
|
|
53CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3353352612.00000000053CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
53CE000
|
| Size: |
8192
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1329499365.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
523F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3353316567.000000000523F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
523F000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904672722.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
3E4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972364840.0000000003E4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3E4E000
|
| Size: |
8192
|
|
|
4E00000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000003.1298083616.0000000004E00000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4E00000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1326945946.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
1305000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939087037.0000000001305000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1305000
|
| Size: |
8192
|
|
|
52B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.898240277.00000000052B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52B0000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.900739832.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.906468643.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903754869.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1329035097.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
2C8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3351453261.0000000002C8F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2C8F000
|
| Size: |
4096
|
|
|
48CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940237088.00000000048CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
48CF000
|
| Size: |
4096
|
|
|
1650000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.930812689.0000000001650000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1650000
|
| Size: |
53248
|
|
|
52F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.931245700.00000000052F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52F0000
|
| Size: |
4096
|
|
|
4E00000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000003.1298194663.0000000004E00000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4E00000
|
| Size: |
4096
|
|
|
2E90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939263873.0000000002E90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E90000
|
| Size: |
4096
|
|
|
52F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.931225800.00000000052F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52F0000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.896383633.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
318F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3351650967.000000000318F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
318F000
|
| Size: |
4096
|
|
|
338F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939511004.000000000338F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
338F000
|
| Size: |
4096
|
|
|
1300000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939087037.0000000001300000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1300000
|
| Size: |
16384
|
|
|
4DD0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000003.1298572752.0000000004DD0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4DD0000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.900981432.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
12CD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939011478.00000000012CD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12CD000
|
| Size: |
139264
|
|
|
3CCF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352075087.0000000003CCF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3CCF000
|
| Size: |
4096
|
|
|
4DCF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352923173.0000000004DCF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4DCF000
|
| Size: |
4096
|
|
|
40CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972430227.00000000040CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
40CE000
|
| Size: |
8192
|
|
|
464F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940145744.000000000464F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
464F000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1296905432.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
49152
|
|
|
E10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1295512665.0000000000E10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E10000
|
| Size: |
53248
|
|
|
4B4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940361874.0000000004B4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4B4F000
|
| Size: |
4096
|
|
|
D3D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.971191238.0000000000D3D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
D3D000
|
| Size: |
12288
|
|
|
1660000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.931590104.0000000001660000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
1660000
|
| Size: |
4096
|
|
|
32CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3351700563.00000000032CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
32CF000
|
| Size: |
4096
|
|
|
6EFB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.941200639.0000000006EFB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6EFB000
|
| Size: |
20480
|
|
|
E30000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1297379681.0000000000E30000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E30000
|
| Size: |
53248
|
|
|
3F8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352229997.0000000003F8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F8E000
|
| Size: |
8192
|
|
|
124C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.938761844.000000000124C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
124C000
|
| Size: |
4096
|
|
|
380E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972199238.000000000380E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
380E000
|
| Size: |
8192
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.896316781.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.900628847.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1296964031.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1329563366.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
394E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3351950353.000000000394E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
394E000
|
| Size: |
8192
|
|
|
C1E000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.938273046.0000000000C1E000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
C1E000
|
| Size: |
102400
|
|
|
1140000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.971346080.0000000001140000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
1140000
|
| Size: |
45056
|
|
|
440E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940080941.000000000440E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
440E000
|
| Size: |
8192
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903978581.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4CB5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940442874.0000000004CB5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CB5000
|
| Size: |
8192
|
|
|
430F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972483441.000000000430F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
430F000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.905254236.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
125E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.938903757.000000000125E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
125E000
|
| Size: |
102400
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.900777754.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.900810885.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.905645228.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
52B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.898282578.00000000052B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52B0000
|
| Size: |
4096
|
|
|
C60000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.938273046.0000000000C60000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
C60000
|
| Size: |
4096
|
|
|
14A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.930251430.00000000014A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
14A0000
|
| Size: |
53248
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1326761438.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
66A6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.916324355.00000000066A6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66A6000
|
| Size: |
4096
|
|
|
37CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972184182.00000000037CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
37CF000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1301515309.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
DB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.971224305.0000000000DB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DB0000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.905572125.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
52B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.898157779.00000000052B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52B0000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.896902482.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
1650000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.930726319.0000000001650000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1650000
|
| Size: |
53248
|
|
|
163E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.971949406.000000000163E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
163E000
|
| Size: |
8192
|
|
|
4D10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972779038.0000000004D10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D10000
|
| Size: |
4096
|
|
|
57FD000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3353548195.00000000057FD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
57FD000
|
| Size: |
12288
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1328227749.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
9D9000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3348235431.00000000009D9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9D9000
|
| Size: |
4096
|
|
|
52B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.898132771.00000000052B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52B0000
|
| Size: |
8192
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.905614463.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
3F4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352200647.0000000003F4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F4E000
|
| Size: |
8192
|
|
|
41CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972447931.00000000041CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
41CF000
|
| Size: |
4096
|
|
|
E41000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
0000000A.00000000.1287059322.0000000000E41000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
E41000
|
| Size: |
188416
|
|
|
EAF000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.971346080.0000000000EAF000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
EAF000
|
| Size: |
1564672
|
|
|
5A5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3347632180.00000000005A5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5A5000
|
| Size: |
8192
|
|
|
14A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.930164348.00000000014A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
14A0000
|
| Size: |
53248
|
|
|
5195000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.897858235.0000000005195000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5195000
|
| Size: |
12288
|
|
|
360F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939604089.000000000360F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
360F000
|
| Size: |
4096
|
|
|
470E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972604837.000000000470E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
470E000
|
| Size: |
8192
|
|
|
12B2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.922543064.00000000012B2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12B2000
|
| Size: |
61440
|
|
|
5D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3347768306.00000000005D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5D0000
|
| Size: |
8192
|
|
|
1251000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.938761844.0000000001251000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1251000
|
| Size: |
40960
|
|
|
EA6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.971269603.0000000000EA6000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
EA6000
|
| Size: |
16384
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904405170.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1328909797.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4E30000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.3352997529.0000000004E30000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4E30000
|
| Size: |
4096
|
|
|
E41000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000001.00000000.916462347.0000000000E41000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
E41000
|
| Size: |
188416
|
|
|
448E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972531509.000000000448E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
448E000
|
| Size: |
8192
|
|
|
3B0F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939775511.0000000003B0F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B0F000
|
| Size: |
4096
|
|
|
14B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.930385448.00000000014B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14B4000
|
| Size: |
4096
|
|
|
14B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.930448513.00000000014B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14B4000
|
| Size: |
4096
|
|
|
36CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3351856852.00000000036CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
36CE000
|
| Size: |
8192
|
|
|
4821000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352725141.0000000004821000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4821000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.905019325.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1328489341.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
158E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939190477.000000000158E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
158E000
|
| Size: |
8192
|
|
|
304F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3351600503.000000000304F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
304F000
|
| Size: |
4096
|
|
|
1150000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.971346080.0000000001150000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
1150000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.901127993.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
E30000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1297478456.0000000000E30000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E30000
|
| Size: |
53248
|
|
|
14A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.929928414.00000000014A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
14A0000
|
| Size: |
53248
|
|
|
120A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.938761844.000000000120A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
120A000
|
| Size: |
8192
|
|
|
14A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.929762634.00000000014A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
14A0000
|
| Size: |
53248
|
|
|
102F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.3349887207.000000000102F000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
102F000
|
| Size: |
897024
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
1282000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.938925353.0000000001282000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1282000
|
| Size: |
4096
|
|
|
310F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939425897.000000000310F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
310F000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.906499357.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1327353492.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
6C80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.941118544.0000000006C80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6C80000
|
| Size: |
16384
|
|
|
34CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939554761.00000000034CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34CF000
|
| Size: |
4096
|
|
|
144E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939148919.000000000144E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
144E000
|
| Size: |
8192
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.900651157.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
374F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939646748.000000000374F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
374F000
|
| Size: |
4096
|
|
|
14B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.933443941.00000000014B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14B4000
|
| Size: |
4096
|
|
|
4830000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352725141.0000000004830000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4830000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1326860729.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.902481119.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4A0F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940278856.0000000004A0F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A0F000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.905160418.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.905281676.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4BCF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972732396.0000000004BCF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4BCF000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.900960263.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
DC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3349299076.0000000000DC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DC0000
|
| Size: |
16384
|
|
|
480F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972622287.000000000480F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
480F000
|
| Size: |
4096
|
|
|
52A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.898347842.00000000052A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52A0000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1326104890.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1327316411.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4FBB000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3353244496.0000000004FBB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4FBB000
|
| Size: |
20480
|
|
|
EAD000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000001.00000000.917510007.0000000000EAD000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
EAD000
|
| Size: |
4096
|
|
|
51CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972794845.00000000051CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
51CE000
|
| Size: |
8192
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.900906637.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.900875990.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.905344124.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
12C6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.905955890.00000000012C6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12C6000
|
| Size: |
57344
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904451012.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.901054236.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1325911171.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
2EA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939300157.0000000002EA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2EA0000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903010793.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
14A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.929604157.00000000014A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
14A0000
|
| Size: |
53248
|
|
|
E10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1296762685.0000000000E10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E10000
|
| Size: |
53248
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.906614447.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
12B2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.938991661.00000000012B2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12B2000
|
| Size: |
32768
|
|
|
4E50000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.3353052562.0000000004E50000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4E50000
|
| Size: |
4096
|
|
|
EAD000
|
unkown
|
page write copy
|
|
|
|
| Name: |
0000000A.00000002.3349774528.0000000000EAD000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
EAD000
|
| Size: |
4096
|
|
|
12DC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.905955890.00000000012DC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12DC000
|
| Size: |
8192
|
|
|
4E00000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000003.1298389234.0000000004E00000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4E00000
|
| Size: |
4096
|
|
|
125E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.926458328.000000000125E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
125E000
|
| Size: |
102400
|
|
|
4C8C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352853509.0000000004C8C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C8C000
|
| Size: |
16384
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.906996269.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.900534950.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1325188839.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
3DCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939872488.0000000003DCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3DCE000
|
| Size: |
8192
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903417366.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
B3F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.938273046.0000000000B3F000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B3F000
|
| Size: |
897024
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904269359.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
14B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.929055860.00000000014B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14B4000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904596816.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
6FCC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.941225489.0000000006FCC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6FCC000
|
| Size: |
16384
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1301446557.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.905769529.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1300634573.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
888C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.941246634.000000000888C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
888C000
|
| Size: |
16384
|
|
|
12C2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.926590205.00000000012C2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12C2000
|
| Size: |
40960
|
|
|
324F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939469754.000000000324F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
324F000
|
| Size: |
4096
|
|
|
15BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.971917603.00000000015BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
15BF000
|
| Size: |
4096
|
|
|
5370000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.940863618.0000000005370000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5370000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1320994383.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.896008492.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
237568
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1328306238.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
37CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3351879488.00000000037CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
37CF000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1328450403.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1329472278.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
6B50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.916276365.0000000006B50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B50000
|
| Size: |
8192
|
|
|
4B8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940396137.0000000004B8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4B8E000
|
| Size: |
8192
|
|
|
4E60000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.3353076942.0000000004E60000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4E60000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1329601926.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1301659343.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.897377718.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
14B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.930367851.00000000014B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14B4000
|
| Size: |
4096
|
|
|
4A8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972694608.0000000004A8F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A8F000
|
| Size: |
4096
|
|
|
D9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3349156160.0000000000D9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
D9E000
|
| Size: |
8192
|
|
|
12BB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939011478.00000000012BB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12BB000
|
| Size: |
24576
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903454825.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1328776882.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
3A0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939754417.0000000003A0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A0E000
|
| Size: |
8192
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.896451234.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
EAF000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.3349887207.0000000000EAF000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
EAF000
|
| Size: |
1564672
|
|
|
E40000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.971255147.0000000000E40000.00000004.00000001.01000000.00000007.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
E40000
|
| Size: |
4096
|
|
|
3F4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972381006.0000000003F4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F4F000
|
| Size: |
4096
|
|
|
46CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972587353.00000000046CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
46CF000
|
| Size: |
4096
|
|
|
434E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352466885.000000000434E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
434E000
|
| Size: |
8192
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.902838808.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.897257730.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
49152
|
|
|
328E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939489942.000000000328E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
328E000
|
| Size: |
8192
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.897310263.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
129E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.922543064.000000000129E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
129E000
|
| Size: |
77824
|
|
|
47CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940210088.00000000047CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47CE000
|
| Size: |
8192
|
|
|
3E4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352163196.0000000003E4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3E4E000
|
| Size: |
8192
|
|
|
3D0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972333132.0000000003D0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3D0E000
|
| Size: |
8192
|
|
|
3F0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939919485.0000000003F0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F0E000
|
| Size: |
8192
|
|
|
1246000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.938761844.0000000001246000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1246000
|
| Size: |
16384
|
|
|
364E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939624153.000000000364E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
364E000
|
| Size: |
8192
|
|
|
450F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940100740.000000000450F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
450F000
|
| Size: |
4096
|
|
|
3C8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939834547.0000000003C8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C8E000
|
| Size: |
8192
|
|
|
167A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.971966331.000000000167A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
167A000
|
| Size: |
8192
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.900131431.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
14B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.930402104.00000000014B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14B4000
|
| Size: |
4096
|
|
|
388F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939690416.000000000388F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
388F000
|
| Size: |
4096
|
|
|
120E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.938761844.000000000120E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
120E000
|
| Size: |
225280
|
|
|
127C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.922543064.000000000127C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
127C000
|
| Size: |
126976
|
|
|
4C8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940421529.0000000004C8F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C8F000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.900073209.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
49152
|
|
|
408F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352294000.000000000408F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
408F000
|
| Size: |
4096
|
|
|
5330000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.940781091.0000000005330000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5330000
|
| Size: |
4096
|
|
|
14A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.929254297.00000000014A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
14A0000
|
| Size: |
53248
|
|
|
DF6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.938654163.0000000000DF6000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
DF6000
|
| Size: |
8192
|
|
|
53A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.972978967.00000000053A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53A0000
|
| Size: |
4096
|
|
|
12CD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.926590205.00000000012CD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12CD000
|
| Size: |
139264
|
|
|
8A2C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.941275113.0000000008A2C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8A2C000
|
| Size: |
16384
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904478656.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4A4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940321003.0000000004A4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A4E000
|
| Size: |
8192
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.905093148.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
418E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939993951.000000000418E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
418E000
|
| Size: |
8192
|
|
|
52F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.931327980.00000000052F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52F0000
|
| Size: |
4096
|
|
|
33CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939530302.00000000033CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
33CE000
|
| Size: |
8192
|
|
|
5310000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.940729953.0000000005310000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5310000
|
| Size: |
4096
|
|
|
5320000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.940751527.0000000005320000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5320000
|
| Size: |
4096
|
|
|
526F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940614997.000000000526F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
526F000
|
| Size: |
4096
|
|
|
15FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.971932124.00000000015FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
15FE000
|
| Size: |
8192
|
|
|
448E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352529566.000000000448E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
448E000
|
| Size: |
8192
|
|
|
480F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352694730.000000000480F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
480F000
|
| Size: |
4096
|
|
|
1279000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.916401392.0000000001279000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1279000
|
| Size: |
139264
|
|
|
4E90000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.3353156600.0000000004E90000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4E90000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904029206.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
1138000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.3349887207.0000000001138000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
1138000
|
| Size: |
28672
|
|
|
52D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.940656150.00000000052D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52D0000
|
| Size: |
4096
|
|
|
2E8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939237147.0000000002E8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E8E000
|
| Size: |
8192
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1329632031.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
2B8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3351431371.0000000002B8F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2B8F000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1319219007.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904812993.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4E00000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000003.1298224678.0000000004E00000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4E00000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.906415807.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4E70000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.3353104193.0000000004E70000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4E70000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.897043967.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
6B50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.915471449.0000000006B50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B50000
|
| Size: |
8192
|
|
|
6A2F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.941060376.0000000006A2F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6A2F000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1295253194.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
245760
|
|
|
513E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3353283248.000000000513E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
513E000
|
| Size: |
8192
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1327746838.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
3A4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3351972383.0000000003A4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A4F000
|
| Size: |
4096
|
|
|
300B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939403820.000000000300B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
300B000
|
| Size: |
20480
|
|
|
67EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940982163.00000000067EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
67EE000
|
| Size: |
8192
|
|
|
454E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940118449.000000000454E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
454E000
|
| Size: |
8192
|
|
|
52F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.931198402.00000000052F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52F0000
|
| Size: |
8192
|
|
|
468E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940170124.000000000468E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
468E000
|
| Size: |
8192
|
|
|
C48000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.938273046.0000000000C48000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
C48000
|
| Size: |
28672
|
|
|
3CCF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972317294.0000000003CCF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3CCF000
|
| Size: |
4096
|
|
|
330E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3351722350.000000000330E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
330E000
|
| Size: |
8192
|
|
|
14A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.929393493.00000000014A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
14A0000
|
| Size: |
53248
|
|
|
E0C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3349481143.0000000000E0C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E0C000
|
| Size: |
16384
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1329167555.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
E10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1296492556.0000000000E10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E10000
|
| Size: |
53248
|
|
|
310F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972036910.000000000310F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
310F000
|
| Size: |
4096
|
|
|
53B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.972993528.00000000053B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53B0000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1327049109.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.906821885.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
52D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.931442549.00000000052D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52D0000
|
| Size: |
4096
|
|
|
EA6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.3349572345.0000000000EA6000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
EA6000
|
| Size: |
16384
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1329532968.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
3F8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972396070.0000000003F8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F8E000
|
| Size: |
8192
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.902695365.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
692E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.941034342.000000000692E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
692E000
|
| Size: |
8192
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904091641.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1329407858.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
129E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.938941712.000000000129E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
129E000
|
| Size: |
77824
|
|
|
110E000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.3349887207.000000000110E000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
110E000
|
| Size: |
102400
|
|
|
4E80000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.3353129810.0000000004E80000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4E80000
|
| Size: |
4096
|
|
|
148E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.971865234.000000000148E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
148E000
|
| Size: |
8192
|
|
|
12C2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939011478.00000000012C2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12C2000
|
| Size: |
40960
|
|
|
368F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3351835742.000000000368F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
368F000
|
| Size: |
4096
|
|
|
590000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3347543619.0000000000590000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
590000
|
| Size: |
4096
|
|
|
1150000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
0000000A.00000000.1288081547.0000000001150000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
1150000
|
| Size: |
1679360
|
|
|
3E0F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972350414.0000000003E0F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3E0F000
|
| Size: |
4096
|
|
|
12C2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.922543064.00000000012C2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12C2000
|
| Size: |
40960
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1329665191.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
980000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3348163707.0000000000980000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
980000
|
| Size: |
4096
|
|
|
12C7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.906246008.00000000012C7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12C7000
|
| Size: |
131072
|
|
|
4E40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.3353027010.0000000004E40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4E40000
|
| Size: |
4096
|
|
|
4EA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.3353186063.0000000004EA0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4EA0000
|
| Size: |
4096
|
|
|
5130000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.897677893.0000000005130000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5130000
|
| Size: |
53248
|
|
|
5130000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.897744880.0000000005130000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5130000
|
| Size: |
53248
|
|
|
3BCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972300664.0000000003BCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3BCE000
|
| Size: |
8192
|
|
|
52F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.931312858.00000000052F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52F0000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.896976137.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
6A60000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.941089949.0000000006A60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6A60000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1327113961.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
110E000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.971346080.000000000110E000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
110E000
|
| Size: |
102400
|
|
|
1151000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
0000000A.00000002.3351269519.0000000001151000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
1151000
|
| Size: |
1658880
|
|
|
13FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.971800553.00000000013FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
13FE000
|
| Size: |
8192
|
|
|
420E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352396579.000000000420E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
420E000
|
| Size: |
8192
|
|
|
340F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972083299.000000000340F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
340F000
|
| Size: |
4096
|
|
|
5350000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.972902656.0000000005350000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5350000
|
| Size: |
4096
|
|
|
52F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.931291224.00000000052F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52F0000
|
| Size: |
4096
|
|
|
14A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.930001206.00000000014A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
14A0000
|
| Size: |
53248
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903384179.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
67AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940954091.00000000067AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
67AF000
|
| Size: |
4096
|
|
|
12C2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.906291109.00000000012C2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12C2000
|
| Size: |
20480
|
|
|
390F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3351929257.000000000390F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
390F000
|
| Size: |
4096
|
|
|
C3C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.971168566.0000000000C3C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C3C000
|
| Size: |
16384
|
|
|
3A8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3351997183.0000000003A8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A8E000
|
| Size: |
8192
|
|
|
12BA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.926590205.00000000012BA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12BA000
|
| Size: |
28672
|
|
|
129E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.916401392.000000000129E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
129E000
|
| Size: |
77824
|
|
|
E10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1296835452.0000000000E10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E10000
|
| Size: |
53248
|
|
|
390F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972217977.000000000390F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
390F000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.901105845.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.900492362.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904227283.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
9DB000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3348235431.00000000009DB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9DB000
|
| Size: |
73728
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1327009308.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.901150826.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
12B2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.916401392.00000000012B2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12B2000
|
| Size: |
61440
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904378803.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
52F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.931403938.00000000052F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52F0000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903478760.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
5280000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.898369293.0000000005280000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5280000
|
| Size: |
4096
|
|
|
3A8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972268862.0000000003A8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A8E000
|
| Size: |
8192
|
|
|
52E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.940673220.00000000052E0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52E0000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904874970.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
12CD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.922543064.00000000012CD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12CD000
|
| Size: |
139264
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1329695133.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
2F4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3351571727.0000000002F4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2F4E000
|
| Size: |
8192
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.900938186.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
6B4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.915471449.0000000006B4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B4E000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.900844654.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
3E0F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352134293.0000000003E0F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3E0F000
|
| Size: |
4096
|
|
|
1447000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.971832713.0000000001447000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1447000
|
| Size: |
8192
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1301350654.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
354F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3351792759.000000000354F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
354F000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1301056935.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1329211484.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
5A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3347632180.00000000005A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5A0000
|
| Size: |
16384
|
|
|
350E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939580412.000000000350E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
350E000
|
| Size: |
8192
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1325394374.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904846630.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
1440000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.971832713.0000000001440000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1440000
|
| Size: |
16384
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903701977.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
6DBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.941149063.0000000006DBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6DBE000
|
| Size: |
8192
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1300380837.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
49152
|
|
|
14B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.930346883.00000000014B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14B4000
|
| Size: |
4096
|
|
|
1200000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.938761844.0000000001200000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1200000
|
| Size: |
36864
|
|
|
E1E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.971239668.0000000000E1E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1E000
|
| Size: |
8192
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.902984618.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903870072.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1300812528.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
99B000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3348235431.000000000099B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
99B000
|
| Size: |
147456
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2F0F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3351551962.0000000002F0F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2F0F000
|
| Size: |
4096
|
|
|
4CF5000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1297610885.0000000004CF5000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4CF5000
|
| Size: |
12288
|
|
|
3C4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939815580.0000000003C4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C4F000
|
| Size: |
4096
|
|
|
5300000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.972824545.0000000005300000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5300000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.896249431.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904646916.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1329240954.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
408F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972413398.000000000408F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
408F000
|
| Size: |
4096
|
|
|
E10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1295438076.0000000000E10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E10000
|
| Size: |
53248
|
|
|
434D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972498958.000000000434D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
434D000
|
| Size: |
12288
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.901648350.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.906555600.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.901680408.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
3ECF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939892207.0000000003ECF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3ECF000
|
| Size: |
4096
|
|
|
478F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940188736.000000000478F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
478F000
|
| Size: |
4096
|
|
|
129E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.928227534.000000000129E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
129E000
|
| Size: |
77824
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.902404142.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
36CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972164952.00000000036CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
36CE000
|
| Size: |
8192
|
|
|
414F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939975049.000000000414F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
414F000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.897119759.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
E10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1295668188.0000000000E10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E10000
|
| Size: |
53248
|
|
|
4E00000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000003.1298350604.0000000004E00000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4E00000
|
| Size: |
4096
|
|
|
2E0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3351527482.0000000002E0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E0E000
|
| Size: |
8192
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.901202100.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
300F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972021907.000000000300F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
300F000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1317884685.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
404E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939957050.000000000404E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
404E000
|
| Size: |
8192
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1327196909.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
394E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972233877.000000000394E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
394E000
|
| Size: |
8192
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1300982042.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904906136.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
12E6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.971766432.00000000012E6000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
12E6000
|
| Size: |
8192
|
|
|
320F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972051913.000000000320F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
320F000
|
| Size: |
4096
|
|
|
330F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972067131.000000000330F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
330F000
|
| Size: |
4096
|
|
|
4E10000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.3352947440.0000000004E10000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4E10000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904561987.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
950000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.890483816.0000000000950000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
950000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1328697097.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
54B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940883412.00000000054B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
54B0000
|
| Size: |
8192
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1325657359.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
8A30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.941297752.0000000008A30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8A30000
|
| Size: |
102400
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.896520267.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
13E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939128599.00000000013E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13E0000
|
| Size: |
8192
|
|
|
444F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972515389.000000000444F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
444F000
|
| Size: |
4096
|
|
|
428F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940011269.000000000428F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
428F000
|
| Size: |
4096
|
|
|
52F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.931366696.00000000052F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52F0000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1326671757.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
14B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.929025756.00000000014B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14B4000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904702584.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
2CCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3351478426.0000000002CCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2CCE000
|
| Size: |
8192
|
|
|
DA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.971207374.0000000000DA0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DA0000
|
| Size: |
4096
|
|
|
12E6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.3351382184.00000000012E6000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
12E6000
|
| Size: |
8192
|
|
|
5340000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.972885723.0000000005340000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5340000
|
| Size: |
4096
|
|
|
41CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352363442.00000000041CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
41CF000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903059150.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
E10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1295934168.0000000000E10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E10000
|
| Size: |
53248
|
|
|
4E00000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000003.1298433651.0000000004E00000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4E00000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1324645753.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
E10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1295826340.0000000000E10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E10000
|
| Size: |
53248
|
|
|
4DF0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000003.1298533794.0000000004DF0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4DF0000
|
| Size: |
4096
|
|
|
9B6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.938169753.00000000009B6000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
9B6000
|
| Size: |
16384
|
|
|
C60000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000000.00000000.890560656.0000000000C60000.00000080.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
C60000
|
| Size: |
1679360
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.902959362.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4D11000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.928841663.0000000004D11000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D11000
|
| Size: |
65536
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.896585148.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.906727174.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4DE0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000003.1298499271.0000000004DE0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4DE0000
|
| Size: |
4096
|
|
|
9C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3348235431.00000000009C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9C0000
|
| Size: |
81920
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.902935517.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
1670000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.971966331.0000000001670000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1670000
|
| Size: |
32768
|
|
|
12C2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.916401392.00000000012C2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12C2000
|
| Size: |
40960
|
|
|
12B2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.928198782.00000000012B2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12B2000
|
| Size: |
32768
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.906132506.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1301236345.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
575E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3353507593.000000000575E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
575E000
|
| Size: |
8192
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903349548.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
2FCF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939382998.0000000002FCF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2FCF000
|
| Size: |
4096
|
|
|
4D0F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972763948.0000000004D0F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4D0F000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904752272.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.901230819.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.902354255.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
458F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972549976.000000000458F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
458F000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1301933194.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4CB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940442874.0000000004CB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CB0000
|
| Size: |
4096
|
|
|
4910000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1295184976.0000000004910000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4910000
|
| Size: |
180224
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1297049714.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
344E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3351768896.000000000344E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
344E000
|
| Size: |
8192
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.900233650.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
52B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.898298244.00000000052B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52B0000
|
| Size: |
4096
|
|
|
4810000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352725141.0000000004810000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4810000
|
| Size: |
36864
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.897185976.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
A0A000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3348235431.0000000000A0A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A0A000
|
| Size: |
40960
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.906916979.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
990000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3348235431.0000000000990000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
990000
|
| Size: |
36864
|
|
|
12CD000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.916401392.00000000012CD000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12CD000
|
| Size: |
139264
|
|
|
358E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3351812832.000000000358E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
358E000
|
| Size: |
8192
|
|
|
340F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3351746222.000000000340F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
340F000
|
| Size: |
4096
|
|
|
9BF000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.938273046.00000000009BF000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
9BF000
|
| Size: |
1564672
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903793592.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1325314970.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904162690.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
3B8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352023483.0000000003B8F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B8F000
|
| Size: |
4096
|
|
|
516E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940586811.000000000516E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
516E000
|
| Size: |
8192
|
|
|
14B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.928864745.00000000014B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14B4000
|
| Size: |
4096
|
|
|
380E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3351903182.000000000380E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
380E000
|
| Size: |
8192
|
|
|
5330000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.972869006.0000000005330000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5330000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.906642794.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
3B8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972285699.0000000003B8F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B8F000
|
| Size: |
4096
|
|
|
52CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972810140.00000000052CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
52CF000
|
| Size: |
4096
|
|
|
3D0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352103879.0000000003D0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3D0E000
|
| Size: |
8192
|
|
|
314E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939447995.000000000314E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
314E000
|
| Size: |
8192
|
|
|
3BCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352048408.0000000003BCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3BCE000
|
| Size: |
8192
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.900393379.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4E10000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.928910021.0000000004E10000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4E10000
|
| Size: |
180224
|
|
|
5350000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.940819297.0000000005350000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5350000
|
| Size: |
4096
|
|
|
2EC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939324286.0000000002EC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2EC0000
|
| Size: |
20480
|
|
|
52E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.931477972.00000000052E0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52E0000
|
| Size: |
4096
|
|
|
950000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.938055376.0000000000950000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
950000
|
| Size: |
4096
|
|
|
118A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.938721371.000000000118A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
118A000
|
| Size: |
24576
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.896739350.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
42CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940030631.00000000042CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
42CE000
|
| Size: |
8192
|
|
|
551E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3353416526.000000000551E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
551E000
|
| Size: |
8192
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903086369.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
93E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3348097759.000000000093E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
93E000
|
| Size: |
8192
|
|
|
14A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.929465486.00000000014A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
14A0000
|
| Size: |
53248
|
|
|
5390000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.972965024.0000000005390000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5390000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.900459995.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1300549932.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4CC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.940442874.0000000004CC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CC0000
|
| Size: |
8192
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1329345182.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
8FD000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3347873695.00000000008FD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
8FD000
|
| Size: |
12288
|
|
|
4D11000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.928992160.0000000004D11000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D11000
|
| Size: |
241664
|
|
|
9BD000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000000.00000002.938246767.00000000009BD000.00000008.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
9BD000
|
| Size: |
4096
|
|
|
52B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.898312408.00000000052B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52B0000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903649410.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1296996528.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
52F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000003.931271785.00000000052F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52F0000
|
| Size: |
4096
|
|
|
951000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000000.00000000.890505286.0000000000951000.00000080.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
951000
|
| Size: |
188416
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1325079347.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
1150000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.3349887207.0000000001150000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
1150000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.900601823.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904530772.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
400F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939939734.000000000400F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
400F000
|
| Size: |
4096
|
|
|
E10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1296575386.0000000000E10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E10000
|
| Size: |
53248
|
|
|
31CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3351677533.00000000031CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
31CE000
|
| Size: |
8192
|
|
|
4E00000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000003.1298283823.0000000004E00000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4E00000
|
| Size: |
4096
|
|
|
1150000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000001.00000000.917547722.0000000001150000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
1150000
|
| Size: |
1679360
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1325984466.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
5320000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.972854482.0000000005320000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5320000
|
| Size: |
4096
|
|
|
6B40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.916276365.0000000006B40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B40000
|
| Size: |
4096
|
|
|
14A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.929540028.00000000014A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
14A0000
|
| Size: |
53248
|
|
|
68EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.941008446.00000000068EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
68EF000
|
| Size: |
4096
|
|
|
52C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3347477307.000000000052C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
52C000
|
| Size: |
16384
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.905067008.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
4E20000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000A.00000002.3352971365.0000000004E20000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4E20000
|
| Size: |
4096
|
|
|
5370000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.972931327.0000000005370000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5370000
|
| Size: |
4096
|
|
|
1151000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000001.00000002.971588175.0000000001151000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
1151000
|
| Size: |
1658880
|
|
|
4C0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972747469.0000000004C0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C0E000
|
| Size: |
8192
|
|
|
4CA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.906689962.0000000004CA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4CA1000
|
| Size: |
4096
|
|
|
E10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1295755319.0000000000E10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E10000
|
| Size: |
53248
|
|
|
14B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.929074952.00000000014B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14B4000
|
| Size: |
4096
|
|
|
DF8000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000000.00000002.938675158.0000000000DF8000.00000080.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
DF8000
|
| Size: |
8192
|
|
|
11F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.938740748.00000000011F0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11F0000
|
| Size: |
4096
|
|
|
A20000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3348235431.0000000000A20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A20000
|
| Size: |
4096
|
|
|
420E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000001.00000002.972467053.000000000420E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
420E000
|
| Size: |
8192
|
|
|
470E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352658963.000000000470E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
470E000
|
| Size: |
8192
|
|
|
430F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3352435174.000000000430F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
430F000
|
| Size: |
4096
|
|
|
E40000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3349527535.0000000000E40000.00000004.00000001.01000000.00000007.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
E40000
|
| Size: |
4096
|
|
|
E40000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000A.00000000.1287032171.0000000000E40000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
E40000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1329079634.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
4811000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000003.1326462224.0000000004811000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4811000
|
| Size: |
4096
|
|
|
14B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000001.00000003.929091815.00000000014B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14B4000
|
| Size: |
4096
|
|
|
154E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.939168247.000000000154E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
154E000
|
| Size: |
8192
|
|
|
A17000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000A.00000002.3348235431.0000000000A17000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
10
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
A17000
|
| Size: |
12288
|
|
|
1138000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000001.00000002.971346080.0000000001138000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
1
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
1138000
|
| Size: |
28672
|
|
