|
5A1000
|
unkown
|
page execute and read and write
|
 |
|
|
| Name: |
00000000.00000002.1154447460.00000000005A1000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
5A1000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found malware configuration |
AV Detection |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
| Sample uses string decryption to hide its real strings |
AV Detection |
|
|
|
4D60000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1112831300.0000000004D60000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4D60000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
601000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.3541902449.0000000000601000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
601000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
601000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.1229955633.0000000000601000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
601000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
5270000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1542932139.0000000005270000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5270000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
4DB0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1189665310.0000000004DB0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4DB0000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
4DC0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1181651854.0000000004DC0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4DC0000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
601000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1222288029.0000000000601000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
601000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
2D1F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223435271.0000000002D1F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D1F000
|
| Size: |
4096
|
|
|
4F30000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.1183321426.0000000004F30000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F30000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1115942364.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
4920000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1174882900.0000000004920000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4920000
|
| Size: |
53248
|
|
|
5270000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1542786641.0000000005270000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5270000
|
| Size: |
53248
|
|
|
66F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.1230096901.000000000066F000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
66F000
|
| Size: |
1556480
|
|
|
53F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1543214446.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53F0000
|
| Size: |
8192
|
|
|
2C0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223375172.0000000002C0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2C0E000
|
| Size: |
8192
|
|
|
4F20000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1185500008.0000000004F20000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F20000
|
| Size: |
4096
|
|
|
1082000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1130439871.0000000001082000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1082000
|
| Size: |
12288
|
|
|
2B00000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1152202483.0000000002B00000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B00000
|
| Size: |
53248
|
|
|
4F40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.1235228951.0000000004F40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F40000
|
| Size: |
4096
|
|
|
4EE0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1113851138.0000000004EE0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4EE0000
|
| Size: |
4096
|
|
|
14AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3544624808.00000000014AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
14AE000
|
| Size: |
8192
|
|
|
6701000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1127475437.0000000006701000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6701000
|
| Size: |
4096
|
|
|
86C000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1156262341.000000000086C000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
86C000
|
| Size: |
106496
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1546970274.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
104F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1130503535.000000000104F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
104F000
|
| Size: |
73728
|
|
|
10A3000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1123413333.00000000010A3000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10A3000
|
| Size: |
28672
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564787693.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
666000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1222288029.0000000000666000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
666000
|
| Size: |
16384
|
|
|
B74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1134882786.0000000000B74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B74000
|
| Size: |
4096
|
|
|
4DB0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1187663240.0000000004DB0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4DB0000
|
| Size: |
53248
|
|
|
4F80000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1224694666.0000000004F80000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F80000
|
| Size: |
4096
|
|
|
105F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1127835768.000000000105F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
105F000
|
| Size: |
126976
|
|
|
F9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1176784220.0000000000F9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F9E000
|
| Size: |
8192
|
|
|
4F70000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1185639335.0000000004F70000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F70000
|
| Size: |
4096
|
|
|
90D000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000002.00000000.1128708064.000000000090D000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
90D000
|
| Size: |
1687552
|
|
|
329E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1184268714.000000000329E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
329E000
|
| Size: |
8192
|
|
|
419F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1232870217.000000000419F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
419F000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116613528.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
8192
|
|
|
369E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223996465.000000000369E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
369E000
|
| Size: |
8192
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1121267700.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564923058.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
5C2D000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3549070766.0000000005C2D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5C2D000
|
| Size: |
12288
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1546503662.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1118118526.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1108897571.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
3F5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1232100818.0000000003F5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F5E000
|
| Size: |
8192
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1546898658.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564353619.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
4920000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1159191653.0000000004920000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4920000
|
| Size: |
53248
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564951564.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
4ED0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1113886048.0000000004ED0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4ED0000
|
| Size: |
4096
|
|
|
600000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1229927024.0000000000600000.00000004.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
600000
|
| Size: |
4096
|
|
|
1030000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1178231378.0000000001030000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1030000
|
| Size: |
8192
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1115674271.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
49152
|
|
|
311F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1184079814.000000000311F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
311F000
|
| Size: |
4096
|
|
|
1010000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231008329.0000000001010000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1010000
|
| Size: |
4096
|
|
|
441E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1185183647.000000000441E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
441E000
|
| Size: |
8192
|
|
|
39FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3546867104.00000000039FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
39FE000
|
| Size: |
8192
|
|
|
10B1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1127653666.00000000010B1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10B1000
|
| Size: |
151552
|
|
|
53E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1543506535.00000000053E0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53E0000
|
| Size: |
4096
|
|
|
8671000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1124332034.0000000008671000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8671000
|
| Size: |
262144
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1546743315.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1505147897.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
4DD0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1529553224.0000000004DD0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4DD0000
|
| Size: |
53248
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116232621.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
4920000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1150532598.0000000004920000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4920000
|
| Size: |
53248
|
|
|
A47000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000000.00000002.1174725261.0000000000A47000.00000080.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
A47000
|
| Size: |
8192
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1562489445.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1121462180.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
42DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1233537760.00000000042DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
42DF000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564178031.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1115804826.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
2EDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1183928485.0000000002EDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2EDE000
|
| Size: |
8192
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116377139.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1546408367.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
3DDF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1232039938.0000000003DDF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3DDF000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564978959.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564843257.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
154E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3544688110.000000000154E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
154E000
|
| Size: |
8192
|
|
|
305E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231514652.000000000305E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
305E000
|
| Size: |
8192
|
|
|
3E1E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1232058943.0000000003E1E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3E1E000
|
| Size: |
8192
|
|
|
697B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1186192700.000000000697B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
697B000
|
| Size: |
20480
|
|
|
2C10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223395406.0000000002C10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C10000
|
| Size: |
16384
|
|
|
2B00000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1154091388.0000000002B00000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B00000
|
| Size: |
53248
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1123029425.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
6185000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1127644733.0000000006185000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6185000
|
| Size: |
8192
|
|
|
37DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224037755.00000000037DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
37DE000
|
| Size: |
8192
|
|
|
109F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1130372652.000000000109F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
109F000
|
| Size: |
69632
|
|
|
373F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3546741397.000000000373F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
373F000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1504954654.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
49152
|
|
|
43DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1185165506.00000000043DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
43DF000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1123100860.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1538610208.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1192049201.0000000000BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BB4000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1115878254.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1546680401.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
B2C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1230832644.0000000000B2C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B2C000
|
| Size: |
16384
|
|
|
53F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1543449071.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53F0000
|
| Size: |
4096
|
|
|
4DD0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1518319024.0000000004DD0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4DD0000
|
| Size: |
53248
|
|
|
12AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223293671.00000000012AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
12AF000
|
| Size: |
4096
|
|
|
78D000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1156262341.000000000078D000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
78D000
|
| Size: |
901120
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
2B17000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231242227.0000000002B17000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B17000
|
| Size: |
8192
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1123896836.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
3F1F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224266673.0000000003F1F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F1F000
|
| Size: |
4096
|
|
|
2B5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231284984.0000000002B5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2B5E000
|
| Size: |
8192
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1115914087.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
2B00000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1181071301.0000000002B00000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B00000
|
| Size: |
53248
|
|
|
4DBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3548103794.0000000004DBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4DBF000
|
| Size: |
4096
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1545633997.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
30EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3545234982.00000000030EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
30EF000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1120578740.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1546623392.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
53C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1543539807.00000000053C0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53C0000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563061237.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
3E1E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224247344.0000000003E1E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3E1E000
|
| Size: |
8192
|
|
|
4F50000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.1235337696.0000000004F50000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F50000
|
| Size: |
4096
|
|
|
BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1184997418.0000000000BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BB4000
|
| Size: |
4096
|
|
|
377E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3546765708.000000000377E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
377E000
|
| Size: |
8192
|
|
|
B74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1176651821.0000000000B74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B74000
|
| Size: |
4096
|
|
|
66D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000002.00000002.1222368722.000000000066D000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
66D000
|
| Size: |
4096
|
|
|
2B10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231242227.0000000002B10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B10000
|
| Size: |
16384
|
|
|
2B00000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1169873751.0000000002B00000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B00000
|
| Size: |
53248
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1108848391.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
38BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3546817113.00000000038BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38BE000
|
| Size: |
8192
|
|
|
5470000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.3548757770.0000000005470000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5470000
|
| Size: |
4096
|
|
|
3A5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231915278.0000000003A5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A5E000
|
| Size: |
8192
|
|
|
3CDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1232019287.0000000003CDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3CDE000
|
| Size: |
8192
|
|
|
90E000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
0000000C.00000002.3543452844.000000000090E000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
90E000
|
| Size: |
1667072
|
|
|
3F5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224283710.0000000003F5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F5E000
|
| Size: |
8192
|
|
|
4F30000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000003.1189954808.0000000004F30000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F30000
|
| Size: |
4096
|
|
|
4DD0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1527784668.0000000004DD0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4DD0000
|
| Size: |
53248
|
|
|
4EEF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1235178685.0000000004EEF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4EEF000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116701720.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1505203709.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
55AB000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3548876386.00000000055AB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
55AB000
|
| Size: |
20480
|
|
|
355E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223955503.000000000355E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
355E000
|
| Size: |
8192
|
|
|
53F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1543255050.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53F0000
|
| Size: |
4096
|
|
|
4F10000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.1183368976.0000000004F10000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F10000
|
| Size: |
4096
|
|
|
4DD0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1525777085.0000000004DD0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4DD0000
|
| Size: |
53248
|
|
|
33DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231632052.00000000033DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
33DF000
|
| Size: |
4096
|
|
|
49FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3547906108.00000000049FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
49FF000
|
| Size: |
4096
|
|
|
BB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223075553.0000000000BB0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BB0000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1118212392.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
B74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1176802480.0000000000B74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B74000
|
| Size: |
4096
|
|
|
4B7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3548000306.0000000004B7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4B7E000
|
| Size: |
8192
|
|
|
419F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224339494.000000000419F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
419F000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564204438.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1121558531.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
355E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231710824.000000000355E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
355E000
|
| Size: |
8192
|
|
|
4F80000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1185653231.0000000004F80000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F80000
|
| Size: |
4096
|
|
|
2B30000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1099893369.0000000002B30000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B30000
|
| Size: |
53248
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1123575276.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
174F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3545177130.000000000174F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
174F000
|
| Size: |
4096
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1545591237.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
467E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3547762722.000000000467E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
467E000
|
| Size: |
8192
|
|
|
1068000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1181838892.0000000001068000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1068000
|
| Size: |
90112
|
|
|
4DD0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1524032291.0000000004DD0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4DD0000
|
| Size: |
53248
|
|
|
601000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000003.00000000.1136416787.0000000000601000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
601000
|
| Size: |
188416
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1121412975.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1185079490.0000000000BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BB4000
|
| Size: |
4096
|
|
|
90D000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000003.00000000.1136488915.000000000090D000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
90D000
|
| Size: |
1687552
|
|
|
429F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1185116813.000000000429F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
429F000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1120463485.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116205007.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
413F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3547552191.000000000413F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
413F000
|
| Size: |
4096
|
|
|
BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1149330109.0000000000BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BB4000
|
| Size: |
4096
|
|
|
339F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1184344828.000000000339F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
339F000
|
| Size: |
4096
|
|
|
84CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1186445879.00000000084CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
84CF000
|
| Size: |
4096
|
|
|
5A0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1070664158.00000000005A0000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
5A0000
|
| Size: |
4096
|
|
|
52D5000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1542932139.00000000052D5000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
52D5000
|
| Size: |
12288
|
|
|
315F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231540075.000000000315F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
315F000
|
| Size: |
4096
|
|
|
FE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1178231378.0000000000FE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FE0000
|
| Size: |
36864
|
|
|
2C5F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1183353412.0000000002C5F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2C5F000
|
| Size: |
4096
|
|
|
2B30000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1078560783.0000000002B30000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B30000
|
| Size: |
53248
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1505130387.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
B74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1134912604.0000000000B74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B74000
|
| Size: |
4096
|
|
|
10B1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1182373031.00000000010B1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10B1000
|
| Size: |
151552
|
|
|
109E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1127653666.000000000109E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
109E000
|
| Size: |
73728
|
|
|
666000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.1229955633.0000000000666000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
666000
|
| Size: |
16384
|
|
|
1032000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1130992157.0000000001032000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1032000
|
| Size: |
32768
|
|
|
5460000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.3548731698.0000000005460000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5460000
|
| Size: |
4096
|
|
|
4FA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1224739720.0000000004FA0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4FA0000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1546187003.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
2ADE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1182725367.0000000002ADE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2ADE000
|
| Size: |
8192
|
|
|
469F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224488448.000000000469F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
469F000
|
| Size: |
4096
|
|
|
4DB0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1189542980.0000000004DB0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4DB0000
|
| Size: |
53248
|
|
|
341E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223902494.000000000341E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
341E000
|
| Size: |
8192
|
|
|
48FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3547870569.00000000048FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
48FE000
|
| Size: |
8192
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564590238.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
8AE000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000000.00000002.1166445300.00000000008AE000.00000080.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
8AE000
|
| Size: |
1667072
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1118031951.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4920000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1142084968.0000000004920000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4920000
|
| Size: |
53248
|
|
|
1086000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1182112300.0000000001086000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1086000
|
| Size: |
61440
|
|
|
3EBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3547368566.0000000003EBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3EBF000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1546017243.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1120941713.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4EE0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1113780909.0000000004EE0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4EE0000
|
| Size: |
4096
|
|
|
4921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1184924807.0000000004921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4921000
|
| Size: |
241664
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1115865763.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1118188569.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116522488.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563412589.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
2B00000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1184820724.0000000002B00000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B00000
|
| Size: |
53248
|
|
|
46DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224506426.00000000046DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
46DE000
|
| Size: |
8192
|
|
|
4F30000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000003.1190090857.0000000004F30000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F30000
|
| Size: |
4096
|
|
|
4F30000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000003.1189988457.0000000004F30000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F30000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1122037212.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
2B30000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1106924620.0000000002B30000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B30000
|
| Size: |
53248
|
|
|
582E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3548937263.000000000582E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
582E000
|
| Size: |
8192
|
|
|
4920000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1164562422.0000000004920000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4920000
|
| Size: |
53248
|
|
|
4F40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.1182714352.0000000004F40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F40000
|
| Size: |
4096
|
|
|
10AA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1123172601.00000000010AA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10AA000
|
| Size: |
61440
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1546934240.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
600000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000C.00000000.1500186492.0000000000600000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
600000
|
| Size: |
4096
|
|
|
481E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1234725667.000000000481E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
481E000
|
| Size: |
8192
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116589356.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
8192
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564324794.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
4A3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3547934746.0000000004A3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A3E000
|
| Size: |
8192
|
|
|
BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1149433196.0000000000BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BB4000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1117152533.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1149198517.0000000000BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BB4000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1562880596.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
BDA000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1176620651.0000000000BDA000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
BDA000
|
| Size: |
24576
|
|
|
8AD000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000000.00000000.1070760789.00000000008AD000.00000080.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
8AD000
|
| Size: |
1687552
|
|
|
66D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000003.00000000.1136458583.000000000066D000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
66D000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1123840771.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
109F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1182373031.000000000109F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
109F000
|
| Size: |
69632
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1115835021.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
379E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1184681763.000000000379E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
379E000
|
| Size: |
8192
|
|
|
E40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1176666130.0000000000E40000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E40000
|
| Size: |
4096
|
|
|
325F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1184204263.000000000325F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
325F000
|
| Size: |
4096
|
|
|
4FF0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.1236473442.0000000004FF0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4FF0000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1546864909.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
4DF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3548178141.0000000004DF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DF0000
|
| Size: |
40960
|
|
|
4F00000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1185467085.0000000004F00000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F00000
|
| Size: |
4096
|
|
|
5430000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.3548654880.0000000005430000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5430000
|
| Size: |
4096
|
|
|
4FF0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1224837254.0000000004FF0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4FF0000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1122437432.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
5220000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3548377955.0000000005220000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5220000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1121847927.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
90E000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000002.00000002.1222852217.000000000090E000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
90E000
|
| Size: |
1667072
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1115958728.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
5270000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1540878164.0000000005270000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5270000
|
| Size: |
53248
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116567525.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
33DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223882083.00000000033DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
33DF000
|
| Size: |
4096
|
|
|
B74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1176702616.0000000000B74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B74000
|
| Size: |
4096
|
|
|
7ED000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1222457689.00000000007ED000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
7ED000
|
| Size: |
901120
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
600000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3541811198.0000000000600000.00000004.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
600000
|
| Size: |
4096
|
|
|
4DC0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1181509583.0000000004DC0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4DC0000
|
| Size: |
53248
|
|
|
491F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1234852179.000000000491F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
491F000
|
| Size: |
4096
|
|
|
3A5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224127320.0000000003A5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A5E000
|
| Size: |
8192
|
|
|
5B2D000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3549039319.0000000005B2D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5B2D000
|
| Size: |
12288
|
|
|
4F40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.1182389771.0000000004F40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F40000
|
| Size: |
4096
|
|
|
5400000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.3548547662.0000000005400000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5400000
|
| Size: |
4096
|
|
|
4F60000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1185623477.0000000004F60000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F60000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1118093256.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
10A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223202321.00000000010A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10A0000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1117200743.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1108862963.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
477F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3547791244.000000000477F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
477F000
|
| Size: |
4096
|
|
|
4D60000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1112658968.0000000004D60000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4D60000
|
| Size: |
53248
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564386276.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
4DC0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1179505249.0000000004DC0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4DC0000
|
| Size: |
53248
|
|
|
2C17000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223395406.0000000002C17000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2C17000
|
| Size: |
8192
|
|
|
2B00000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1176580063.0000000002B00000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B00000
|
| Size: |
53248
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1118142785.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
53F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1543347963.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53F0000
|
| Size: |
4096
|
|
|
403E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3547528393.000000000403E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
403E000
|
| Size: |
8192
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1545942942.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
BD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1230924832.0000000000BD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BD0000
|
| Size: |
4096
|
|
|
1598000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3544774553.0000000001598000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1598000
|
| Size: |
86016
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116658729.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
8192
|
|
|
33BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3546291862.00000000033BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
33BE000
|
| Size: |
8192
|
|
|
B74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1185336062.0000000000B74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B74000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116248165.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
5480000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.3548790644.0000000005480000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5480000
|
| Size: |
4096
|
|
|
2EDF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231424289.0000000002EDF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2EDF000
|
| Size: |
4096
|
|
|
60D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000000.00000000.1070740667.000000000060D000.00000008.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
60D000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1117116338.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
572E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3548905483.000000000572E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
572E000
|
| Size: |
8192
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1123537738.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1547050134.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
3C3F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3546958039.0000000003C3F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C3F000
|
| Size: |
4096
|
|
|
4EE0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1113815001.0000000004EE0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4EE0000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116101425.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116261161.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564066703.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564532184.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
2B30000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1084609798.0000000002B30000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B30000
|
| Size: |
53248
|
|
|
600000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1128610662.0000000000600000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
600000
|
| Size: |
4096
|
|
|
6844000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1186146184.0000000006844000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6844000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1123753251.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
391E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231871015.000000000391E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
391E000
|
| Size: |
8192
|
|
|
8CC000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.1230096901.00000000008CC000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
8CC000
|
| Size: |
106496
|
|
|
52AC000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3548422720.00000000052AC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
52AC000
|
| Size: |
16384
|
|
|
4DD0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1512936099.0000000004DD0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4DD0000
|
| Size: |
53248
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1538466056.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
B74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1134690476.0000000000B74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B74000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1122361074.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4F30000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000003.1189925750.0000000004F30000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F30000
|
| Size: |
4096
|
|
|
431E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1233800655.000000000431E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
431E000
|
| Size: |
8192
|
|
|
4F30000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1185519628.0000000004F30000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F30000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116316454.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
2B00000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1162931837.0000000002B00000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B00000
|
| Size: |
53248
|
|
|
606000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1154447460.0000000000606000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
606000
|
| Size: |
16384
|
|
|
4920000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1143810805.0000000004920000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4920000
|
| Size: |
53248
|
|
|
41DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224358421.00000000041DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
41DE000
|
| Size: |
8192
|
|
|
4FE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1185992140.0000000004FE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4FE0000
|
| Size: |
8192
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1121984042.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4EB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1185436555.0000000004EB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4EB0000
|
| Size: |
4096
|
|
|
103D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1127923408.000000000103D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
103D000
|
| Size: |
69632
|
|
|
2C9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231344025.0000000002C9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2C9E000
|
| Size: |
8192
|
|
|
41DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1233289624.00000000041DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
41DE000
|
| Size: |
8192
|
|
|
658E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1186098933.000000000658E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
658E000
|
| Size: |
8192
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1122913209.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
104F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1181538285.000000000104F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
104F000
|
| Size: |
73728
|
|
|
4920000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1152990832.0000000004920000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4920000
|
| Size: |
53248
|
|
|
4E9F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1185420885.0000000004E9F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4E9F000
|
| Size: |
4096
|
|
|
12FD000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3544264424.00000000012FD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
12FD000
|
| Size: |
12288
|
|
|
10BE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223221822.00000000010BE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10BE000
|
| Size: |
155648
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Binary contains paths to development resources |
System Summary |
|
|
|
B74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1185314814.0000000000B74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B74000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1546227360.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
4F30000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000003.1190029717.0000000004F30000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F30000
|
| Size: |
4096
|
|
|
3AFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3546896245.0000000003AFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3AFF000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563980502.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
EFD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1230955491.0000000000EFD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
EFD000
|
| Size: |
12288
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116453129.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
47DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224524338.00000000047DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47DF000
|
| Size: |
4096
|
|
|
2B30000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1098108667.0000000002B30000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B30000
|
| Size: |
53248
|
|
|
46DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1234574687.00000000046DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
46DE000
|
| Size: |
8192
|
|
|
3C7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3546989501.0000000003C7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C7E000
|
| Size: |
8192
|
|
|
469F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1234373074.000000000469F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
469F000
|
| Size: |
4096
|
|
|
4C7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3548037220.0000000004C7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C7F000
|
| Size: |
4096
|
|
|
1098000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1127653666.0000000001098000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1098000
|
| Size: |
4096
|
|
|
4CBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3548067335.0000000004CBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4CBE000
|
| Size: |
8192
|
|
|
1068000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1130851279.0000000001068000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1068000
|
| Size: |
90112
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1120719369.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
66F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1222457689.000000000066F000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
66F000
|
| Size: |
1556480
|
|
|
32DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231607014.00000000032DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
32DE000
|
| Size: |
8192
|
|
|
BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1185023454.0000000000BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BB4000
|
| Size: |
4096
|
|
|
5D6C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3549161105.0000000005D6C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5D6C000
|
| Size: |
16384
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1118068951.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1122491696.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4DD0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1538239998.0000000004DD0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4DD0000
|
| Size: |
53248
|
|
|
BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1149350079.0000000000BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BB4000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1546348920.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
315E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1184142127.000000000315E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
315E000
|
| Size: |
8192
|
|
|
34BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3546449859.00000000034BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34BF000
|
| Size: |
4096
|
|
|
7ED000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.3542268227.00000000007ED000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
7ED000
|
| Size: |
901120
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563146678.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
53D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1543481233.00000000053D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53D0000
|
| Size: |
4096
|
|
|
FDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1177394373.0000000000FDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
FDE000
|
| Size: |
8192
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564260362.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
8670000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1186520932.0000000008670000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8670000
|
| Size: |
90112
|
|
|
3EFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3547478624.0000000003EFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3EFE000
|
| Size: |
8192
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1122146206.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
AA7000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000002.00000002.1223003708.0000000000AA7000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
AA7000
|
| Size: |
8192
|
|
|
11DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1182554021.00000000011DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
11DE000
|
| Size: |
8192
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1122388499.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4F70000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1224676994.0000000004F70000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F70000
|
| Size: |
4096
|
|
|
AA7000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
0000000C.00000002.3543994977.0000000000AA7000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
AA7000
|
| Size: |
8192
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1121149506.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
AA5000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.3543854687.0000000000AA5000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
AA5000
|
| Size: |
8192
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563346633.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
10B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223221822.00000000010B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10B0000
|
| Size: |
32768
|
|
|
363E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3546719213.000000000363E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
363E000
|
| Size: |
8192
|
|
|
375F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1184658340.000000000375F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
375F000
|
| Size: |
4096
|
|
|
4DD0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1531595050.0000000004DD0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4DD0000
|
| Size: |
53248
|
|
|
4920000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1139381289.0000000004920000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4920000
|
| Size: |
53248
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1505066747.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
312B000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3545291160.000000000312B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
312B000
|
| Size: |
20480
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1505099233.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
2B30000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1105034139.0000000002B30000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B30000
|
| Size: |
53248
|
|
|
B74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1134830532.0000000000B74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B74000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116046856.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
4F30000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000003.1190008124.0000000004F30000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F30000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116724998.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4F50000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1185559123.0000000004F50000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F50000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1546051325.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
5220000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1522126068.0000000005220000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5220000
|
| Size: |
167936
|
|
|
AA7000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000003.00000002.1230800324.0000000000AA7000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
AA7000
|
| Size: |
8192
|
|
|
4920000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1155110219.0000000004920000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4920000
|
| Size: |
53248
|
|
|
38DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231844619.00000000038DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38DF000
|
| Size: |
4096
|
|
|
4EE0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1113189616.0000000004EE0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4EE0000
|
| Size: |
4096
|
|
|
10BA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223221822.00000000010BA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10BA000
|
| Size: |
8192
|
|
|
B74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1134761703.0000000000B74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B74000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564008326.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
A45000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1170205690.0000000000A45000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
A45000
|
| Size: |
8192
|
|
|
2B30000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1108719399.0000000002B30000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B30000
|
| Size: |
53248
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563712373.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563293200.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1076530427.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564897015.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
4920000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1136935460.0000000004920000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4920000
|
| Size: |
53248
|
|
|
60F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1156262341.000000000060F000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
60F000
|
| Size: |
1556480
|
|
|
4DEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1235040172.0000000004DEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4DEE000
|
| Size: |
8192
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1505165267.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
5ADF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3549003974.0000000005ADF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5ADF000
|
| Size: |
4096
|
|
|
4F90000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.1235821327.0000000004F90000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F90000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1120832931.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
5C6D000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3549116156.0000000005C6D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5C6D000
|
| Size: |
12288
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1121903246.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
37DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231818635.00000000037DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
37DE000
|
| Size: |
8192
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1547014116.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
34DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1184467043.00000000034DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34DF000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1546288040.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1108799487.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
237568
|
|
|
3B1F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1184807627.0000000003B1F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B1F000
|
| Size: |
4096
|
|
|
369E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231772398.000000000369E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
369E000
|
| Size: |
8192
|
|
|
4D60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1165354067.0000000004D60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4D60000
|
| Size: |
180224
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1545800318.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
2B30000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1080308815.0000000002B30000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B30000
|
| Size: |
53248
|
|
|
4F20000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.1183267245.0000000004F20000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F20000
|
| Size: |
4096
|
|
|
BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1149307678.0000000000BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BB4000
|
| Size: |
4096
|
|
|
654F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1186082138.000000000654F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
654F000
|
| Size: |
4096
|
|
|
666000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.3541902449.0000000000666000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
666000
|
| Size: |
16384
|
|
|
4930000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224579803.0000000004930000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4930000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1076548404.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1122243360.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
33DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1184399494.00000000033DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
33DE000
|
| Size: |
8192
|
|
|
427F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3547598826.000000000427F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
427F000
|
| Size: |
4096
|
|
|
4920000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1169074299.0000000004920000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4920000
|
| Size: |
53248
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563856313.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
66D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000002.00000000.1128686770.000000000066D000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
66D000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116303890.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1565005646.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
3A1F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224107323.0000000003A1F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A1F000
|
| Size: |
4096
|
|
|
4FC0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1224780619.0000000004FC0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4FC0000
|
| Size: |
4096
|
|
|
1082000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1127835768.0000000001082000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1082000
|
| Size: |
12288
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1545543816.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
451F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1185201897.000000000451F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
451F000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563456872.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
668F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1186115192.000000000668F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
668F000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1546651752.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
4DD0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1536418703.0000000004DD0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4DD0000
|
| Size: |
53248
|
|
|
EFD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223122331.0000000000EFD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
EFD000
|
| Size: |
12288
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1122297863.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4DD0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1510850378.0000000004DD0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4DD0000
|
| Size: |
53248
|
|
|
3F1F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1232080133.0000000003F1F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F1F000
|
| Size: |
4096
|
|
|
3A1E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1184785051.0000000003A1E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A1E000
|
| Size: |
8192
|
|
|
90D000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.1230096901.000000000090D000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
90D000
|
| Size: |
4096
|
|
|
53FC000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3548504560.00000000053FC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
53FC000
|
| Size: |
16384
|
|
|
2B00000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1160469150.0000000002B00000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B00000
|
| Size: |
53248
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1545981538.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
4DC5000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1112831300.0000000004DC5000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4DC5000
|
| Size: |
12288
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116289492.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
43BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3547641747.00000000043BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
43BF000
|
| Size: |
4096
|
|
|
104F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1127923408.000000000104F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
104F000
|
| Size: |
65536
|
|
|
4E0C000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3548178141.0000000004E0C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4E0C000
|
| Size: |
4096
|
|
|
3FFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3547504489.0000000003FFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3FFF000
|
| Size: |
4096
|
|
|
3F1D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1184997597.0000000003F1D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F1D000
|
| Size: |
12288
|
|
|
BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1192031557.0000000000BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BB4000
|
| Size: |
4096
|
|
|
459E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1234226144.000000000459E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
459E000
|
| Size: |
8192
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1120490978.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563799347.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
4F40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.1182604449.0000000004F40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F40000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1121933107.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1545612077.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
2B30000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1082265861.0000000002B30000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B30000
|
| Size: |
53248
|
|
|
10AA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1123349259.00000000010AA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10AA000
|
| Size: |
86016
|
|
|
5A0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1154099619.00000000005A0000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
5A0000
|
| Size: |
4096
|
|
|
5450000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.3548705708.0000000005450000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5450000
|
| Size: |
4096
|
|
|
2B00000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1156243290.0000000002B00000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B00000
|
| Size: |
53248
|
|
|
39BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3546844593.00000000039BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
39BF000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1123870357.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
53F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1543394979.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53F0000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116399690.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564722419.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1545356921.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
49152
|
|
|
644E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1186058668.000000000644E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
644E000
|
| Size: |
8192
|
|
|
469E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1185253505.000000000469E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
469E000
|
| Size: |
8192
|
|
|
459E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224468578.000000000459E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
459E000
|
| Size: |
8192
|
|
|
BC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223100538.0000000000BC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BC0000
|
| Size: |
4096
|
|
|
6700000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1127680340.0000000006700000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6700000
|
| Size: |
4096
|
|
|
4931000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1134655709.0000000004931000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4931000
|
| Size: |
49152
|
|
|
1097000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1123223084.0000000001097000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1097000
|
| Size: |
77824
|
|
|
60D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000000.00000002.1155819827.000000000060D000.00000008.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
60D000
|
| Size: |
4096
|
|
|
48BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3547842828.00000000048BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
48BF000
|
| Size: |
4096
|
|
|
4F00000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000003.1190155176.0000000004F00000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F00000
|
| Size: |
4096
|
|
|
1550000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3544774553.0000000001550000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1550000
|
| Size: |
36864
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564475839.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
3D9F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1184922729.0000000003D9F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3D9F000
|
| Size: |
4096
|
|
|
5E0D000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3549223278.0000000005E0D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5E0D000
|
| Size: |
12288
|
|
|
2E9F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1183717684.0000000002E9F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E9F000
|
| Size: |
4096
|
|
|
4F80000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.1235674675.0000000004F80000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F80000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116636150.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
8192
|
|
|
4EB0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1113902921.0000000004EB0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4EB0000
|
| Size: |
4096
|
|
|
4DD0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1522025292.0000000004DD0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4DD0000
|
| Size: |
53248
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1115822051.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
2C5F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231315105.0000000002C5F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2C5F000
|
| Size: |
4096
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1505182279.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
2B00000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1183013016.0000000002B00000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B00000
|
| Size: |
53248
|
|
|
4931000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1185268170.0000000004931000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4931000
|
| Size: |
49152
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564123219.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1538635852.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1565086468.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
3CDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224209145.0000000003CDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3CDE000
|
| Size: |
8192
|
|
|
4DFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224599256.0000000004DFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4DFE000
|
| Size: |
8192
|
|
|
47DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1185303848.00000000047DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47DE000
|
| Size: |
8192
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1122064684.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
640F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1186042432.000000000640F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
640F000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1076434353.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
3D7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3547019967.0000000003D7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3D7F000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1108879834.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
4D60000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1111010007.0000000004D60000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4D60000
|
| Size: |
53248
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1122578322.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1546098731.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
4F60000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.1235514080.0000000004F60000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F60000
|
| Size: |
4096
|
|
|
316E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3545357014.000000000316E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
316E000
|
| Size: |
8192
|
|
|
B90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1230871757.0000000000B90000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B90000
|
| Size: |
4096
|
|
|
455F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224451782.000000000455F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
455F000
|
| Size: |
4096
|
|
|
305E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223552512.000000000305E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
305E000
|
| Size: |
8192
|
|
|
103A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231037555.000000000103A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
103A000
|
| Size: |
69632
|
|
|
445E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224434174.000000000445E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
445E000
|
| Size: |
8192
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1076468128.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
4E00000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3548178141.0000000004E00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4E00000
|
| Size: |
32768
|
|
|
4D20000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1096341313.0000000004D20000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4D20000
|
| Size: |
176128
|
|
|
1086000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1130439871.0000000001086000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1086000
|
| Size: |
61440
|
|
|
8CC000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1222457689.00000000008CC000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
8CC000
|
| Size: |
106496
|
|
|
35FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3546697641.00000000035FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
35FF000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1120338063.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4FB0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.1236137075.0000000004FB0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4FB0000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1123813066.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
315F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223578116.000000000315F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
315F000
|
| Size: |
4096
|
|
|
10C2000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1123397174.00000000010C2000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10C2000
|
| Size: |
36864
|
|
|
8AD000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1156262341.00000000008AD000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
8AD000
|
| Size: |
4096
|
|
|
BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1149415678.0000000000BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BB4000
|
| Size: |
4096
|
|
|
BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1149368082.0000000000BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BB4000
|
| Size: |
4096
|
|
|
6A7C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1186260491.0000000006A7C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6A7C000
|
| Size: |
16384
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116423726.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4EE0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1113834695.0000000004EE0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4EE0000
|
| Size: |
4096
|
|
|
AA5000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.1230770468.0000000000AA5000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
AA5000
|
| Size: |
8192
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1117364389.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4FD0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.1236300511.0000000004FD0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4FD0000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1076515220.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
4921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1146386742.0000000004921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4921000
|
| Size: |
49152
|
|
|
3DBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3547050153.0000000003DBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3DBE000
|
| Size: |
8192
|
|
|
6186000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1127762915.0000000006186000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6186000
|
| Size: |
4096
|
|
|
B70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223051814.0000000000B70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B70000
|
| Size: |
16384
|
|
|
54A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.3548843327.00000000054A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
54A0000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1546834016.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564445984.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
10B1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1130372652.00000000010B1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10B1000
|
| Size: |
151552
|
|
|
301F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223526724.000000000301F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
301F000
|
| Size: |
4096
|
|
|
2D9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1183640264.0000000002D9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D9E000
|
| Size: |
8192
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1122089633.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
670E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1127475437.000000000670E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
670E000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116118009.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
479F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1185284216.000000000479F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
479F000
|
| Size: |
4096
|
|
|
4931000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1176602499.0000000004931000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4931000
|
| Size: |
241664
|
|
|
4F90000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1185972877.0000000004F90000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F90000
|
| Size: |
4096
|
|
|
53F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1543424472.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53F0000
|
| Size: |
4096
|
|
|
4F40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.1183030963.0000000004F40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F40000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1076615160.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
66D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
0000000C.00000000.1500246669.000000000066D000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
66D000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564676205.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
48DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1185333323.00000000048DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
48DF000
|
| Size: |
4096
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1545391912.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
415F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1185074970.000000000415F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
415F000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1115781938.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
3B5F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224149585.0000000003B5F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B5F000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564815978.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1123697506.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
F50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1176750332.0000000000F50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F50000
|
| Size: |
16384
|
|
|
2B30000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1089430472.0000000002B30000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B30000
|
| Size: |
53248
|
|
|
2D9F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231369895.0000000002D9F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D9F000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563827229.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564298764.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116355444.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1538361236.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
225280
|
|
|
2B50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1183183485.0000000002B50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B50000
|
| Size: |
20480
|
|
|
4FE0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.1236407712.0000000004FE0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4FE0000
|
| Size: |
4096
|
|
|
ADB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1176515281.0000000000ADB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
ADB000
|
| Size: |
20480
|
|
|
4920000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1161741517.0000000004920000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4920000
|
| Size: |
53248
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116342016.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
2B20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1183046232.0000000002B20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B20000
|
| Size: |
4096
|
|
|
4F30000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000003.1190069891.0000000004F30000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F30000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1108927147.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1122010970.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
3C9F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224189900.0000000003C9F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C9F000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1122413414.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
8192
|
|
|
B74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1176741102.0000000000B74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B74000
|
| Size: |
4096
|
|
|
2E1F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223452033.0000000002E1F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E1F000
|
| Size: |
4096
|
|
|
2B30000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1086759472.0000000002B30000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B30000
|
| Size: |
53248
|
|
|
38DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1184736572.00000000038DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38DE000
|
| Size: |
8192
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1123727772.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4FE4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1185992140.0000000004FE4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4FE4000
|
| Size: |
12288
|
|
|
329F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231583204.000000000329F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
329F000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1546776331.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
103F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1181538285.000000000103F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
103F000
|
| Size: |
61440
|
|
|
361F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1184593761.000000000361F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
361F000
|
| Size: |
4096
|
|
|
417E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3547574852.000000000417E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
417E000
|
| Size: |
8192
|
|
|
43FD000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3547662817.00000000043FD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
43FD000
|
| Size: |
12288
|
|
|
6B8C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1186428840.0000000006B8C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6B8C000
|
| Size: |
16384
|
|
|
3C9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1184895351.0000000003C9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C9E000
|
| Size: |
8192
|
|
|
89E000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1156262341.000000000089E000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
89E000
|
| Size: |
40960
|
|
|
7ED000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.1230096901.00000000007ED000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
7ED000
|
| Size: |
901120
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
2BCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223357390.0000000002BCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2BCE000
|
| Size: |
8192
|
|
|
4F40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1185539324.0000000004F40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F40000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1546134208.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
2F1F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223469057.0000000002F1F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2F1F000
|
| Size: |
4096
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1545654094.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1545566369.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563885498.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
8F7000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1222457689.00000000008F7000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
8F7000
|
| Size: |
24576
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564233249.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
1033000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1181297287.0000000001033000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1033000
|
| Size: |
28672
|
|
|
1390000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3544574406.0000000001390000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1390000
|
| Size: |
16384
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1121375495.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
319E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223604261.000000000319E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
319E000
|
| Size: |
8192
|
|
|
389F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1184709976.000000000389F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
389F000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1115852466.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563676964.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
104E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223159014.000000000104E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
104E000
|
| Size: |
8192
|
|
|
66D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000003.00000002.1230070033.000000000066D000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
66D000
|
| Size: |
4096
|
|
|
103F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1130503535.000000000103F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
103F000
|
| Size: |
61440
|
|
|
405E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1185050622.000000000405E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
405E000
|
| Size: |
8192
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1076414569.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
49152
|
|
|
379F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231795357.000000000379F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
379F000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1076489121.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116003740.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1565033879.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
4DD0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1514879881.0000000004DD0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4DD0000
|
| Size: |
53248
|
|
|
3B5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1184833393.0000000003B5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B5E000
|
| Size: |
8192
|
|
|
15C8000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3544774553.00000000015C8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15C8000
|
| Size: |
45056
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1546558941.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
365F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223974756.000000000365F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
365F000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1122183262.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4DD0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1520237696.0000000004DD0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4DD0000
|
| Size: |
53248
|
|
|
4E15000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1189665310.0000000004E15000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4E15000
|
| Size: |
12288
|
|
|
365F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231733963.000000000365F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
365F000
|
| Size: |
4096
|
|
|
4F40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.1182905555.0000000004F40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F40000
|
| Size: |
4096
|
|
|
409E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224321047.000000000409E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
409E000
|
| Size: |
8192
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1121873116.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
866C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1186482061.000000000866C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
866C000
|
| Size: |
16384
|
|
|
105D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1127989638.000000000105D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
105D000
|
| Size: |
8192
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116499646.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1149453479.0000000000BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BB4000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1120418423.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563538592.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1120967098.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
2B57000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1183183485.0000000002B57000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2B57000
|
| Size: |
32768
|
|
|
B74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1176770756.0000000000B74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B74000
|
| Size: |
4096
|
|
|
2B30000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1096001620.0000000002B30000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B30000
|
| Size: |
53248
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564412729.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
100E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223140772.000000000100E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
100E000
|
| Size: |
8192
|
|
|
10C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1123172601.00000000010C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10C0000
|
| Size: |
4096
|
|
|
48F1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1185353131.00000000048F1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48F1000
|
| Size: |
8192
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1108833273.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563912979.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
47BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3547816371.00000000047BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47BE000
|
| Size: |
8192
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1117080526.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
1380000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3544464496.0000000001380000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1380000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563568731.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
3177000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3545413284.0000000003177000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3177000
|
| Size: |
12288
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563505256.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564038750.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
3B3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3546927396.0000000003B3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B3E000
|
| Size: |
8192
|
|
|
10C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1123349259.00000000010C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
10C0000
|
| Size: |
45056
|
|
|
4F70000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.1235541948.0000000004F70000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F70000
|
| Size: |
4096
|
|
|
4F40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.1183151701.0000000004F40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F40000
|
| Size: |
4096
|
|
|
409E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1232605064.000000000409E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
409E000
|
| Size: |
8192
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563599364.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
391E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224075887.000000000391E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
391E000
|
| Size: |
8192
|
|
|
FEE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1178231378.0000000000FEE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FEE000
|
| Size: |
221184
|
|
|
5A1000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000000.00000000.1070690946.00000000005A1000.00000080.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
5A1000
|
| Size: |
188416
|
|
|
4FC0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.1236248264.0000000004FC0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4FC0000
|
| Size: |
4096
|
|
|
4FB0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1224760879.0000000004FB0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4FB0000
|
| Size: |
4096
|
|
|
90D000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1222457689.000000000090D000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
90D000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563628802.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
8FE000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1222457689.00000000008FE000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
8FE000
|
| Size: |
40960
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1117177766.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4F40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.1182443801.0000000004F40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F40000
|
| Size: |
4096
|
|
|
53F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1543370350.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53F0000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1562985099.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1115740649.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
29FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231197832.00000000029FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
29FE000
|
| Size: |
8192
|
|
|
6ABE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1186388440.0000000006ABE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6ABE000
|
| Size: |
8192
|
|
|
337F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3546018564.000000000337F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
337F000
|
| Size: |
4096
|
|
|
42DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1185140265.00000000042DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
42DE000
|
| Size: |
8192
|
|
|
4DE4000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3548178141.0000000004DE4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE4000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1546804395.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
4F30000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000003.1190048915.0000000004F30000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F30000
|
| Size: |
4096
|
|
|
351F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223922577.000000000351F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
351F000
|
| Size: |
4096
|
|
|
4FE0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1224818254.0000000004FE0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4FE0000
|
| Size: |
4096
|
|
|
59DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3548965436.00000000059DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
59DE000
|
| Size: |
8192
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1121641890.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564151397.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
2B8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223337710.0000000002B8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2B8E000
|
| Size: |
8192
|
|
|
4F40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.1182550266.0000000004F40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F40000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1122540854.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
329F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223824853.000000000329F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
329F000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564752836.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
AA5000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1222984599.0000000000AA5000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
AA5000
|
| Size: |
8192
|
|
|
BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1185113290.0000000000BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BB4000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1562440944.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1122956663.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1121736193.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4F10000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1185482504.0000000004F10000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F10000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563939027.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
4B3F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3547968727.0000000004B3F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4B3F000
|
| Size: |
4096
|
|
|
3B5F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231939662.0000000003B5F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B5F000
|
| Size: |
4096
|
|
|
6710000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1127475437.0000000006710000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6710000
|
| Size: |
8192
|
|
|
1350000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3544388013.0000000001350000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1350000
|
| Size: |
4096
|
|
|
3A1F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231893090.0000000003A1F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A1F000
|
| Size: |
4096
|
|
|
453E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3547713315.000000000453E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
453E000
|
| Size: |
8192
|
|
|
3C9F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231992773.0000000003C9F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C9F000
|
| Size: |
4096
|
|
|
4F60000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1224658745.0000000004F60000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F60000
|
| Size: |
4096
|
|
|
601000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000002.00000000.1128643364.0000000000601000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
601000
|
| Size: |
188416
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564562056.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563769033.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
66F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.3542268227.000000000066F000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
66F000
|
| Size: |
1556480
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1121176753.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1545843576.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
5410000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.3548585928.0000000005410000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5410000
|
| Size: |
4096
|
|
|
4DE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3548178141.0000000004DE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE0000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1121763170.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
2B00000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1167546718.0000000002B00000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B00000
|
| Size: |
53248
|
|
|
5F0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3549259784.0000000005F0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5F0E000
|
| Size: |
8192
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1115712965.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1565060279.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
90D000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
0000000C.00000000.1500264052.000000000090D000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
90D000
|
| Size: |
1687552
|
|
|
1086000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1127835768.0000000001086000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1086000
|
| Size: |
61440
|
|
|
491F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224561037.000000000491F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
491F000
|
| Size: |
4096
|
|
|
4920000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1157209277.0000000004920000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4920000
|
| Size: |
53248
|
|
|
8F7000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.3542268227.00000000008F7000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
8F7000
|
| Size: |
24576
|
|
|
465F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1185236011.000000000465F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
465F000
|
| Size: |
4096
|
|
|
53F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1543324406.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53F0000
|
| Size: |
4096
|
|
|
4DC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3548144170.0000000004DC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DC0000
|
| Size: |
4096
|
|
|
FEC000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3544132558.0000000000FEC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
FEC000
|
| Size: |
16384
|
|
|
405E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224302549.000000000405E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
405E000
|
| Size: |
8192
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1122607148.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
8FE000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.1230096901.00000000008FE000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
8FE000
|
| Size: |
40960
|
|
|
6180000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1127762915.0000000006180000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6180000
|
| Size: |
8192
|
|
|
6842000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1186146184.0000000006842000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6842000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1076565161.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116132103.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1538506882.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
3DDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1184950415.0000000003DDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3DDE000
|
| Size: |
8192
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1122673845.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
12DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1182614481.00000000012DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
12DE000
|
| Size: |
8192
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564504215.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
600000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000003.00000000.1136374664.0000000000600000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
600000
|
| Size: |
4096
|
|
|
4F40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.1182110012.0000000004F40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F40000
|
| Size: |
8192
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1546712423.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
8CC000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.3542268227.00000000008CC000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
8CC000
|
| Size: |
106496
|
|
|
463F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3547739742.000000000463F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
463F000
|
| Size: |
4096
|
|
|
4D70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1155179350.0000000004D70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4D70000
|
| Size: |
180224
|
|
|
3EDF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1184975047.0000000003EDF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3EDF000
|
| Size: |
4096
|
|
|
3B9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231971109.0000000003B9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B9E000
|
| Size: |
8192
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116476817.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
419E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1185098668.000000000419E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
419E000
|
| Size: |
8192
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116018361.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
3DDF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224228737.0000000003DDF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3DDF000
|
| Size: |
4096
|
|
|
441F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1234081338.000000000441F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
441F000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1121805645.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
FEA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1178231378.0000000000FEA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
FEA000
|
| Size: |
8192
|
|
|
3C5F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1184865126.0000000003C5F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C5F000
|
| Size: |
4096
|
|
|
1068000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1130503535.0000000001068000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1068000
|
| Size: |
90112
|
|
|
365E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1184624200.000000000365E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
365E000
|
| Size: |
8192
|
|
|
B74000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1176679502.0000000000B74000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B74000
|
| Size: |
4096
|
|
|
102A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231037555.000000000102A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
102A000
|
| Size: |
61440
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563741469.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
155B000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3544774553.000000000155B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
155B000
|
| Size: |
221184
|
|
|
401F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1185026059.000000000401F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
401F000
|
| Size: |
4096
|
|
|
4FD0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1224799501.0000000004FD0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4FD0000
|
| Size: |
4096
|
|
|
351E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1184510464.000000000351E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
351E000
|
| Size: |
8192
|
|
|
44FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3547685056.00000000044FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
44FE000
|
| Size: |
8192
|
|
|
351F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231680528.000000000351F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
351F000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1562929576.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
2AFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231222306.0000000002AFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2AFF000
|
| Size: |
4096
|
|
|
4F20000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000003.1190134314.0000000004F20000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F20000
|
| Size: |
4096
|
|
|
4EE0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1113465931.0000000004EE0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4EE0000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1123275267.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4920000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1234923481.0000000004920000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4920000
|
| Size: |
4096
|
|
|
2B1B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1182933688.0000000002B1B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2B1B000
|
| Size: |
20480
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1123779329.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
431E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224395906.000000000431E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
431E000
|
| Size: |
8192
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1120377454.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116747565.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
5490000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.3548819439.0000000005490000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5490000
|
| Size: |
4096
|
|
|
4920000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1166762273.0000000004920000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4920000
|
| Size: |
53248
|
|
|
341E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231657752.000000000341E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
341E000
|
| Size: |
8192
|
|
|
600000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1222267285.0000000000600000.00000004.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
600000
|
| Size: |
4096
|
|
|
4D9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1185402756.0000000004D9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4D9E000
|
| Size: |
8192
|
|
|
301F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231476483.000000000301F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
301F000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1545885662.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1545772467.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
2D5F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1183408168.0000000002D5F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D5F000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116545948.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
1020000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231037555.0000000001020000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1020000
|
| Size: |
32768
|
|
|
6840000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1186146184.0000000006840000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6840000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1565113496.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
379F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224018551.000000000379F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
379F000
|
| Size: |
4096
|
|
|
BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1185052956.0000000000BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BB4000
|
| Size: |
4096
|
|
|
2B00000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1158427054.0000000002B00000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B00000
|
| Size: |
53248
|
|
|
630E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1186025931.000000000630E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
630E000
|
| Size: |
8192
|
|
|
66D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
0000000C.00000002.3542183339.000000000066D000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
66D000
|
| Size: |
4096
|
|
|
53AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3548458787.00000000053AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
53AF000
|
| Size: |
4096
|
|
|
48E0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1185353131.00000000048E0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E0000
|
| Size: |
45056
|
|
|
2DDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231399291.0000000002DDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2DDE000
|
| Size: |
8192
|
|
|
319E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231561152.000000000319E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
319E000
|
| Size: |
8192
|
|
|
2B30000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1101576207.0000000002B30000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B30000
|
| Size: |
53248
|
|
|
BB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1184973357.0000000000BB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BB4000
|
| Size: |
4096
|
|
|
4EE0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1113139713.0000000004EE0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4EE0000
|
| Size: |
8192
|
|
|
2B00000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1178947840.0000000002B00000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B00000
|
| Size: |
53248
|
|
|
4921000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1191995355.0000000004921000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4921000
|
| Size: |
49152
|
|
|
BB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1230897244.0000000000BB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BB0000
|
| Size: |
16384
|
|
|
6710000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1127680340.0000000006710000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6710000
|
| Size: |
8192
|
|
|
3B9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224169466.0000000003B9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B9E000
|
| Size: |
8192
|
|
|
4EF0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1185452273.0000000004EF0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4EF0000
|
| Size: |
4096
|
|
|
1064000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1181538285.0000000001064000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1064000
|
| Size: |
8192
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1546449413.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
53F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1543282157.00000000053F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53F0000
|
| Size: |
4096
|
|
|
4FA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.1236012531.0000000004FA0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4FA0000
|
| Size: |
4096
|
|
|
38DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224055577.00000000038DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38DF000
|
| Size: |
4096
|
|
|
90E000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000003.00000002.1230600632.000000000090E000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
90E000
|
| Size: |
1667072
|
|
|
47DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1234634346.00000000047DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47DF000
|
| Size: |
4096
|
|
|
317D000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3545413284.000000000317D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
317D000
|
| Size: |
4096
|
|
|
897000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1156262341.0000000000897000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
897000
|
| Size: |
24576
|
|
|
4F30000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000003.1189888196.0000000004F30000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F30000
|
| Size: |
8192
|
|
|
455F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1234163660.000000000455F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
455F000
|
| Size: |
4096
|
|
|
4E25000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1181651854.0000000004E25000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4E25000
|
| Size: |
12288
|
|
|
441F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224418383.000000000441F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
441F000
|
| Size: |
4096
|
|
|
100E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1230987362.000000000100E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
100E000
|
| Size: |
8192
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1546591866.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
42DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224378485.00000000042DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
42DF000
|
| Size: |
4096
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1538682100.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563105051.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
B3C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223026517.0000000000B3C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B3C000
|
| Size: |
16384
|
|
|
4DD0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1516572086.0000000004DD0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4DD0000
|
| Size: |
53248
|
|
|
15AE000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3544774553.00000000015AE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15AE000
|
| Size: |
98304
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
32DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223851141.00000000032DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
32DE000
|
| Size: |
8192
|
|
|
4EE0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1113169710.0000000004EE0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4EE0000
|
| Size: |
4096
|
|
|
2B4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223312221.0000000002B4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2B4E000
|
| Size: |
8192
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563026835.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
1025000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1178231378.0000000001025000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1025000
|
| Size: |
16384
|
|
|
103A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1130503535.000000000103A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
103A000
|
| Size: |
4096
|
|
|
8FE000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.3542268227.00000000008FE000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
8FE000
|
| Size: |
40960
|
|
|
4EE0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1113759659.0000000004EE0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4EE0000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563208329.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
5440000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.3548681540.0000000005440000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5440000
|
| Size: |
4096
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1545439158.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116329086.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
1064000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1130503535.0000000001064000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1064000
|
| Size: |
8192
|
|
|
455E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1185218239.000000000455E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
455E000
|
| Size: |
8192
|
|
|
387F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3546791373.000000000387F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
387F000
|
| Size: |
4096
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1116273342.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
121F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231176340.000000000121F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
121F000
|
| Size: |
4096
|
|
|
2F1E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1231448991.0000000002F1E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2F1E000
|
| Size: |
8192
|
|
|
F20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1176708277.0000000000F20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F20000
|
| Size: |
8192
|
|
|
34FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3546672570.00000000034FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34FE000
|
| Size: |
8192
|
|
|
405E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1232469263.000000000405E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
405E000
|
| Size: |
8192
|
|
|
39DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1184761175.00000000039DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
39DF000
|
| Size: |
4096
|
|
|
4F50000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1224634985.0000000004F50000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F50000
|
| Size: |
4096
|
|
|
4F90000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1224712815.0000000004F90000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F90000
|
| Size: |
4096
|
|
|
109E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1223182615.000000000109E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
109E000
|
| Size: |
8192
|
|
|
2B00000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.1165272140.0000000002B00000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B00000
|
| Size: |
53248
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1545675886.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1563377118.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1538435110.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
3170000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3545413284.0000000003170000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3170000
|
| Size: |
16384
|
|
|
327F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3545797782.000000000327F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
327F000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1121615741.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
4EFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224618089.0000000004EFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4EFF000
|
| Size: |
4096
|
|
|
481E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1224541760.000000000481E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
481E000
|
| Size: |
8192
|
|
|
2FDF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1183978307.0000000002FDF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2FDF000
|
| Size: |
4096
|
|
|
66A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1186130591.00000000066A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
66A0000
|
| Size: |
4096
|
|
|
301E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1184044626.000000000301E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
301E000
|
| Size: |
8192
|
|
|
F54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1115971290.0000000000F54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F54000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1121099195.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
601000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
0000000C.00000000.1500207954.0000000000601000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
601000
|
| Size: |
188416
|
|
|
5420000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.3548622737.0000000005420000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5420000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564093337.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
48E1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1122215692.00000000048E1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
48E1000
|
| Size: |
4096
|
|
|
2B30000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1103362895.0000000002B30000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2B30000
|
| Size: |
53248
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1504998290.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
445E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.1234110867.000000000445E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
445E000
|
| Size: |
8192
|
|
|
90D000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.3542268227.000000000090D000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
90D000
|
| Size: |
4096
|
|
|
1394000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1545418131.0000000001394000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1394000
|
| Size: |
4096
|
|
|
4EC0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1113871039.0000000004EC0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4EC0000
|
| Size: |
4096
|
|
|
4DE1000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1564869986.0000000004DE1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4DE1000
|
| Size: |
4096
|
|
|
42BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.3547620071.00000000042BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
42BE000
|
| Size: |
8192
|
|
|
4F10000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000003.1190114413.0000000004F10000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4F10000
|
| Size: |
4096
|
|
|
8F7000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.1230096901.00000000008F7000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
8F7000
|
| Size: |
24576
|
|
