|
851000
|
unkown
|
page execute and read and write
|
 |
|
|
| Name: |
0000000F.00000002.2485010999.0000000000851000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
851000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found malware configuration |
AV Detection |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
| Sample uses string decryption to hide its real strings |
AV Detection |
|
|
|
851000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.3079893115.0000000000851000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
851000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
851000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1279727096.0000000000851000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
851000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
5280000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1239516814.0000000005280000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5280000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
5F1000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.929336427.00000000005F1000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
5F1000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
5030000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3039570243.0000000005030000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5030000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
4840000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2441633401.0000000004840000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4840000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
4A50000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.881311513.0000000004A50000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4A50000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
851000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1878677376.0000000000851000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
851000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
851000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3329383658.0000000000851000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
851000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
4B20000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1837697286.0000000004B20000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4B20000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
5050000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.941115838.0000000005050000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5050000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
3F4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081920629.0000000003F4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F4E000
|
| Size: |
8192
|
|
|
11F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3037868176.00000000011F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11F4000
|
| Size: |
4096
|
|
|
58FD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3337090934.00000000058FD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
58FD000
|
| Size: |
12288
|
|
|
2E7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2488106766.0000000002E7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E7F000
|
| Size: |
4096
|
|
|
494000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2439762270.0000000000494000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
494000
|
| Size: |
4096
|
|
|
12D7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3331903649.00000000012D7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12D7000
|
| Size: |
147456
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.960114375.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
11F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3042300851.00000000011F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11F4000
|
| Size: |
4096
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888892230.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
5B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2484186322.00000000005B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5B0000
|
| Size: |
4096
|
|
|
51B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000003.3040158139.00000000051B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51B0000
|
| Size: |
4096
|
|
|
42EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3335656659.00000000042EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
42EE000
|
| Size: |
8192
|
|
|
37BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281150326.00000000037BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
37BE000
|
| Size: |
8192
|
|
|
39C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1878016459.000000000039C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
39C000
|
| Size: |
16384
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903284351.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
51D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.941785524.00000000051D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51D0000
|
| Size: |
4096
|
|
|
420F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931345359.000000000420F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
420F000
|
| Size: |
4096
|
|
|
6510000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932360089.0000000006510000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6510000
|
| Size: |
4096
|
|
|
3CCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081803086.0000000003CCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3CCE000
|
| Size: |
8192
|
|
|
B6F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2485519836.0000000000B6F000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B6F000
|
| Size: |
4096
|
|
|
319E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883000997.000000000319E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
319E000
|
| Size: |
8192
|
|
|
4CC0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1884509078.0000000004CC0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CC0000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892967612.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3037260112.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
2E4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930666393.0000000002E4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E4E000
|
| Size: |
8192
|
|
|
B6F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3329694880.0000000000B6F000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B6F000
|
| Size: |
4096
|
|
|
4C70000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1837962606.0000000004C70000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C70000
|
| Size: |
4096
|
|
|
AB0000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.929970467.0000000000AB0000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
AB0000
|
| Size: |
8192
|
|
|
15A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1229940823.00000000015A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
15A0000
|
| Size: |
53248
|
|
|
4B7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1282307469.0000000004B7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4B7F000
|
| Size: |
4096
|
|
|
154E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1280584420.000000000154E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
154E000
|
| Size: |
8192
|
|
|
5250000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3336687578.0000000005250000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5250000
|
| Size: |
4096
|
|
|
15E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1280755006.00000000015E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15E0000
|
| Size: |
36864
|
|
|
125E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3080837320.000000000125E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
125E000
|
| Size: |
8192
|
|
|
4AAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3336092979.0000000004AAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4AAE000
|
| Size: |
8192
|
|
|
14F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1237972878.00000000014F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14F4000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.893061123.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
FCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1882133430.0000000000FCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
FCE000
|
| Size: |
8192
|
|
|
129A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3331903649.000000000129A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
129A000
|
| Size: |
8192
|
|
|
730000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1878326482.0000000000730000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
730000
|
| Size: |
4096
|
|
|
5D0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.870351450.00000000005D0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5D0000
|
| Size: |
53248
|
|
|
4990000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000003.2442510297.0000000004990000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4990000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.894876460.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
148F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3332635808.000000000148F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
148F000
|
| Size: |
4096
|
|
|
15A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1234727924.00000000015A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
15A0000
|
| Size: |
53248
|
|
|
3B8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081746910.0000000003B8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B8E000
|
| Size: |
8192
|
|
|
850000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000C.00000000.1814412063.0000000000850000.00000002.00000001.01000000.00000008.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
850000
|
| Size: |
4096
|
|
|
2DF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081112818.0000000002DF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2DF0000
|
| Size: |
4096
|
|
|
5180000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000003.3040353433.0000000005180000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5180000
|
| Size: |
4096
|
|
|
14F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1229365814.00000000014F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14F4000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904219449.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
380F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930996206.000000000380F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
380F000
|
| Size: |
4096
|
|
|
2777000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2487282177.0000000002777000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2777000
|
| Size: |
8192
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.943644766.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
4BC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3336162627.0000000004BC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC0000
|
| Size: |
36864
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889090716.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
10A5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930139010.00000000010A5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10A5000
|
| Size: |
8192
|
|
|
830000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2436857619.0000000000830000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
830000
|
| Size: |
53248
|
|
|
494000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2439969025.0000000000494000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
494000
|
| Size: |
4096
|
|
|
DAC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3080703885.0000000000DAC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DAC000
|
| Size: |
16384
|
|
|
B27000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.3080052472.0000000000B27000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B27000
|
| Size: |
122880
|
|
|
3F6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3335327638.0000000003F6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F6E000
|
| Size: |
8192
|
|
|
4C10000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.931761542.0000000004C10000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C10000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903420837.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892622373.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
8192
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903341911.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
51A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.941871045.00000000051A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51A0000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.962246999.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
E60000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1832443720.0000000000E60000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E60000
|
| Size: |
53248
|
|
|
38DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883416715.00000000038DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38DF000
|
| Size: |
4096
|
|
|
4AB5000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.881311513.0000000004AB5000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4AB5000
|
| Size: |
12288
|
|
|
29C7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930521901.00000000029C7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29C7000
|
| Size: |
32768
|
|
|
850000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1878617126.0000000000850000.00000004.00000001.01000000.00000008.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
850000
|
| Size: |
4096
|
|
|
63E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932287198.00000000063E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63E0000
|
| Size: |
8192
|
|
|
377F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281120918.000000000377F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
377F000
|
| Size: |
4096
|
|
|
D12000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
0000000C.00000002.1881597035.0000000000D12000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
D12000
|
| Size: |
8192
|
|
|
754000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1836113562.0000000000754000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
754000
|
| Size: |
4096
|
|
|
830000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2422825425.0000000000830000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
830000
|
| Size: |
53248
|
|
|
44CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931455699.00000000044CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
44CE000
|
| Size: |
8192
|
|
|
4D00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931867449.0000000004D00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D00000
|
| Size: |
8192
|
|
|
3B6F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3334881247.0000000003B6F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B6F000
|
| Size: |
4096
|
|
|
494000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2439928456.0000000000494000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
494000
|
| Size: |
4096
|
|
|
405F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883837800.000000000405F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
405F000
|
| Size: |
4096
|
|
|
45D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931495983.00000000045D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D0000
|
| Size: |
45056
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.905694667.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
516F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3082449514.000000000516F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
516F000
|
| Size: |
4096
|
|
|
4BB0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.937095700.0000000004BB0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4BB0000
|
| Size: |
53248
|
|
|
B56000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1279829102.0000000000B56000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B56000
|
| Size: |
32768
|
|
|
2E40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3333331942.0000000002E40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E40000
|
| Size: |
4096
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.890198939.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
409E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883865552.000000000409E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
409E000
|
| Size: |
8192
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961493539.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
2E07000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081139237.0000000002E07000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E07000
|
| Size: |
8192
|
|
|
5095000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3039570243.0000000005095000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5095000
|
| Size: |
12288
|
|
|
4C70000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1838032803.0000000004C70000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C70000
|
| Size: |
4096
|
|
|
4D10000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1884634648.0000000004D10000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D10000
|
| Size: |
4096
|
|
|
2F1E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1882854558.0000000002F1E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2F1E000
|
| Size: |
8192
|
|
|
8BD000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000005.00000000.1224393303.00000000008BD000.00000008.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
8BD000
|
| Size: |
4096
|
|
|
33BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2488755813.00000000033BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
33BE000
|
| Size: |
8192
|
|
|
B27000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2485519836.0000000000B27000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B27000
|
| Size: |
122880
|
|
|
15A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1235851512.00000000015A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
15A0000
|
| Size: |
53248
|
|
|
3AFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2489142658.0000000003AFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3AFF000
|
| Size: |
4096
|
|
|
3DDF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883689726.0000000003DDF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3DDF000
|
| Size: |
4096
|
|
|
11F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3020625126.00000000011F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11F4000
|
| Size: |
4096
|
|
|
492F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3335996310.000000000492F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
492F000
|
| Size: |
4096
|
|
|
E9B000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1881863895.0000000000E9B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E9B000
|
| Size: |
65536
|
|
|
10FD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3080745170.00000000010FD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
10FD000
|
| Size: |
12288
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892572972.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
8192
|
|
|
129E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3331903649.000000000129E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
129E000
|
| Size: |
204800
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892434021.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
30FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2488466909.00000000030FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
30FF000
|
| Size: |
4096
|
|
|
49D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2489948235.00000000049D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
49D0000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961891400.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.891460253.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
1490000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1280480658.0000000001490000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1490000
|
| Size: |
4096
|
|
|
5F0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.863546701.00000000005F0000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
5F0000
|
| Size: |
4096
|
|
|
354E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081471410.000000000354E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
354E000
|
| Size: |
8192
|
|
|
4BB0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.931990665.0000000004BB0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4BB0000
|
| Size: |
53248
|
|
|
10BB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.908505918.00000000010BB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10BB000
|
| Size: |
61440
|
|
|
3B5F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883565869.0000000003B5F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B5F000
|
| Size: |
4096
|
|
|
15A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1232836422.00000000015A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
15A0000
|
| Size: |
53248
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961739335.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
46BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1282078557.00000000046BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
46BE000
|
| Size: |
8192
|
|
|
B27000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3329694880.0000000000B27000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B27000
|
| Size: |
122880
|
|
|
2770000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2487282177.0000000002770000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2770000
|
| Size: |
16384
|
|
|
2DEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081083992.0000000002DEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2DEE000
|
| Size: |
8192
|
|
|
15A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1235298276.00000000015A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
15A0000
|
| Size: |
53248
|
|
|
432E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3335693386.000000000432E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
432E000
|
| Size: |
8192
|
|
|
3DFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281449721.0000000003DFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3DFE000
|
| Size: |
8192
|
|
|
754000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1836187299.0000000000754000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
754000
|
| Size: |
4096
|
|
|
1110000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3080773535.0000000001110000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1110000
|
| Size: |
4096
|
|
|
3BAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3334914025.0000000003BAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3BAE000
|
| Size: |
8192
|
|
|
51D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.941639998.00000000051D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51D0000
|
| Size: |
4096
|
|
|
1315000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3331903649.0000000001315000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1315000
|
| Size: |
36864
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
4C70000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1837930515.0000000004C70000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C70000
|
| Size: |
8192
|
|
|
3A5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883534909.0000000003A5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A5E000
|
| Size: |
8192
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.894954721.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.891867161.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
90F000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000000.00000000.863615671.000000000090F000.00000080.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
90F000
|
| Size: |
1724416
|
|
|
14F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1237929218.00000000014F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14F4000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961994117.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
2B5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1882611002.0000000002B5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2B5E000
|
| Size: |
8192
|
|
|
E5F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1881726071.0000000000E5F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E5F000
|
| Size: |
4096
|
|
|
4C90000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3020377993.0000000004C90000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
131072
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.909719426.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
830000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2438866995.0000000000830000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
830000
|
| Size: |
53248
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.879255353.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
754000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1819882149.0000000000754000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
754000
|
| Size: |
4096
|
|
|
4CD0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1884538834.0000000004CD0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CD0000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.943919977.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
51B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000003.3040190041.00000000051B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51B0000
|
| Size: |
4096
|
|
|
5200000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3336457279.0000000005200000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5200000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.939644054.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
47FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1282154050.00000000047FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47FE000
|
| Size: |
8192
|
|
|
2740000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2440827197.0000000002740000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2740000
|
| Size: |
53248
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.891925492.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
297F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2487404230.000000000297F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
297F000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.908472626.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
B56000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1879332859.0000000000B56000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B56000
|
| Size: |
32768
|
|
|
2910000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1882412726.0000000002910000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2910000
|
| Size: |
16384
|
|
|
448F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931436373.000000000448F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
448F000
|
| Size: |
4096
|
|
|
494000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2421234814.0000000000494000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
494000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.909571509.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
1110000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3331348721.0000000001110000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1110000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961660990.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.909636419.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
4BB0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.933374221.0000000004BB0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4BB0000
|
| Size: |
53248
|
|
|
3C7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281358430.0000000003C7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C7F000
|
| Size: |
4096
|
|
|
4CFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1282396796.0000000004CFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4CFE000
|
| Size: |
8192
|
|
|
700000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1878148777.0000000000700000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
700000
|
| Size: |
4096
|
|
|
2F6F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3333751430.0000000002F6F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2F6F000
|
| Size: |
4096
|
|
|
14F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1241827384.00000000014F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14F4000
|
| Size: |
4096
|
|
|
493E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1282219265.000000000493E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
493E000
|
| Size: |
8192
|
|
|
3C7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2489238003.0000000003C7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C7E000
|
| Size: |
8192
|
|
|
B6F000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000002.00000000.924947282.0000000000B6F000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
B6F000
|
| Size: |
1724416
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.962332003.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
307F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1280866252.000000000307F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
307F000
|
| Size: |
4096
|
|
|
2750000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000003.2443255537.0000000002750000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2750000
|
| Size: |
4096
|
|
|
5410000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1282567988.0000000005410000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5410000
|
| Size: |
4096
|
|
|
29A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.885729943.00000000029A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
29A0000
|
| Size: |
4096
|
|
|
8B6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1878677376.00000000008B6000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
8B6000
|
| Size: |
16384
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.896666992.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
58AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3337061844.00000000058AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
58AF000
|
| Size: |
4096
|
|
|
5240000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.3082703594.0000000005240000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5240000
|
| Size: |
4096
|
|
|
52E5000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1239516814.00000000052E5000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
52E5000
|
| Size: |
12288
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.895485406.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892402020.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
A49000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2485519836.0000000000A49000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
A49000
|
| Size: |
892928
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
B70000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000011.00000002.3080464318.0000000000B70000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
B70000
|
| Size: |
1703936
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.962215551.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
4BC0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.931665310.0000000004BC0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4BC0000
|
| Size: |
4096
|
|
|
BC000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2482555521.00000000000BC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BC000
|
| Size: |
16384
|
|
|
413F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2489489082.000000000413F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
413F000
|
| Size: |
4096
|
|
|
36CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930948760.00000000036CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
36CF000
|
| Size: |
4096
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.891482471.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
4BB0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.936472915.0000000004BB0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4BB0000
|
| Size: |
53248
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.960763215.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
830000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2424574684.0000000000830000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
830000
|
| Size: |
53248
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.909665901.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.960925493.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
34BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2488790246.00000000034BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34BF000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961968959.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
5D0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.878513642.00000000005D0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5D0000
|
| Size: |
53248
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961193816.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961220737.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
26FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2487053308.00000000026FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
26FE000
|
| Size: |
8192
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.909837040.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
754000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1819823423.0000000000754000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
754000
|
| Size: |
4096
|
|
|
10AB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930139010.00000000010AB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10AB000
|
| Size: |
57344
|
|
|
51E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.3082515800.00000000051E0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51E0000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.879199246.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
49152
|
|
|
E1F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2486938856.0000000000E1F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E1F000
|
| Size: |
4096
|
|
|
3C9F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883631142.0000000003C9F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C9F000
|
| Size: |
4096
|
|
|
14F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1241809421.00000000014F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14F4000
|
| Size: |
4096
|
|
|
37EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3334541305.00000000037EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
37EE000
|
| Size: |
8192
|
|
|
494000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2421843553.0000000000494000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
494000
|
| Size: |
4096
|
|
|
5CDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3337234249.0000000005CDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5CDE000
|
| Size: |
8192
|
|
|
4B91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3042262692.0000000004B91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B91000
|
| Size: |
49152
|
|
|
4980000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000003.2443105690.0000000004980000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4980000
|
| Size: |
4096
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.879292090.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
352F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3334100990.000000000352F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
352F000
|
| Size: |
4096
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.879357854.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
47BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1282120224.00000000047BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47BF000
|
| Size: |
4096
|
|
|
2F8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930717578.0000000002F8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2F8E000
|
| Size: |
8192
|
|
|
3E8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931213337.0000000003E8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3E8E000
|
| Size: |
8192
|
|
|
11F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3020674091.00000000011F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11F4000
|
| Size: |
4096
|
|
|
53F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.1239836930.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53F0000
|
| Size: |
4096
|
|
|
2ACF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930564347.0000000002ACF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2ACF000
|
| Size: |
4096
|
|
|
B56000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3329694880.0000000000B56000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B56000
|
| Size: |
32768
|
|
|
830000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2431931229.0000000000830000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
830000
|
| Size: |
53248
|
|
|
5D0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.870933113.00000000005D0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5D0000
|
| Size: |
53248
|
|
|
10B4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.909244577.00000000010B4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10B4000
|
| Size: |
4096
|
|
|
406F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3335364774.000000000406F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
406F000
|
| Size: |
4096
|
|
|
6515000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932360089.0000000006515000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6515000
|
| Size: |
4096
|
|
|
5210000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3336498802.0000000005210000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5210000
|
| Size: |
4096
|
|
|
4C70000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1838168369.0000000004C70000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C70000
|
| Size: |
4096
|
|
|
51E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3336394495.00000000051E0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51E0000
|
| Size: |
4096
|
|
|
FE0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.885753275.0000000000FE0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
FE0000
|
| Size: |
4096
|
|
|
469F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1884272473.000000000469F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
469F000
|
| Size: |
4096
|
|
|
15A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1236527894.00000000015A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
15A0000
|
| Size: |
53248
|
|
|
4E01000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1229238824.0000000004E01000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4E01000
|
| Size: |
217088
|
|
|
4A7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1282277967.0000000004A7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A7E000
|
| Size: |
8192
|
|
|
323F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2488552512.000000000323F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
323F000
|
| Size: |
4096
|
|
|
29A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.884343215.00000000029A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
29A0000
|
| Size: |
4096
|
|
|
494000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2421495762.0000000000494000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
494000
|
| Size: |
4096
|
|
|
11F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3020597818.00000000011F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11F4000
|
| Size: |
4096
|
|
|
45CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931477916.00000000045CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
45CF000
|
| Size: |
4096
|
|
|
3CAF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3335004743.0000000003CAF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3CAF000
|
| Size: |
4096
|
|
|
B6F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1879332859.0000000000B6F000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B6F000
|
| Size: |
4096
|
|
|
4C70000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1838087347.0000000004C70000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C70000
|
| Size: |
4096
|
|
|
3A4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081690306.0000000003A4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A4E000
|
| Size: |
8192
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3029812979.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
494000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2421867286.0000000000494000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
494000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.962302370.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
4BB0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.939448859.0000000004BB0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4BB0000
|
| Size: |
53248
|
|
|
355E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883236957.000000000355E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
355E000
|
| Size: |
8192
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892937990.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
4990000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000003.2442378846.0000000004990000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4990000
|
| Size: |
4096
|
|
|
7E9000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.929453981.00000000007E9000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
7E9000
|
| Size: |
892928
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
11F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3020572077.00000000011F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11F4000
|
| Size: |
4096
|
|
|
15D0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1239372319.00000000015D0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
15D0000
|
| Size: |
53248
|
|
|
12D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3331903649.00000000012D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12D1000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.895510599.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.868894944.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
32DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883071571.00000000032DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
32DE000
|
| Size: |
8192
|
|
|
F7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930101381.0000000000F7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F7E000
|
| Size: |
8192
|
|
|
444E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3082110951.000000000444E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
444E000
|
| Size: |
8192
|
|
|
850000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000F.00000000.2414847715.0000000000850000.00000002.00000001.01000000.00000008.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
850000
|
| Size: |
4096
|
|
|
32BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1280943838.00000000032BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
32BE000
|
| Size: |
8192
|
|
|
3CEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3335077713.0000000003CEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3CEE000
|
| Size: |
8192
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.943763479.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
11F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3037971877.00000000011F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11F4000
|
| Size: |
4096
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889585198.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
4C60000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1838210049.0000000004C60000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C60000
|
| Size: |
4096
|
|
|
3B7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281327880.0000000003B7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B7E000
|
| Size: |
8192
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903390661.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
14F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1238026189.00000000014F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14F4000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.962572601.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
430E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3082067779.000000000430E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
430E000
|
| Size: |
8192
|
|
|
2917000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1882412726.0000000002917000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2917000
|
| Size: |
8192
|
|
|
754000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1840113580.0000000000754000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
754000
|
| Size: |
4096
|
|
|
4CF0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1884585975.0000000004CF0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CF0000
|
| Size: |
4096
|
|
|
4D04000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931867449.0000000004D04000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D04000
|
| Size: |
12288
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961829535.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.962079625.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.960063692.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
B6F000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000005.00000000.1224408444.0000000000B6F000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
B6F000
|
| Size: |
1724416
|
|
|
2FBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2488278111.0000000002FBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2FBF000
|
| Size: |
4096
|
|
|
2DDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1882770329.0000000002DDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2DDE000
|
| Size: |
8192
|
|
|
4A3F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1282248602.0000000004A3F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A3F000
|
| Size: |
4096
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889805351.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
5290000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3336888069.0000000005290000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5290000
|
| Size: |
4096
|
|
|
43FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281726489.00000000043FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
43FF000
|
| Size: |
4096
|
|
|
3F8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931240436.0000000003F8F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F8F000
|
| Size: |
4096
|
|
|
3F0F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081893806.0000000003F0F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F0F000
|
| Size: |
4096
|
|
|
41CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3082023013.00000000041CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
41CE000
|
| Size: |
8192
|
|
|
81E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2484526216.000000000081E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
81E000
|
| Size: |
8192
|
|
|
5460000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1282706554.0000000005460000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5460000
|
| Size: |
4096
|
|
|
42CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3082046063.00000000042CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
42CF000
|
| Size: |
4096
|
|
|
29A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.884170209.00000000029A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
29A0000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.894925722.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
14F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1237950297.00000000014F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14F4000
|
| Size: |
4096
|
|
|
5D0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.873383002.00000000005D0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5D0000
|
| Size: |
53248
|
|
|
3A1F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883495971.0000000003A1F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A1F000
|
| Size: |
4096
|
|
|
4A00000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2490056772.0000000004A00000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4A00000
|
| Size: |
4096
|
|
|
341E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883152068.000000000341E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
341E000
|
| Size: |
8192
|
|
|
38EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3334590813.00000000038EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38EF000
|
| Size: |
4096
|
|
|
368E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081527439.000000000368E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
368E000
|
| Size: |
8192
|
|
|
51C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.941853645.00000000051C0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51C0000
|
| Size: |
4096
|
|
|
11F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3037722820.00000000011F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11F4000
|
| Size: |
4096
|
|
|
3E2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3335242861.0000000003E2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3E2E000
|
| Size: |
8192
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904755098.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961245972.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
10BB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.909178786.00000000010BB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10BB000
|
| Size: |
86016
|
|
|
490000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2484098814.0000000000490000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
490000
|
| Size: |
16384
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892824436.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
43C1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2445125364.00000000043C1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
43C1000
|
| Size: |
49152
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.944070622.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
43C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2489687765.00000000043C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
43C0000
|
| Size: |
4096
|
|
|
5420000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1282594113.0000000005420000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5420000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.962627189.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
41BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281635321.00000000041BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
41BE000
|
| Size: |
8192
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.891695709.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
37AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3334442566.00000000037AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
37AF000
|
| Size: |
4096
|
|
|
46A1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1836075219.00000000046A1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46A1000
|
| Size: |
49152
|
|
|
28EB000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1882352314.00000000028EB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
28EB000
|
| Size: |
20480
|
|
|
2C9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1882688363.0000000002C9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2C9E000
|
| Size: |
8192
|
|
|
5260000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.3082752594.0000000005260000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5260000
|
| Size: |
4096
|
|
|
43C1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2421436893.00000000043C1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
43C1000
|
| Size: |
180224
|
|
|
148E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1280457590.000000000148E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
148E000
|
| Size: |
8192
|
|
|
5260000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3336741430.0000000005260000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5260000
|
| Size: |
4096
|
|
|
317F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1280892926.000000000317F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
317F000
|
| Size: |
4096
|
|
|
315F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1882956962.000000000315F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
315F000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892249870.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
E60000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1826577765.0000000000E60000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E60000
|
| Size: |
53248
|
|
|
E60000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1835226347.0000000000E60000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E60000
|
| Size: |
53248
|
|
|
33DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883111164.00000000033DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
33DF000
|
| Size: |
4096
|
|
|
53D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.1239972154.00000000053D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53D0000
|
| Size: |
4096
|
|
|
5450000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1282677658.0000000005450000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5450000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1884416976.0000000004C90000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C90000
|
| Size: |
4096
|
|
|
3A2F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3334768816.0000000003A2F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A2F000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.962362733.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
5440000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1282647473.0000000005440000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5440000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904186552.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
11F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3037929431.00000000011F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11F4000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.959320960.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
46A1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1819763811.00000000046A1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46A1000
|
| Size: |
192512
|
|
|
4B85000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1837697286.0000000004B85000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4B85000
|
| Size: |
12288
|
|
|
851000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
0000000C.00000000.1814440566.0000000000851000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
851000
|
| Size: |
188416
|
|
|
26BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2486974572.00000000026BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
26BF000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.960707909.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
29B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.930502528.00000000029B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
29B0000
|
| Size: |
4096
|
|
|
51D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.941556733.00000000051D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51D0000
|
| Size: |
4096
|
|
|
8F6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.929453981.00000000008F6000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
8F6000
|
| Size: |
32768
|
|
|
46A1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1819578407.00000000046A1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46A1000
|
| Size: |
65536
|
|
|
5EB000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2484280314.00000000005EB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5EB000
|
| Size: |
131072
|
|
|
5050000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.940972439.0000000005050000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5050000
|
| Size: |
53248
|
|
|
754000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1819909267.0000000000754000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
754000
|
| Size: |
4096
|
|
|
FBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930121875.0000000000FBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
FBE000
|
| Size: |
8192
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892140095.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
37CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081586325.00000000037CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
37CE000
|
| Size: |
8192
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.943947056.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
B56000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.3080052472.0000000000B56000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B56000
|
| Size: |
32768
|
|
|
51D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.3082494497.00000000051D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51D0000
|
| Size: |
4096
|
|
|
754000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1819802029.0000000000754000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
754000
|
| Size: |
4096
|
|
|
320E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930801947.000000000320E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
320E000
|
| Size: |
8192
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3036677057.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
306F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3333782864.000000000306F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
306F000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961165000.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
33FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1280997572.00000000033FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
33FE000
|
| Size: |
8192
|
|
|
2ABF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2487579097.0000000002ABF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2ABF000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961941595.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
830000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2425443591.0000000000830000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
830000
|
| Size: |
53248
|
|
|
E60000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1831124397.0000000000E60000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E60000
|
| Size: |
53248
|
|
|
5ED0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932044212.0000000005ED0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5ED0000
|
| Size: |
8192
|
|
|
D12000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000005.00000002.1280355742.0000000000D12000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
D12000
|
| Size: |
8192
|
|
|
46A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1884301168.00000000046A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46A0000
|
| Size: |
4096
|
|
|
15A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1234150605.00000000015A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
15A0000
|
| Size: |
53248
|
|
|
39FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281234139.00000000039FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
39FF000
|
| Size: |
4096
|
|
|
29C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930521901.00000000029C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29C0000
|
| Size: |
20480
|
|
|
46EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3335908017.00000000046EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
46EE000
|
| Size: |
8192
|
|
|
D10000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1280331595.0000000000D10000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
D10000
|
| Size: |
8192
|
|
|
31CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930780017.00000000031CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
31CF000
|
| Size: |
4096
|
|
|
367E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281097308.000000000367E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
367E000
|
| Size: |
8192
|
|
|
34FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281022656.00000000034FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34FF000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961714443.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
51D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.941741253.00000000051D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51D0000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.960893797.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
3CBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281386618.0000000003CBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3CBE000
|
| Size: |
8192
|
|
|
FF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930139010.0000000000FF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FF0000
|
| Size: |
36864
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889621159.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
455F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1884201795.000000000455F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
455F000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961574959.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
8B6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1279727096.00000000008B6000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
8B6000
|
| Size: |
16384
|
|
|
10BA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930139010.00000000010BA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10BA000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
51B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000003.3040111320.00000000051B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51B0000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892772544.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.905987246.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.894844328.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.960795904.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.908438022.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
6330000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932267217.0000000006330000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6330000
|
| Size: |
4096
|
|
|
830000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2423559670.0000000000830000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
830000
|
| Size: |
53248
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961135712.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
D12000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
0000000F.00000002.2486904210.0000000000D12000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
D12000
|
| Size: |
8192
|
|
|
48A5000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2441633401.00000000048A5000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
48A5000
|
| Size: |
12288
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.959246827.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
4B8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931591232.0000000004B8F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4B8F000
|
| Size: |
4096
|
|
|
4C20000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.931785810.0000000004C20000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C20000
|
| Size: |
4096
|
|
|
1321000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3331903649.0000000001321000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1321000
|
| Size: |
8192
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
32AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3333917336.00000000032AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
32AF000
|
| Size: |
4096
|
|
|
454F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3082132669.000000000454F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
454F000
|
| Size: |
4096
|
|
|
4CAC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931822783.0000000004CAC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4CAC000
|
| Size: |
16384
|
|
|
51B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000003.3039887844.00000000051B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51B0000
|
| Size: |
8192
|
|
|
35FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2488856939.00000000035FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
35FF000
|
| Size: |
4096
|
|
|
850000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3079859870.0000000000850000.00000004.00000001.01000000.00000008.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
850000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.906114707.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
FD0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.885814483.0000000000FD0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
FD0000
|
| Size: |
4096
|
|
|
5C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.929258711.00000000005C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5C0000
|
| Size: |
4096
|
|
|
48FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1282190969.00000000048FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
48FF000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.962600966.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
363F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281069175.000000000363F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
363F000
|
| Size: |
4096
|
|
|
42DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883967719.00000000042DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
42DF000
|
| Size: |
4096
|
|
|
108F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930139010.000000000108F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
108F000
|
| Size: |
86016
|
|
|
51D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.941496606.00000000051D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51D0000
|
| Size: |
8192
|
|
|
53C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.1240011667.00000000053C0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53C0000
|
| Size: |
4096
|
|
|
59E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.929241105.000000000059E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
59E000
|
| Size: |
8192
|
|
|
506E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3082427908.000000000506E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
506E000
|
| Size: |
8192
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.879274175.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
E60000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1829865435.0000000000E60000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E60000
|
| Size: |
53248
|
|
|
13DB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3080948027.00000000013DB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13DB000
|
| Size: |
65536
|
|
|
41DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883925538.00000000041DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
41DE000
|
| Size: |
8192
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961338720.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
10C2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930139010.00000000010C2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10C2000
|
| Size: |
135168
|
|
|
334E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930838913.000000000334E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
334E000
|
| Size: |
8192
|
|
|
51C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.3082474410.00000000051C0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51C0000
|
| Size: |
4096
|
|
|
2D3F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2487782771.0000000002D3F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D3F000
|
| Size: |
4096
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.891435944.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
4B91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3037665586.0000000004B91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B91000
|
| Size: |
49152
|
|
|
3E0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081863749.0000000003E0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3E0E000
|
| Size: |
8192
|
|
|
417E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2489519852.000000000417E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
417E000
|
| Size: |
8192
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.868925260.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.895534311.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
AB2000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000000.00000002.929988973.0000000000AB2000.00000080.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
AB2000
|
| Size: |
8192
|
|
|
3EBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2489339954.0000000003EBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3EBF000
|
| Size: |
4096
|
|
|
E60000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1833368369.0000000000E60000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E60000
|
| Size: |
53248
|
|
|
8320000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932700641.0000000008320000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8320000
|
| Size: |
69632
|
|
|
5230000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3336574586.0000000005230000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5230000
|
| Size: |
4096
|
|
|
53F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.1239769916.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53F0000
|
| Size: |
4096
|
|
|
8BD000
|
unkown
|
page write copy
|
|
|
|
| Name: |
0000000F.00000002.2485364005.00000000008BD000.00000008.00000001.01000000.00000008.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
8BD000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903201364.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
39A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.929133339.000000000039A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
39A000
|
| Size: |
24576
|
|
|
4A10000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2490089012.0000000004A10000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4A10000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.944098323.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892858412.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
15C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1280697984.00000000015C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15C0000
|
| Size: |
16384
|
|
|
53E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.1239988746.00000000053E0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53E0000
|
| Size: |
4096
|
|
|
5D0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.872816369.00000000005D0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5D0000
|
| Size: |
53248
|
|
|
53F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.1239947707.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53F0000
|
| Size: |
4096
|
|
|
565E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3336957798.000000000565E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
565E000
|
| Size: |
8192
|
|
|
1120000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3331397606.0000000001120000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1120000
|
| Size: |
8192
|
|
|
494000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2421689719.0000000000494000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
494000
|
| Size: |
4096
|
|
|
48E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2483151144.000000000048E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
48E000
|
| Size: |
8192
|
|
|
53BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1282515922.00000000053BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
53BF000
|
| Size: |
4096
|
|
|
3FCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931261201.0000000003FCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3FCE000
|
| Size: |
8192
|
|
|
3D7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2489272116.0000000003D7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3D7F000
|
| Size: |
4096
|
|
|
364F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081500589.000000000364F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
364F000
|
| Size: |
4096
|
|
|
497F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2489818019.000000000497F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
497F000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961686148.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
10BE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930139010.00000000010BE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10BE000
|
| Size: |
12288
|
|
|
A49000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.3080052472.0000000000A49000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
A49000
|
| Size: |
892928
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
850000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000005.00000000.1224340597.0000000000850000.00000002.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
850000
|
| Size: |
4096
|
|
|
FC0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.881092972.0000000000FC0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
FC0000
|
| Size: |
53248
|
|
|
8BD000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000011.00000000.3015011764.00000000008BD000.00000008.00000001.01000000.00000008.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
8BD000
|
| Size: |
4096
|
|
|
4A8C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931568737.0000000004A8C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A8C000
|
| Size: |
16384
|
|
|
4BD0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.931683391.0000000004BD0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4BD0000
|
| Size: |
4096
|
|
|
8BF000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1879332859.00000000008BF000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
8BF000
|
| Size: |
1601536
|
|
|
3DCF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081834088.0000000003DCF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3DCF000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961855666.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
E60000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1828724925.0000000000E60000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E60000
|
| Size: |
53248
|
|
|
330F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930821519.000000000330F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
330F000
|
| Size: |
4096
|
|
|
41AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3335460507.00000000041AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
41AF000
|
| Size: |
4096
|
|
|
2E67000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3333538843.0000000002E67000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E67000
|
| Size: |
12288
|
|
|
15A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1231695098.00000000015A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
15A0000
|
| Size: |
53248
|
|
|
5480000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1282764822.0000000005480000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5480000
|
| Size: |
4096
|
|
|
5D0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.876016054.00000000005D0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5D0000
|
| Size: |
53248
|
|
|
B6F000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
0000000C.00000000.1814500665.0000000000B6F000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
B6F000
|
| Size: |
1724416
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903449654.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
850000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1279702147.0000000000850000.00000004.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
850000
|
| Size: |
4096
|
|
|
420000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2482728807.0000000000420000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
420000
|
| Size: |
4096
|
|
|
2D0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930623832.0000000002D0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D0E000
|
| Size: |
8192
|
|
|
81FC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932656352.00000000081FC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
81FC000
|
| Size: |
16384
|
|
|
4B5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1884333532.0000000004B5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4B5E000
|
| Size: |
8192
|
|
|
417F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281603986.000000000417F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
417F000
|
| Size: |
4096
|
|
|
379F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883350612.000000000379F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
379F000
|
| Size: |
4096
|
|
|
10CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1882211337.00000000010CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
10CF000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892521397.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
5280000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3336846740.0000000005280000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5280000
|
| Size: |
4096
|
|
|
1041000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930139010.0000000001041000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1041000
|
| Size: |
45056
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.960829818.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892797199.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.879329284.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
366F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3334298024.000000000366F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
366F000
|
| Size: |
4096
|
|
|
316F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3333821855.000000000316F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
316F000
|
| Size: |
4096
|
|
|
3C8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081776131.0000000003C8F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C8F000
|
| Size: |
4096
|
|
|
410E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931329137.000000000410E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
410E000
|
| Size: |
8192
|
|
|
53F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.1239883549.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53F0000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.900413012.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
4BB0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.932777007.0000000004BB0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4BB0000
|
| Size: |
53248
|
|
|
369E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883304985.000000000369E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
369E000
|
| Size: |
8192
|
|
|
2740000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2441426994.0000000002740000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2740000
|
| Size: |
53248
|
|
|
61DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932199471.00000000061DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
61DF000
|
| Size: |
4096
|
|
|
2AFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2487636788.0000000002AFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2AFE000
|
| Size: |
8192
|
|
|
2990000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.885782889.0000000002990000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2990000
|
| Size: |
4096
|
|
|
5470000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1282735539.0000000005470000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5470000
|
| Size: |
4096
|
|
|
4D20000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1884665729.0000000004D20000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D20000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.894172745.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903128835.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.897020937.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.909074259.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
2BFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2487681758.0000000002BFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2BFF000
|
| Size: |
4096
|
|
|
D5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1881670145.0000000000D5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
D5E000
|
| Size: |
8192
|
|
|
850000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3329314763.0000000000850000.00000004.00000001.01000000.00000008.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
850000
|
| Size: |
4096
|
|
|
B70000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
0000000C.00000002.1880809253.0000000000B70000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
B70000
|
| Size: |
1703936
|
|
|
33BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1280968212.00000000033BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
33BF000
|
| Size: |
4096
|
|
|
4CC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.930500514.0000000004CC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4CC0000
|
| Size: |
159744
|
|
|
910000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000000.00000002.929787483.0000000000910000.00000080.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
910000
|
| Size: |
1703936
|
|
|
51A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000003.3040324655.00000000051A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51A0000
|
| Size: |
4096
|
|
|
391E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883456547.000000000391E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
391E000
|
| Size: |
8192
|
|
|
5F0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.929314399.00000000005F0000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
5F0000
|
| Size: |
4096
|
|
|
3EFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2489378598.0000000003EFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3EFE000
|
| Size: |
8192
|
|
|
3E1E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883718833.0000000003E1E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3E1E000
|
| Size: |
8192
|
|
|
457E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281901566.000000000457E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
457E000
|
| Size: |
8192
|
|
|
29A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.883428587.00000000029A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
29A0000
|
| Size: |
4096
|
|
|
1BD000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2482683239.00000000001BD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
1BD000
|
| Size: |
12288
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961439323.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
FC0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.880519952.0000000000FC0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
FC0000
|
| Size: |
53248
|
|
|
5D0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.871517064.00000000005D0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5D0000
|
| Size: |
53248
|
|
|
5200000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.3082602873.0000000005200000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5200000
|
| Size: |
4096
|
|
|
365F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883272876.000000000365F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
365F000
|
| Size: |
4096
|
|
|
90F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.929453981.000000000090F000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
90F000
|
| Size: |
4096
|
|
|
4DFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1282428789.0000000004DFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4DFF000
|
| Size: |
4096
|
|
|
5D0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.869506195.00000000005D0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5D0000
|
| Size: |
53248
|
|
|
754000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1819929116.0000000000754000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
754000
|
| Size: |
4096
|
|
|
38BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281175599.00000000038BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38BF000
|
| Size: |
4096
|
|
|
4BBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1282333788.0000000004BBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4BBE000
|
| Size: |
8192
|
|
|
65D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000000.00000000.863600916.000000000065D000.00000008.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
65D000
|
| Size: |
4096
|
|
|
49C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2489916271.00000000049C0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
49C0000
|
| Size: |
4096
|
|
|
459E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1884233468.000000000459E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
459E000
|
| Size: |
8192
|
|
|
14EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1280511202.00000000014EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
14EE000
|
| Size: |
8192
|
|
|
754000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1836137808.0000000000754000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
754000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892347268.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
4C70000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1838060038.0000000004C70000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C70000
|
| Size: |
4096
|
|
|
820000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2484760092.0000000000820000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
820000
|
| Size: |
4096
|
|
|
31AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3333852159.00000000031AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
31AE000
|
| Size: |
8192
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.905353686.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.939535588.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
49152
|
|
|
4A8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3082348091.0000000004A8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A8E000
|
| Size: |
8192
|
|
|
10D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.909178786.00000000010D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10D1000
|
| Size: |
40960
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.898519065.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
D12000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000002.00000002.3331201106.0000000000D12000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
D12000
|
| Size: |
8192
|
|
|
45E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931495983.00000000045E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45E1000
|
| Size: |
40960
|
|
|
4C70000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1838144168.0000000004C70000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C70000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.908378344.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
14F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1237992819.00000000014F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14F4000
|
| Size: |
4096
|
|
|
65D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000000.00000002.929432458.000000000065D000.00000008.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
65D000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3032115934.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889404103.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
2900000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1838194462.0000000002900000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2900000
|
| Size: |
4096
|
|
|
51B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000003.3040043227.00000000051B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51B0000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892700029.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889649680.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
3C0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931142832.0000000003C0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C0E000
|
| Size: |
8192
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.906018292.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
1350000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1280428212.0000000001350000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1350000
|
| Size: |
4096
|
|
|
344F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930856240.000000000344F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
344F000
|
| Size: |
4096
|
|
|
D10000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.3080640380.0000000000D10000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
D10000
|
| Size: |
8192
|
|
|
A49000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1879332859.0000000000A49000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
A49000
|
| Size: |
892928
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
8BF000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.3080052472.00000000008BF000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
8BF000
|
| Size: |
1601536
|
|
|
5FDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932146334.0000000005FDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5FDE000
|
| Size: |
8192
|
|
|
15A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1232262882.00000000015A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
15A0000
|
| Size: |
53248
|
|
|
29A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.885342379.00000000029A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
29A0000
|
| Size: |
4096
|
|
|
E80000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1836995971.0000000000E80000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E80000
|
| Size: |
53248
|
|
|
1035000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930139010.0000000001035000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1035000
|
| Size: |
20480
|
|
|
4C00000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.931743018.0000000004C00000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C00000
|
| Size: |
4096
|
|
|
38BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2489039159.00000000038BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38BE000
|
| Size: |
8192
|
|
|
38FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281208143.00000000038FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38FE000
|
| Size: |
8192
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889020355.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961547593.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
440F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3082089241.000000000440F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
440F000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961802948.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
446E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3335762164.000000000446E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
446E000
|
| Size: |
8192
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961008139.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.905405045.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
4D00000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1884610441.0000000004D00000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D00000
|
| Size: |
4096
|
|
|
4A4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3082317427.0000000004A4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A4F000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.895451180.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
3F2F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3335287545.0000000003F2F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F2F000
|
| Size: |
4096
|
|
|
8BD000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000005.00000002.1279807872.00000000008BD000.00000008.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
8BD000
|
| Size: |
4096
|
|
|
398E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931053144.000000000398E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
398E000
|
| Size: |
8192
|
|
|
51B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000003.3039939283.00000000051B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51B0000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.897059644.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
4A20000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2490123228.0000000004A20000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4A20000
|
| Size: |
4096
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.891369559.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
41EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3335608349.00000000041EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
41EE000
|
| Size: |
8192
|
|
|
3DBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281416237.0000000003DBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3DBF000
|
| Size: |
4096
|
|
|
7DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2484468127.00000000007DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7DF000
|
| Size: |
4096
|
|
|
13A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3080922896.00000000013A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13A0000
|
| Size: |
4096
|
|
|
4BE0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.931701836.0000000004BE0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4BE0000
|
| Size: |
4096
|
|
|
E60000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1834691389.0000000000E60000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E60000
|
| Size: |
53248
|
|
|
4CA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1884453468.0000000004CA0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CA0000
|
| Size: |
4096
|
|
|
E60000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1834047247.0000000000E60000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E60000
|
| Size: |
53248
|
|
|
5ED5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932044212.0000000005ED5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5ED5000
|
| Size: |
8192
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892647470.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
2E60000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3333538843.0000000002E60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E60000
|
| Size: |
16384
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.909775708.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
4B91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3020457476.0000000004B91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B91000
|
| Size: |
176128
|
|
|
11F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3020650811.00000000011F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11F4000
|
| Size: |
4096
|
|
|
851000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000002.00000000.924879496.0000000000851000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
851000
|
| Size: |
188416
|
|
|
36AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3334353317.00000000036AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
36AE000
|
| Size: |
8192
|
|
|
10BA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.909244577.00000000010BA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10BA000
|
| Size: |
4096
|
|
|
A49000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1279829102.0000000000A49000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
A49000
|
| Size: |
892928
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
F3C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930076308.0000000000F3C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F3C000
|
| Size: |
16384
|
|
|
38CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081613945.00000000038CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38CF000
|
| Size: |
4096
|
|
|
55E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.929222500.000000000055E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
55E000
|
| Size: |
8192
|
|
|
305E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1882923211.000000000305E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
305E000
|
| Size: |
8192
|
|
|
664C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932511347.000000000664C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
664C000
|
| Size: |
16384
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892309119.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
3A6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3334839436.0000000003A6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A6E000
|
| Size: |
8192
|
|
|
B5F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3329694880.0000000000B5F000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B5F000
|
| Size: |
45056
|
|
|
47A0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1819676441.00000000047A0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
47A0000
|
| Size: |
143360
|
|
|
11F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3037837320.00000000011F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11F4000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.909692881.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
53F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.1239743342.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53F0000
|
| Size: |
8192
|
|
|
631F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932244973.000000000631F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
631F000
|
| Size: |
4096
|
|
|
8FF000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.929453981.00000000008FF000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
8FF000
|
| Size: |
45056
|
|
|
3D4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931179172.0000000003D4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3D4E000
|
| Size: |
8192
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3025337920.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
E60000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1835780212.0000000000E60000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E60000
|
| Size: |
53248
|
|
|
318E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081301238.000000000318E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
318E000
|
| Size: |
8192
|
|
|
B70000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000005.00000002.1280184365.0000000000B70000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
B70000
|
| Size: |
1703936
|
|
|
830000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2438264302.0000000000830000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
830000
|
| Size: |
53248
|
|
|
2EBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2488179916.0000000002EBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2EBE000
|
| Size: |
8192
|
|
|
438E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931414584.000000000438E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
438E000
|
| Size: |
8192
|
|
|
2CCF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930605745.0000000002CCF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2CCF000
|
| Size: |
4096
|
|
|
15A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1237794127.00000000015A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
15A0000
|
| Size: |
53248
|
|
|
4F0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931948261.0000000004F0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4F0E000
|
| Size: |
8192
|
|
|
127E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3331809613.000000000127E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
127E000
|
| Size: |
8192
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892596808.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
8192
|
|
|
8BD000
|
unkown
|
page write copy
|
|
|
|
| Name: |
0000000C.00000002.1879211198.00000000008BD000.00000008.00000001.01000000.00000008.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
8BD000
|
| Size: |
4096
|
|
|
2DAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081057473.0000000002DAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2DAE000
|
| Size: |
8192
|
|
|
15A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1233409581.00000000015A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
15A0000
|
| Size: |
53248
|
|
|
4C70000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1838114532.0000000004C70000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C70000
|
| Size: |
4096
|
|
|
4CBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1282363834.0000000004CBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4CBF000
|
| Size: |
4096
|
|
|
E90000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1881863895.0000000000E90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E90000
|
| Size: |
36864
|
|
|
3E4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931196655.0000000003E4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3E4F000
|
| Size: |
4096
|
|
|
4E01000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1229118978.0000000004E01000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4E01000
|
| Size: |
65536
|
|
|
FFE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930139010.0000000000FFE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FFE000
|
| Size: |
221184
|
|
|
B70000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
0000000F.00000002.2486616506.0000000000B70000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
B70000
|
| Size: |
1703936
|
|
|
82FC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932681867.00000000082FC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
82FC000
|
| Size: |
16384
|
|
|
51D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.941690858.00000000051D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51D0000
|
| Size: |
4096
|
|
|
29B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.929111850.000000000029B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
29B000
|
| Size: |
20480
|
|
|
830000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2436159019.0000000000830000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
830000
|
| Size: |
53248
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961916476.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
3DBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2489305322.0000000003DBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3DBE000
|
| Size: |
8192
|
|
|
480E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3082248166.000000000480E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
480E000
|
| Size: |
8192
|
|
|
3C3F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2489202894.0000000003C3F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C3F000
|
| Size: |
4096
|
|
|
11F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3037895791.00000000011F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11F4000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3022402290.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
4A10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931541465.0000000004A10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4A10000
|
| Size: |
4096
|
|
|
441F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1884058936.000000000441F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
441F000
|
| Size: |
4096
|
|
|
851000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000011.00000000.3014926697.0000000000851000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
851000
|
| Size: |
188416
|
|
|
29A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.883712942.00000000029A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
29A0000
|
| Size: |
4096
|
|
|
29A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.882243109.00000000029A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
29A0000
|
| Size: |
8192
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.894981535.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
2E6B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3333538843.0000000002E6B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E6B000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892282982.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
5220000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.3082654061.0000000005220000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5220000
|
| Size: |
4096
|
|
|
8BF000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3329694880.00000000008BF000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
8BF000
|
| Size: |
1601536
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889267330.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
A49000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3329694880.0000000000A49000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
A49000
|
| Size: |
892928
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
5190000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000003.3040297756.0000000005190000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5190000
|
| Size: |
4096
|
|
|
2B1F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1882582958.0000000002B1F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2B1F000
|
| Size: |
4096
|
|
|
4BB0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.938263597.0000000004BB0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4BB0000
|
| Size: |
53248
|
|
|
104F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930139010.000000000104F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
104F000
|
| Size: |
94208
|
|
|
E80000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1837557874.0000000000E80000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E80000
|
| Size: |
53248
|
|
|
445E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1884169566.000000000445E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
445E000
|
| Size: |
8192
|
|
|
B5F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2485519836.0000000000B5F000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B5F000
|
| Size: |
45056
|
|
|
158E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1280618192.000000000158E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
158E000
|
| Size: |
8192
|
|
|
E60000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1831836752.0000000000E60000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E60000
|
| Size: |
53248
|
|
|
4BB0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.931304486.0000000004BB0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4BB0000
|
| Size: |
53248
|
|
|
10A3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.908543053.00000000010A3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10A3000
|
| Size: |
90112
|
|
|
830000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2439547304.0000000000830000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
830000
|
| Size: |
53248
|
|
|
E60000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1820587207.0000000000E60000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E60000
|
| Size: |
53248
|
|
|
5D0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.874874963.00000000005D0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5D0000
|
| Size: |
53248
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.962458992.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
494000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2445180685.0000000000494000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
494000
|
| Size: |
4096
|
|
|
65F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.929453981.000000000065F000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
65F000
|
| Size: |
1601536
|
|
|
4990000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000003.2442736947.0000000004990000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4990000
|
| Size: |
4096
|
|
|
487E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2489732080.000000000487E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
487E000
|
| Size: |
8192
|
|
|
2E0F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930644728.0000000002E0F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E0F000
|
| Size: |
4096
|
|
|
51B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000003.3040227365.00000000051B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51B0000
|
| Size: |
4096
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.891971800.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.960981056.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
4F00000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1229183287.0000000004F00000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4F00000
|
| Size: |
163840
|
|
|
2E6D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3333538843.0000000002E6D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E6D000
|
| Size: |
4096
|
|
|
3DEF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3335144982.0000000003DEF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3DEF000
|
| Size: |
4096
|
|
|
8300000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932700641.0000000008300000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8300000
|
| Size: |
98304
|
|
|
13D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3080948027.00000000013D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13D0000
|
| Size: |
36864
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.890600142.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
494000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2445210234.0000000000494000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
494000
|
| Size: |
4096
|
|
|
4C80000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1884388274.0000000004C80000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C80000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.962510902.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
D10000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1881471480.0000000000D10000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
D10000
|
| Size: |
8192
|
|
|
427F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2489552969.000000000427F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
427F000
|
| Size: |
4096
|
|
|
12FC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3331903649.00000000012FC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
12FC000
|
| Size: |
94208
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
52BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1282482712.00000000052BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
52BE000
|
| Size: |
8192
|
|
|
387F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2489005600.000000000387F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
387F000
|
| Size: |
4096
|
|
|
754000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1836216468.0000000000754000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
754000
|
| Size: |
4096
|
|
|
851000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000005.00000000.1224359880.0000000000851000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
851000
|
| Size: |
188416
|
|
|
4BB0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.938821114.0000000004BB0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4BB0000
|
| Size: |
53248
|
|
|
377E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2488967501.000000000377E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
377E000
|
| Size: |
8192
|
|
|
E60000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1822007004.0000000000E60000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E60000
|
| Size: |
53248
|
|
|
11F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3020303685.00000000011F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11F4000
|
| Size: |
4096
|
|
|
15A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1231143252.00000000015A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
15A0000
|
| Size: |
53248
|
|
|
329F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883036099.000000000329F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
329F000
|
| Size: |
4096
|
|
|
1590000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1280668906.0000000001590000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1590000
|
| Size: |
4096
|
|
|
15EB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1280755006.00000000015EB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15EB000
|
| Size: |
65536
|
|
|
3A0F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081665760.0000000003A0F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A0F000
|
| Size: |
4096
|
|
|
43BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2489645217.00000000043BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
43BF000
|
| Size: |
4096
|
|
|
678E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932593320.000000000678E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
678E000
|
| Size: |
8192
|
|
|
60DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932181872.00000000060DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
60DF000
|
| Size: |
4096
|
|
|
431E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1884017066.000000000431E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
431E000
|
| Size: |
8192
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961766065.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
434F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931397624.000000000434F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
434F000
|
| Size: |
4096
|
|
|
5030000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3038791501.0000000005030000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5030000
|
| Size: |
53248
|
|
|
4B90000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.931608125.0000000004B90000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4B90000
|
| Size: |
4096
|
|
|
3B9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883603405.0000000003B9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B9E000
|
| Size: |
8192
|
|
|
410000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.929171859.0000000000410000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
410000
|
| Size: |
8192
|
|
|
53F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.1239927822.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53F0000
|
| Size: |
4096
|
|
|
4C68000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931804981.0000000004C68000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C68000
|
| Size: |
32768
|
|
|
5E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2484280314.00000000005E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5E0000
|
| Size: |
36864
|
|
|
3BCF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931120986.0000000003BCF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3BCF000
|
| Size: |
4096
|
|
|
17DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1280839181.00000000017DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
17DF000
|
| Size: |
4096
|
|
|
11F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3042324696.00000000011F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11F4000
|
| Size: |
4096
|
|
|
4E01000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1241773092.0000000004E01000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4E01000
|
| Size: |
49152
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.908413340.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
656000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.929336427.0000000000656000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
656000
|
| Size: |
16384
|
|
|
51B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000003.3040263074.00000000051B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51B0000
|
| Size: |
4096
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.868943776.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
5F1000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000000.00000000.863564231.00000000005F1000.00000080.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
5F1000
|
| Size: |
188416
|
|
|
851000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
0000000F.00000000.2415051808.0000000000851000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
851000
|
| Size: |
188416
|
|
|
2D7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2487884858.0000000002D7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D7E000
|
| Size: |
8192
|
|
|
5400000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1282542988.0000000005400000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5400000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3021411148.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
2F0F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081191489.0000000002F0F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2F0F000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961090394.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
4BB0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.931648156.0000000004BB0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4BB0000
|
| Size: |
4096
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.868677191.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
419F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883894338.000000000419F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
419F000
|
| Size: |
4096
|
|
|
340E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081411205.000000000340E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
340E000
|
| Size: |
8192
|
|
|
5050000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.940425815.0000000005050000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5050000
|
| Size: |
53248
|
|
|
6518000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932360089.0000000006518000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6518000
|
| Size: |
12288
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903474082.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892464855.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
14F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1229350341.00000000014F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14F4000
|
| Size: |
4096
|
|
|
494E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3082293084.000000000494E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
494E000
|
| Size: |
8192
|
|
|
14F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1229144296.00000000014F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14F4000
|
| Size: |
4096
|
|
|
467F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1282012708.000000000467F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
467F000
|
| Size: |
4096
|
|
|
5230000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.3082677669.0000000005230000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5230000
|
| Size: |
4096
|
|
|
494000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2439862304.0000000000494000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
494000
|
| Size: |
4096
|
|
|
1290000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3331903649.0000000001290000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1290000
|
| Size: |
32768
|
|
|
5490000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1282791709.0000000005490000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5490000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.868780731.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
217088
|
|
|
750000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1878460314.0000000000750000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
750000
|
| Size: |
16384
|
|
|
139E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3080892644.000000000139E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
139E000
|
| Size: |
8192
|
|
|
3FFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2489416120.0000000003FFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3FFF000
|
| Size: |
4096
|
|
|
14F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1229289142.00000000014F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14F4000
|
| Size: |
4096
|
|
|
4BE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3336162627.0000000004BE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BE0000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961519505.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
3CDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883660122.0000000003CDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3CDE000
|
| Size: |
8192
|
|
|
328F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081328989.000000000328F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
328F000
|
| Size: |
4096
|
|
|
34FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2488823893.00000000034FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34FE000
|
| Size: |
8192
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888953579.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.943991086.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
63D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932287198.00000000063D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63D0000
|
| Size: |
8192
|
|
|
49E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2489977673.00000000049E0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
49E0000
|
| Size: |
4096
|
|
|
300F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081219658.000000000300F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
300F000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.943600742.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
49152
|
|
|
51D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.941530817.00000000051D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51D0000
|
| Size: |
4096
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888849252.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
490F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3082271022.000000000490F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
490F000
|
| Size: |
4096
|
|
|
15FC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1280755006.00000000015FC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15FC000
|
| Size: |
61440
|
|
|
424E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931368852.000000000424E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
424E000
|
| Size: |
8192
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903793832.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
53F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.1239798743.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53F0000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.959486577.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
4990000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000003.2442299402.0000000004990000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4990000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892374374.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
103B000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930139010.000000000103B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
103B000
|
| Size: |
4096
|
|
|
FFA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930139010.0000000000FFA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FFA000
|
| Size: |
8192
|
|
|
8333000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932700641.0000000008333000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8333000
|
| Size: |
40960
|
|
|
418F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081999631.000000000418F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
418F000
|
| Size: |
4096
|
|
|
373F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2488935217.000000000373F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
373F000
|
| Size: |
4096
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.868823988.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
4B90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3082403310.0000000004B90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B90000
|
| Size: |
4096
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892109213.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
57AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3337025632.00000000057AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
57AE000
|
| Size: |
8192
|
|
|
496E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3336029147.000000000496E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
496E000
|
| Size: |
8192
|
|
|
D10000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3331142003.0000000000D10000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
D10000
|
| Size: |
8192
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.943868897.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
494000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2439817753.0000000000494000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
494000
|
| Size: |
4096
|
|
|
4990000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000003.2442941355.0000000004990000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4990000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.900485699.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
2E30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3333181395.0000000002E30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E30000
|
| Size: |
4096
|
|
|
2DEB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3332846369.0000000002DEB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2DEB000
|
| Size: |
20480
|
|
|
13EC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3080948027.00000000013EC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13EC000
|
| Size: |
61440
|
|
|
E60000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1827964708.0000000000E60000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
E60000
|
| Size: |
53248
|
|
|
2D9F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1882724914.0000000002D9F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D9F000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.909748311.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
29BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2487443982.00000000029BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
29BE000
|
| Size: |
8192
|
|
|
B6F000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000011.00000000.3015037352.0000000000B6F000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
B6F000
|
| Size: |
1724416
|
|
|
4D30000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1884689046.0000000004D30000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D30000
|
| Size: |
4096
|
|
|
575F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3336988531.000000000575F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
575F000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892913316.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
3B4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081718250.0000000003B4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B4F000
|
| Size: |
4096
|
|
|
2DAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3332700637.0000000002DAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2DAE000
|
| Size: |
8192
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.868880077.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
4BF0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.931725146.0000000004BF0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4BF0000
|
| Size: |
4096
|
|
|
384E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931014310.000000000384E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
384E000
|
| Size: |
8192
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.868861037.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
B5F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.3080052472.0000000000B5F000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B5F000
|
| Size: |
45056
|
|
|
10BA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.908543053.00000000010BA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10BA000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3028253725.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.930574607.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
217088
|
|
|
2EDF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1882818913.0000000002EDF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2EDF000
|
| Size: |
4096
|
|
|
5240000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3336604469.0000000005240000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5240000
|
| Size: |
4096
|
|
|
273E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2487149343.000000000273E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
273E000
|
| Size: |
8192
|
|
|
348E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930883701.000000000348E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
348E000
|
| Size: |
8192
|
|
|
392E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3334712653.000000000392E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
392E000
|
| Size: |
8192
|
|
|
42FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281695049.00000000042FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
42FE000
|
| Size: |
8192
|
|
|
51B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.941832452.00000000051B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51B0000
|
| Size: |
4096
|
|
|
4B91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3019929556.0000000004B91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B91000
|
| Size: |
65536
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961274973.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
51D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.941671433.00000000051D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51D0000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.962150988.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
8301000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.910208609.0000000008301000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8301000
|
| Size: |
262144
|
|
|
8BD000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000002.00000000.924913688.00000000008BD000.00000008.00000001.01000000.00000008.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
8BD000
|
| Size: |
4096
|
|
|
3EFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281479730.0000000003EFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3EFF000
|
| Size: |
4096
|
|
|
8BD000
|
unkown
|
page write copy
|
|
|
|
| Name: |
0000000F.00000000.2415328677.00000000008BD000.00000008.00000001.01000000.00000008.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
8BD000
|
| Size: |
4096
|
|
|
754000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1836250378.0000000000754000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
754000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892722560.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
356E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3334132816.000000000356E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
356E000
|
| Size: |
8192
|
|
|
51D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.941767229.00000000051D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51D0000
|
| Size: |
4096
|
|
|
400000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.929152803.0000000000400000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
400000
|
| Size: |
4096
|
|
|
443E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281790726.000000000443E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
443E000
|
| Size: |
8192
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.962187419.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
14F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1229334521.00000000014F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14F4000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.943670360.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
49B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2489883640.00000000049B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
49B0000
|
| Size: |
4096
|
|
|
32EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3333961416.00000000032EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
32EE000
|
| Size: |
8192
|
|
|
14F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1229319785.00000000014F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14F4000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.960955670.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
1160000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3331448636.0000000001160000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1160000
|
| Size: |
16384
|
|
|
2BCF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930586931.0000000002BCF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2BCF000
|
| Size: |
4096
|
|
|
1165000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3331448636.0000000001165000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1165000
|
| Size: |
8192
|
|
|
47EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3335936669.00000000047EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47EF000
|
| Size: |
4096
|
|
|
3ACE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931096216.0000000003ACE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3ACE000
|
| Size: |
8192
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.894104395.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889869601.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
4B8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3082378346.0000000004B8F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4B8F000
|
| Size: |
4096
|
|
|
2740000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2421321909.0000000002740000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
2740000
|
| Size: |
131072
|
|
|
11F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3020697007.00000000011F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11F4000
|
| Size: |
4096
|
|
|
308F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930737803.000000000308F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
308F000
|
| Size: |
4096
|
|
|
BFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930028234.0000000000BFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BFE000
|
| Size: |
8192
|
|
|
4BD6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3336162627.0000000004BD6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BD6000
|
| Size: |
8192
|
|
|
5210000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.3082626801.0000000005210000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5210000
|
| Size: |
4096
|
|
|
51B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000003.3039982034.00000000051B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51B0000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.904154436.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
403F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281534035.000000000403F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
403F000
|
| Size: |
4096
|
|
|
1067000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930139010.0000000001067000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1067000
|
| Size: |
151552
|
|
|
B5F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1879332859.0000000000B5F000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B5F000
|
| Size: |
45056
|
|
|
830000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2428538679.0000000000830000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
830000
|
| Size: |
53248
|
|
|
5D0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.877466710.00000000005D0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5D0000
|
| Size: |
53248
|
|
|
DAC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3331244269.0000000000DAC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DAC000
|
| Size: |
16384
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892883974.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892672403.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
3D0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931160593.0000000003D0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3D0E000
|
| Size: |
8192
|
|
|
314F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081274668.000000000314F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
314F000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961466611.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
5EAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932017397.0000000005EAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5EAE000
|
| Size: |
8192
|
|
|
313E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2488499853.000000000313E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
313E000
|
| Size: |
8192
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889362817.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
8BD000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000002.00000002.3329614048.00000000008BD000.00000008.00000001.01000000.00000008.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
8BD000
|
| Size: |
4096
|
|
|
420000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.929193890.0000000000420000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
420000
|
| Size: |
16384
|
|
|
4BB0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.937676681.0000000004BB0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4BB0000
|
| Size: |
53248
|
|
|
301F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1882894088.000000000301F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
301F000
|
| Size: |
4096
|
|
|
29A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.885055940.00000000029A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
29A0000
|
| Size: |
4096
|
|
|
59FC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3337121906.00000000059FC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
59FC000
|
| Size: |
16384
|
|
|
442F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3335726482.000000000442F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
442F000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961633629.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
4A6F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3336060914.0000000004A6F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A6F000
|
| Size: |
4096
|
|
|
3F3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281506830.0000000003F3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F3E000
|
| Size: |
8192
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.939608662.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
3F1F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883777079.0000000003F1F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F1F000
|
| Size: |
4096
|
|
|
407E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281572708.000000000407E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
407E000
|
| Size: |
8192
|
|
|
4BB0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.935109727.0000000004BB0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4BB0000
|
| Size: |
53248
|
|
|
754000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1819616601.0000000000754000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
754000
|
| Size: |
4096
|
|
|
342E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3334053959.000000000342E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
342E000
|
| Size: |
8192
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.868655651.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
65536
|
|
|
42BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2489587074.00000000042BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
42BE000
|
| Size: |
8192
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.962542901.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
39BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2489076291.00000000039BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
39BF000
|
| Size: |
4096
|
|
|
370E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930975131.000000000370E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
370E000
|
| Size: |
8192
|
|
|
494000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2422013917.0000000000494000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
494000
|
| Size: |
4096
|
|
|
5430000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1282622026.0000000005430000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5430000
|
| Size: |
4096
|
|
|
4990000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000003.2442142345.0000000004990000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4990000
|
| Size: |
8192
|
|
|
29A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.885490260.00000000029A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
29A0000
|
| Size: |
4096
|
|
|
46D0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.868729529.00000000046D0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
46D0000
|
| Size: |
159744
|
|
|
4990000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000003.2442873777.0000000004990000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4990000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3023438760.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
39FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2489110858.00000000039FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
39FE000
|
| Size: |
8192
|
|
|
830000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2433358197.0000000000830000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
830000
|
| Size: |
53248
|
|
|
2C3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2487737121.0000000002C3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2C3E000
|
| Size: |
8192
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3035952334.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
43C1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2421172193.00000000043C1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
43C1000
|
| Size: |
65536
|
|
|
5250000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.3082727763.0000000005250000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5250000
|
| Size: |
4096
|
|
|
BBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930012147.0000000000BBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BBE000
|
| Size: |
8192
|
|
|
43C1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2439681159.00000000043C1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
43C1000
|
| Size: |
49152
|
|
|
40CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931306009.00000000040CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
40CF000
|
| Size: |
4096
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.879309289.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
850000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.924837353.0000000000850000.00000002.00000001.01000000.00000008.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
850000
|
| Size: |
4096
|
|
|
50B5000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.941115838.00000000050B5000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
50B5000
|
| Size: |
12288
|
|
|
5D0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.874268086.00000000005D0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5D0000
|
| Size: |
53248
|
|
|
621E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932217392.000000000621E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
621E000
|
| Size: |
8192
|
|
|
327E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2488679492.000000000327E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
327E000
|
| Size: |
8192
|
|
|
B6F000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
0000000F.00000000.2415502232.0000000000B6F000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
B6F000
|
| Size: |
1724416
|
|
|
8BD000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000011.00000002.3079989730.00000000008BD000.00000008.00000001.01000000.00000008.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
8BD000
|
| Size: |
4096
|
|
|
6512000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932360089.0000000006512000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6512000
|
| Size: |
4096
|
|
|
4A30000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2490158995.0000000004A30000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4A30000
|
| Size: |
4096
|
|
|
850000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000011.00000000.3014804561.0000000000850000.00000002.00000001.01000000.00000008.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
850000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.906050339.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892546500.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
8192
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.899742476.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
33CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081384608.00000000033CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
33CF000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.893033673.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
2A1F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1882542795.0000000002A1F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2A1F000
|
| Size: |
4096
|
|
|
4A40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2490196166.0000000004A40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4A40000
|
| Size: |
4096
|
|
|
63DE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932287198.00000000063DE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63DE000
|
| Size: |
4096
|
|
|
327F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1280917638.000000000327F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
327F000
|
| Size: |
4096
|
|
|
15D0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1238817854.00000000015D0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
15D0000
|
| Size: |
53248
|
|
|
494000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2422124471.0000000000494000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
494000
|
| Size: |
4096
|
|
|
494000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2439897658.0000000000494000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
494000
|
| Size: |
4096
|
|
|
830000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2437484164.0000000000830000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
830000
|
| Size: |
53248
|
|
|
8BF000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1279829102.00000000008BF000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
8BF000
|
| Size: |
1601536
|
|
|
3A3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281261257.0000000003A3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A3E000
|
| Size: |
8192
|
|
|
456F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3335805673.000000000456F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
456F000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892993601.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.962484855.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
30CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930759262.00000000030CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
30CE000
|
| Size: |
8192
|
|
|
135F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3080867663.000000000135F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
135F000
|
| Size: |
4096
|
|
|
4C5F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1884361327.0000000004C5F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C5F000
|
| Size: |
4096
|
|
|
403E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2489454376.000000000403E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
403E000
|
| Size: |
8192
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961032451.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
3A8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931075919.0000000003A8F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A8F000
|
| Size: |
4096
|
|
|
11F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3020498035.00000000011F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11F4000
|
| Size: |
4096
|
|
|
8B6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3329383658.00000000008B6000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
8B6000
|
| Size: |
16384
|
|
|
40AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3335412747.00000000040AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
40AE000
|
| Size: |
8192
|
|
|
4C70000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1837993793.0000000004C70000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C70000
|
| Size: |
4096
|
|
|
3F5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883805358.0000000003F5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F5E000
|
| Size: |
8192
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.902765264.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
11F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3080806944.00000000011F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11F0000
|
| Size: |
16384
|
|
|
850000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2484969745.0000000000850000.00000004.00000001.01000000.00000008.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
850000
|
| Size: |
4096
|
|
|
304E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081246457.000000000304E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
304E000
|
| Size: |
8192
|
|
|
15CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081031320.00000000015CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
15CE000
|
| Size: |
8192
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888989558.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
42BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281664796.00000000042BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
42BF000
|
| Size: |
4096
|
|
|
51F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.3082535660.00000000051F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51F0000
|
| Size: |
4096
|
|
|
32CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081356131.00000000032CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
32CE000
|
| Size: |
8192
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889529737.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
B56000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2485519836.0000000000B56000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B56000
|
| Size: |
32768
|
|
|
8400000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932843951.0000000008400000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
8400000
|
| Size: |
4096
|
|
|
14F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1237909919.00000000014F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14F4000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.939581872.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
2E2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3332962538.0000000002E2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E2E000
|
| Size: |
8192
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892031845.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
4990000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000003.2442670830.0000000004990000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4990000
|
| Size: |
4096
|
|
|
5BDD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3337203339.0000000005BDD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5BDD000
|
| Size: |
12288
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903171546.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3033724172.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
394F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931031618.000000000394F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
394F000
|
| Size: |
4096
|
|
|
46AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3335870187.00000000046AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
46AF000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.909610846.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
350F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081442690.000000000350F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
350F000
|
| Size: |
4096
|
|
|
B27000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1879332859.0000000000B27000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B27000
|
| Size: |
122880
|
|
|
3B3F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281296489.0000000003B3F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B3F000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3031230889.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
4BA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.931629957.0000000004BA0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4BA0000
|
| Size: |
4096
|
|
|
B6F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1279829102.0000000000B6F000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B6F000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.905287541.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3034558366.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
45AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3335839028.00000000045AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
45AE000
|
| Size: |
8192
|
|
|
103D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930139010.000000000103D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
103D000
|
| Size: |
4096
|
|
|
B5F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1279829102.0000000000B5F000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B5F000
|
| Size: |
45056
|
|
|
FEC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1280379049.0000000000FEC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
FEC000
|
| Size: |
16384
|
|
|
4CB0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1884484242.0000000004CB0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CB0000
|
| Size: |
4096
|
|
|
453F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281821935.000000000453F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
453F000
|
| Size: |
4096
|
|
|
5D0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.879110224.00000000005D0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5D0000
|
| Size: |
53248
|
|
|
4BB0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.934517963.0000000004BB0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4BB0000
|
| Size: |
53248
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.892746586.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
2FFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2488381456.0000000002FFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2FFE000
|
| Size: |
8192
|
|
|
4990000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000003.2442587189.0000000004990000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4990000
|
| Size: |
4096
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.890034455.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
10D2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.909225619.00000000010D2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10D2000
|
| Size: |
36864
|
|
|
2E00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081139237.0000000002E00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E00000
|
| Size: |
16384
|
|
|
4E00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1282455874.0000000004E00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4E00000
|
| Size: |
4096
|
|
|
EFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930046345.0000000000EFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
EFF000
|
| Size: |
4096
|
|
|
468F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3082179949.000000000468F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
468F000
|
| Size: |
4096
|
|
|
811E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932634332.000000000811E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
811E000
|
| Size: |
8192
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.959390556.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
4CE0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.1884564288.0000000004CE0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CE0000
|
| Size: |
4096
|
|
|
15A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1230579161.00000000015A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
15A0000
|
| Size: |
53248
|
|
|
54B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1282845452.00000000054B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
54B0000
|
| Size: |
4096
|
|
|
14F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1280540050.00000000014F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14F0000
|
| Size: |
16384
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.944020362.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
754000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1819861441.0000000000754000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
754000
|
| Size: |
4096
|
|
|
14F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1229271343.00000000014F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14F4000
|
| Size: |
4096
|
|
|
5220000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3336533151.0000000005220000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5220000
|
| Size: |
4096
|
|
|
46CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3082202088.00000000046CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
46CE000
|
| Size: |
8192
|
|
|
287F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2487369726.000000000287F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
287F000
|
| Size: |
4096
|
|
|
6FD000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1878068975.00000000006FD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6FD000
|
| Size: |
12288
|
|
|
15A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1237155154.00000000015A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
15A0000
|
| Size: |
53248
|
|
|
33EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3334006243.00000000033EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
33EF000
|
| Size: |
4096
|
|
|
11F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3020542598.00000000011F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11F4000
|
| Size: |
4096
|
|
|
28F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1838225457.00000000028F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
28F0000
|
| Size: |
4096
|
|
|
EAC000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1881863895.0000000000EAC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EAC000
|
| Size: |
61440
|
|
|
14F4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1229304754.00000000014F4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
14F4000
|
| Size: |
4096
|
|
|
2C5F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1882652465.0000000002C5F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2C5F000
|
| Size: |
4096
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.959442889.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
363E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2488894239.000000000363E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
363E000
|
| Size: |
8192
|
|
|
2760000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000003.2443025428.0000000002760000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2760000
|
| Size: |
4096
|
|
|
508B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3336340261.000000000508B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
508B000
|
| Size: |
20480
|
|
|
8BD000
|
unkown
|
page write copy
|
|
|
|
| Name: |
0000000C.00000000.1814481166.00000000008BD000.00000008.00000001.01000000.00000008.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
8BD000
|
| Size: |
4096
|
|
|
37DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883382964.00000000037DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
37DE000
|
| Size: |
8192
|
|
|
4BB0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.933942300.0000000004BB0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4BB0000
|
| Size: |
53248
|
|
|
378F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081555539.000000000378F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
378F000
|
| Size: |
4096
|
|
|
47CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3082226158.00000000047CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47CF000
|
| Size: |
4096
|
|
|
53F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.1239858869.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53F0000
|
| Size: |
4096
|
|
|
8B6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2485010999.00000000008B6000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
8B6000
|
| Size: |
16384
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.895557907.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
482E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3335966438.000000000482E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
482E000
|
| Size: |
8192
|
|
|
5AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2484145179.00000000005AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5AE000
|
| Size: |
8192
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961404952.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
830000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2435408725.0000000000830000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
830000
|
| Size: |
53248
|
|
|
358F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930914464.000000000358F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
358F000
|
| Size: |
4096
|
|
|
4E01000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000003.1237880755.0000000004E01000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4E01000
|
| Size: |
49152
|
|
|
12FD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1280405729.00000000012FD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
12FD000
|
| Size: |
12288
|
|
|
539B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3336927493.000000000539B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
539B000
|
| Size: |
20480
|
|
|
8B6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.3079893115.00000000008B6000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
8B6000
|
| Size: |
16384
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.962274725.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
54A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1282818206.00000000054A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
54A0000
|
| Size: |
4096
|
|
|
B27000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000002.1279829102.0000000000B27000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B27000
|
| Size: |
122880
|
|
|
5A3D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3337147827.0000000005A3D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5A3D000
|
| Size: |
12288
|
|
|
4BB0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.935890064.0000000004BB0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4BB0000
|
| Size: |
53248
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961365088.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
5B3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3337174229.0000000005B3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5B3E000
|
| Size: |
8192
|
|
|
5D0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.872101915.00000000005D0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5D0000
|
| Size: |
53248
|
|
|
53F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000005.00000003.1239902564.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53F0000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.894139416.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
298F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930483097.000000000298F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
298F000
|
| Size: |
4096
|
|
|
674C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932538680.000000000674C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
674C000
|
| Size: |
16384
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961306095.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889690720.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
B6F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000011.00000002.3080052472.0000000000B6F000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B6F000
|
| Size: |
4096
|
|
|
46A1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1840057075.00000000046A1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
46A1000
|
| Size: |
49152
|
|
|
49A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2489852589.00000000049A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
49A0000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.903496118.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
404F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081948241.000000000404F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
404F000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.902796043.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
8BF000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2485519836.00000000008BF000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
8BF000
|
| Size: |
1601536
|
|
|
D10000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2486858238.0000000000D10000.00000040.00000001.01000000.00000008.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
D10000
|
| Size: |
8192
|
|
|
754000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1819841929.0000000000754000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
754000
|
| Size: |
4096
|
|
|
5D0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.875446507.00000000005D0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5D0000
|
| Size: |
53248
|
|
|
10FD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3331319393.00000000010FD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
10FD000
|
| Size: |
12288
|
|
|
4C90000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3035203044.0000000004C90000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C90000
|
| Size: |
53248
|
|
|
49F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000F.00000002.2490018133.00000000049F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
49F0000
|
| Size: |
4096
|
|
|
28AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1882299426.00000000028AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
28AE000
|
| Size: |
8192
|
|
|
458E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3082155721.000000000458E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
458E000
|
| Size: |
8192
|
|
|
B70000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000002.00000002.3330885749.0000000000B70000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
B70000
|
| Size: |
1703936
|
|
|
5E6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931983378.0000000005E6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5E6E000
|
| Size: |
8192
|
|
|
494000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000F.00000003.2421764188.0000000000494000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
494000
|
| Size: |
4096
|
|
|
8319000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932700641.0000000008319000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8319000
|
| Size: |
8192
|
|
|
353E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1281046066.000000000353E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
353E000
|
| Size: |
8192
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.961601526.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
10B8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.909244577.00000000010B8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10B8000
|
| Size: |
4096
|
|
|
408E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081974488.000000000408E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
408E000
|
| Size: |
8192
|
|
|
503C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3336308252.000000000503C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
503C000
|
| Size: |
16384
|
|
|
5030000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000011.00000003.3039383278.0000000005030000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5030000
|
| Size: |
53248
|
|
|
10D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.908505918.00000000010D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10D1000
|
| Size: |
4096
|
|
|
754000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1836163232.0000000000754000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
754000
|
| Size: |
4096
|
|
|
5270000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3336798277.0000000005270000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5270000
|
| Size: |
4096
|
|
|
4CFB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931843147.0000000004CFB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4CFB000
|
| Size: |
20480
|
|
|
840000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1878496197.0000000000840000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
840000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.905378210.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
8192
|
|
|
51F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.3336426013.00000000051F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51F0000
|
| Size: |
4096
|
|
|
15C7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000005.00000002.1280697984.00000000015C7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
5
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15C7000
|
| Size: |
8192
|
|
|
518F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3336367873.000000000518F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
518F000
|
| Size: |
4096
|
|
|
424000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.868909899.0000000000424000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
424000
|
| Size: |
4096
|
|
|
35CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930930901.00000000035CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
35CE000
|
| Size: |
8192
|
|
|
4BAF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.3336130627.0000000004BAF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4BAF000
|
| Size: |
4096
|
|
|
8C7000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.929453981.00000000008C7000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
8C7000
|
| Size: |
122880
|
|
|
351F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.1883194648.000000000351F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
351F000
|
| Size: |
4096
|
|
|
4E0B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.931905442.0000000004E0B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4E0B000
|
| Size: |
20480
|
|
|
337F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2488716832.000000000337F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
337F000
|
| Size: |
4096
|
|
|
2F4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.930697469.0000000002F4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2F4F000
|
| Size: |
4096
|
|
|
390E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000011.00000002.3081639914.000000000390E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
390E000
|
| Size: |
8192
|
|
|
4BC1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.962124355.0000000004BC1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4BC1000
|
| Size: |
4096
|
|
|
D12000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000011.00000002.3080671072.0000000000D12000.00000080.00000001.01000000.00000008.sdmp
|
| TargetID: |
17
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
D12000
|
| Size: |
8192
|
|
|
754000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1840091355.0000000000754000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
754000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.909810571.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
4096
|
|
|
834D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.932700641.000000000834D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
834D000
|
| Size: |
4096
|
|
|
45D1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888700428.00000000045D1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
45D1000
|
| Size: |
49152
|
|
|
3B3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000F.00000002.2489169785.0000000003B3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
15
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B3E000
|
| Size: |
8192
|
|
