|
4FB0000
|
direct allocation
|
page read and write
|
 |
|
|
| Name: |
00000004.00000003.1651270377.0000000004FB0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4FB0000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found malware configuration |
AV Detection |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
| Sample uses string decryption to hide its real strings |
AV Detection |
|
|
|
121000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.2546784713.0000000000121000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
121000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
4B10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1326413160.0000000004B10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4B10000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
71000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1366611332.0000000000071000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
71000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
121000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1404730008.0000000000121000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
121000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
4BC0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1364524749.0000000004BC0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4BC0000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671286122.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
803F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1337023917.000000000803F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
803F000
|
| Size: |
139264
|
|
|
4FAC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2549281106.0000000004FAC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4FAC000
|
| Size: |
16384
|
|
|
2A97000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405479305.0000000002A97000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A97000
|
| Size: |
8192
|
|
|
2EBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368006691.0000000002EBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2EBF000
|
| Size: |
4096
|
|
|
26D000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1366693480.000000000026D000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
26D000
|
| Size: |
917504
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
EAB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367549875.0000000000EAB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EAB000
|
| Size: |
4096
|
|
|
44C000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000002.00000002.1405055725.000000000044C000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
44C000
|
| Size: |
1740800
|
|
|
4D40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.1364856367.0000000004D40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D40000
|
| Size: |
4096
|
|
|
2DBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367983801.0000000002DBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2DBF000
|
| Size: |
4096
|
|
|
2F5F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405613508.0000000002F5F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2F5F000
|
| Size: |
4096
|
|
|
43D000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1404808165.000000000043D000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
43D000
|
| Size: |
36864
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671036051.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1334087882.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
38FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368437226.00000000038FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38FE000
|
| Size: |
8192
|
|
|
BF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367217599.0000000000BF0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
BF0000
|
| Size: |
4096
|
|
|
2BDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405531797.0000000002BDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2BDE000
|
| Size: |
8192
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670848750.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1332542783.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
8192
|
|
|
3E5F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406003606.0000000003E5F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3E5F000
|
| Size: |
4096
|
|
|
4CC0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1369358885.0000000004CC0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CC0000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1300492440.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
4D00000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1369464382.0000000004D00000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D00000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1654169725.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1331176597.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
39AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548327555.00000000039AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
39AF000
|
| Size: |
4096
|
|
|
4B31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671522829.0000000004B31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B31000
|
| Size: |
4096
|
|
|
52CB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2549681417.00000000052CB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
52CB000
|
| Size: |
20480
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329036523.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
2AA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1314522288.0000000002AA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2AA0000
|
| Size: |
53248
|
|
|
121000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000002.00000000.1337182836.0000000000121000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
121000
|
| Size: |
188416
|
|
|
9D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1343558275.00000000009D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9D4000
|
| Size: |
4096
|
|
|
ED1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1338865963.0000000000ED1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
ED1000
|
| Size: |
73728
|
|
|
349E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405753617.000000000349E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
349E000
|
| Size: |
8192
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1653672498.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4DC0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1406500987.0000000004DC0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4DC0000
|
| Size: |
4096
|
|
|
439E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406149916.000000000439E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
439E000
|
| Size: |
8192
|
|
|
6A90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1336699495.0000000006A90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6A90000
|
| Size: |
8192
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1649490678.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
2FFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368054391.0000000002FFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2FFF000
|
| Size: |
4096
|
|
|
34FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368227994.00000000034FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34FF000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1332519871.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
4B30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2549189767.0000000004B30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B30000
|
| Size: |
36864
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1654623772.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
42AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548710506.00000000042AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
42AE000
|
| Size: |
8192
|
|
|
121000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000004.00000000.1633421010.0000000000121000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
121000
|
| Size: |
188416
|
|
|
11A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1648539089.00000000011A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11A0000
|
| Size: |
53248
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1654667432.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
EE4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1338593114.0000000000EE4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EE4000
|
| Size: |
12288
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1653633764.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329791601.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
801C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369888548.000000000801C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
801C000
|
| Size: |
16384
|
|
|
5110000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000003.1651620176.0000000005110000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5110000
|
| Size: |
4096
|
|
|
4D20000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.1364954156.0000000004D20000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D20000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1331323865.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
65EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369775694.00000000065EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
65EE000
|
| Size: |
8192
|
|
|
476F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548948011.000000000476F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
476F000
|
| Size: |
4096
|
|
|
65AC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369756439.00000000065AC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
65AC000
|
| Size: |
16384
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1330062235.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
8192
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329683085.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
4D40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.1364914791.0000000004D40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D40000
|
| Size: |
4096
|
|
|
11A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1643092990.00000000011A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11A0000
|
| Size: |
53248
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1654648568.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
6A8E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1336699495.0000000006A8E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6A8E000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329601460.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
4C80000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1326935667.0000000004C80000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C80000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671118181.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
362E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548190333.000000000362E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
362E000
|
| Size: |
8192
|
|
|
70000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1366590748.0000000000070000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
70000
|
| Size: |
4096
|
|
|
4B31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1653456646.0000000004B31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B31000
|
| Size: |
49152
|
|
|
4B31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671655232.0000000004B31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B31000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1654502176.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
39B000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1366693480.000000000039B000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
39B000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1331123920.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
426F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548684258.000000000426F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
426F000
|
| Size: |
4096
|
|
|
13A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1650426478.00000000013A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
13A0000
|
| Size: |
53248
|
|
|
E3A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405296189.0000000000E3A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E3A000
|
| Size: |
8192
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1332442481.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
EAA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1338918472.0000000000EAA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EAA000
|
| Size: |
8192
|
|
|
4B31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671617754.0000000004B31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B31000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1638518293.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
EFF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367655242.0000000000EFF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EFF000
|
| Size: |
131072
|
|
|
416E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548654425.000000000416E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
416E000
|
| Size: |
8192
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670867538.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
47AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548979756.00000000047AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
47AE000
|
| Size: |
8192
|
|
|
3FDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406050201.0000000003FDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3FDE000
|
| Size: |
8192
|
|
|
45DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406200906.00000000045DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
45DF000
|
| Size: |
4096
|
|
|
399E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405886961.000000000399E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
399E000
|
| Size: |
8192
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1334235529.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
E20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405281604.0000000000E20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E20000
|
| Size: |
4096
|
|
|
13F7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2547579887.00000000013F7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13F7000
|
| Size: |
86016
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
4C25000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1364524749.0000000004C25000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C25000
|
| Size: |
12288
|
|
|
29CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367757544.00000000029CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
29CF000
|
| Size: |
4096
|
|
|
4D50000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1369584571.0000000004D50000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D50000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1330344953.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
5015000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1651270377.0000000005015000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5015000
|
| Size: |
12288
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1330087563.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
8192
|
|
|
2F2F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2547968899.0000000002F2F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2F2F000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1322544271.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
4B2F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2549159319.0000000004B2F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4B2F000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1333134816.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1654221810.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
71000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000000.00000000.1294514123.0000000000071000.00000080.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
71000
|
| Size: |
188416
|
|
|
93C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405184538.000000000093C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
93C000
|
| Size: |
16384
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670937237.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
11C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2547556681.00000000011C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C0000
|
| Size: |
16384
|
|
|
4AC0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1306952440.0000000004AC0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4AC0000
|
| Size: |
176128
|
|
|
DD000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000000.00000002.1366675063.00000000000DD000.00000008.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
DD000
|
| Size: |
4096
|
|
|
411E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406083956.000000000411E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
411E000
|
| Size: |
8192
|
|
|
6460000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369716214.0000000006460000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6460000
|
| Size: |
4096
|
|
|
2AA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1303366807.0000000002AA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2AA0000
|
| Size: |
53248
|
|
|
3EFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368661165.0000000003EFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3EFF000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670917077.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
E91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1338625860.0000000000E91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E91000
|
| Size: |
110592
|
|
|
35EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548170866.00000000035EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
35EF000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1326794784.0000000004C90000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C90000
|
| Size: |
4096
|
|
|
4DD0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1406522841.0000000004DD0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4DD0000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1330754562.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
EF9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1333202388.0000000000EF9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EF9000
|
| Size: |
57344
|
|
|
5FF5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1336826234.0000000005FF5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5FF5000
|
| Size: |
8192
|
|
|
2A90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367854514.0000000002A90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A90000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1330313021.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1332246948.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
5F7000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000004.00000002.2547379615.00000000005F7000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
5F7000
|
| Size: |
8192
|
|
|
2AA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1307733825.0000000002AA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2AA0000
|
| Size: |
53248
|
|
|
51C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.2549650786.00000000051C0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51C0000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1331568697.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670830485.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
385E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405854147.000000000385E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
385E000
|
| Size: |
8192
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1654031507.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1326869681.0000000004C90000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C90000
|
| Size: |
4096
|
|
|
9D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1343597104.00000000009D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9D4000
|
| Size: |
4096
|
|
|
140F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2547579887.000000000140F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
140F000
|
| Size: |
102400
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
2A4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405442799.0000000002A4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2A4F000
|
| Size: |
4096
|
|
|
435F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406134345.000000000435F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
435F000
|
| Size: |
4096
|
|
|
558E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2549878322.000000000558E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
558E000
|
| Size: |
8192
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671183233.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1333037830.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
ED1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1337997320.0000000000ED1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
ED1000
|
| Size: |
73728
|
|
|
41BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368923017.00000000041BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
41BE000
|
| Size: |
8192
|
|
|
11A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1644743648.00000000011A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11A0000
|
| Size: |
53248
|
|
|
2AA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1301424256.0000000002AA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2AA0000
|
| Size: |
53248
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329855494.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
3DBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368615962.0000000003DBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3DBF000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1332393845.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
4720000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1345330611.0000000004720000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4720000
|
| Size: |
53248
|
|
|
2AA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1312097089.0000000002AA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2AA0000
|
| Size: |
53248
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1328919704.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
49152
|
|
|
E86000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367383889.0000000000E86000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E86000
|
| Size: |
28672
|
|
|
4C60000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369285345.0000000004C60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4C60000
|
| Size: |
4096
|
|
|
EAF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1337997320.0000000000EAF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EAF000
|
| Size: |
122880
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1330573607.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1333849067.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
37BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368368097.00000000037BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
37BE000
|
| Size: |
8192
|
|
|
44B000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000002.00000000.1337641608.000000000044B000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
44B000
|
| Size: |
1761280
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1331810588.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
40DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406068538.00000000040DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
40DF000
|
| Size: |
4096
|
|
|
2E0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2547878515.0000000002E0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E0E000
|
| Size: |
8192
|
|
|
11A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1646324778.00000000011A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11A0000
|
| Size: |
53248
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1332222271.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
3D1F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405968078.0000000003D1F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3D1F000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1331099923.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
7E20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369841462.0000000007E20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7E20000
|
| Size: |
12288
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1333171585.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
D70000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2547433785.0000000000D70000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D70000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1326659931.0000000004C90000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C90000
|
| Size: |
8192
|
|
|
4720000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1362335262.0000000004720000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4720000
|
| Size: |
53248
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1332035399.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
11A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1647037071.00000000011A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11A0000
|
| Size: |
53248
|
|
|
EFF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1338372961.0000000000EFF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EFF000
|
| Size: |
131072
|
|
|
4D40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.1364779375.0000000004D40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D40000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1638475935.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1330113406.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
8192
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670273419.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4720000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1346877798.0000000004720000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4720000
|
| Size: |
53248
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1653572476.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4691000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369157331.0000000004691000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4691000
|
| Size: |
8192
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329698974.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
4720000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1360011073.0000000004720000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4720000
|
| Size: |
53248
|
|
|
4C90000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1326892414.0000000004C90000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C90000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329130956.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
5110000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000003.1651600210.0000000005110000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5110000
|
| Size: |
4096
|
|
|
3B3F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368517571.0000000003B3F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B3F000
|
| Size: |
4096
|
|
|
56DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2549950626.00000000056DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
56DE000
|
| Size: |
8192
|
|
|
18D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000002.00000000.1337594099.000000000018D000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
18D000
|
| Size: |
4096
|
|
|
4B70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1353047595.0000000004B70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4B70000
|
| Size: |
176128
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670751608.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329237232.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1653757615.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1328984026.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1300431409.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
49152
|
|
|
E92000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367514892.0000000000E92000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E92000
|
| Size: |
98304
|
|
|
4720000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1352406982.0000000004720000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4720000
|
| Size: |
53248
|
|
|
5110000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000003.1651639732.0000000005110000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5110000
|
| Size: |
4096
|
|
|
4CF0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1369440399.0000000004CF0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CF0000
|
| Size: |
4096
|
|
|
584D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2550051381.000000000584D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
584D000
|
| Size: |
12288
|
|
|
4CB0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1369341445.0000000004CB0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CB0000
|
| Size: |
4096
|
|
|
2D1E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405565129.0000000002D1E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D1E000
|
| Size: |
8192
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329553553.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
7E24000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369841462.0000000007E24000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7E24000
|
| Size: |
4096
|
|
|
417F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368869249.000000000417F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
417F000
|
| Size: |
4096
|
|
|
5160000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.2549482255.0000000005160000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5160000
|
| Size: |
4096
|
|
|
2A0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367779009.0000000002A0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2A0E000
|
| Size: |
8192
|
|
|
4D40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.1364801462.0000000004D40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D40000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1330240860.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329763607.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
5110000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000003.1651517486.0000000005110000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5110000
|
| Size: |
4096
|
|
|
2D8B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2547821165.0000000002D8B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D8B000
|
| Size: |
20480
|
|
|
2AB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367876626.0000000002AB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AB0000
|
| Size: |
20480
|
|
|
EED000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1338372961.0000000000EED000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EED000
|
| Size: |
69632
|
|
|
425E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406117193.000000000425E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
425E000
|
| Size: |
8192
|
|
|
9D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1362568254.00000000009D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9D4000
|
| Size: |
4096
|
|
|
2AA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1308869652.0000000002AA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2AA0000
|
| Size: |
53248
|
|
|
633E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369680371.000000000633E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
633E000
|
| Size: |
8192
|
|
|
443E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369040833.000000000443E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
443E000
|
| Size: |
8192
|
|
|
EEC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1337053171.0000000000EEC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EEC000
|
| Size: |
73728
|
|
|
377F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368325499.000000000377F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
377F000
|
| Size: |
4096
|
|
|
4DF0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1406559109.0000000004DF0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4DF0000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1331965417.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
102E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367716039.000000000102E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
102E000
|
| Size: |
8192
|
|
|
359F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405770428.000000000359F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
359F000
|
| Size: |
4096
|
|
|
407E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368732549.000000000407E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
407E000
|
| Size: |
8192
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1669862103.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1332093749.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
11A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1639317268.00000000011A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11A0000
|
| Size: |
53248
|
|
|
2E20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2547903116.0000000002E20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E20000
|
| Size: |
16384
|
|
|
2AA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1310910876.0000000002AA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2AA0000
|
| Size: |
53248
|
|
|
4C70000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1326916673.0000000004C70000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C70000
|
| Size: |
4096
|
|
|
11A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1640812256.00000000011A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11A0000
|
| Size: |
53248
|
|
|
5100000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000003.1651714375.0000000005100000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5100000
|
| Size: |
4096
|
|
|
317E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368112954.000000000317E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
317E000
|
| Size: |
8192
|
|
|
44B000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.2546879269.000000000044B000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
44B000
|
| Size: |
4096
|
|
|
4C4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369264507.0000000004C4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C4F000
|
| Size: |
4096
|
|
|
4B40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2549189767.0000000004B40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B40000
|
| Size: |
4096
|
|
|
E30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405296189.0000000000E30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E30000
|
| Size: |
32768
|
|
|
2AA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1302226112.0000000002AA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2AA0000
|
| Size: |
53248
|
|
|
61FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369644498.00000000061FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
61FF000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671260278.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4B10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1326310116.0000000004B10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4B10000
|
| Size: |
53248
|
|
|
2EFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368034319.0000000002EFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2EFE000
|
| Size: |
8192
|
|
|
43AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548742727.00000000043AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
43AF000
|
| Size: |
4096
|
|
|
38D000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1366693480.000000000038D000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
38D000
|
| Size: |
36864
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670566920.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
11A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1642350265.00000000011A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11A0000
|
| Size: |
53248
|
|
|
5FF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1336965095.0000000005FF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5FF0000
|
| Size: |
8192
|
|
|
32BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368155950.00000000032BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
32BE000
|
| Size: |
8192
|
|
|
6A80000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1336853855.0000000006A80000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6A80000
|
| Size: |
4096
|
|
|
336F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548083577.000000000336F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
336F000
|
| Size: |
4096
|
|
|
F0E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1334328327.0000000000F0E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F0E000
|
| Size: |
49152
|
|
|
33BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368187347.00000000033BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
33BF000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329270489.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
3AEF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548372958.0000000003AEF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3AEF000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1654197096.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1333946091.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
367E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368301576.000000000367E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
367E000
|
| Size: |
8192
|
|
|
3C2F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548418258.0000000003C2F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C2F000
|
| Size: |
4096
|
|
|
2DCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2547848212.0000000002DCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2DCE000
|
| Size: |
8192
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1654245638.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1654295979.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
50EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2549347307.00000000050EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
50EF000
|
| Size: |
4096
|
|
|
5110000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000003.1651490756.0000000005110000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5110000
|
| Size: |
8192
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1654100365.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4DB0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1406456191.0000000004DB0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4DB0000
|
| Size: |
4096
|
|
|
371E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405822319.000000000371E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
371E000
|
| Size: |
8192
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1300574161.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
3E9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406019590.0000000003E9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3E9E000
|
| Size: |
8192
|
|
|
4BC0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1364421243.0000000004BC0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4BC0000
|
| Size: |
53248
|
|
|
5FF6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1336965095.0000000005FF6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5FF6000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329079889.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
4B00000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369204707.0000000004B00000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B00000
|
| Size: |
8192
|
|
|
5140000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.2549423929.0000000005140000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5140000
|
| Size: |
4096
|
|
|
5110000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000003.1651659318.0000000005110000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5110000
|
| Size: |
4096
|
|
|
9D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1362456241.00000000009D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9D4000
|
| Size: |
4096
|
|
|
2AA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1320661723.0000000002AA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2AA0000
|
| Size: |
53248
|
|
|
38AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548303641.00000000038AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38AE000
|
| Size: |
8192
|
|
|
9D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1366821894.00000000009D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9D4000
|
| Size: |
4096
|
|
|
309F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405647711.000000000309F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
309F000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1330275373.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
3EAF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548516954.0000000003EAF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3EAF000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1331203713.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
453F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369071563.000000000453F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
453F000
|
| Size: |
4096
|
|
|
594D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2550094490.000000000594D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
594D000
|
| Size: |
12288
|
|
|
E3A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367383889.0000000000E3A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E3A000
|
| Size: |
8192
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670589043.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
DEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367341238.0000000000DEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
DEE000
|
| Size: |
8192
|
|
|
10FD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2547485286.00000000010FD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
10FD000
|
| Size: |
12288
|
|
|
2AA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1306865669.0000000002AA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2AA0000
|
| Size: |
53248
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1330545626.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
452E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548846456.000000000452E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
452E000
|
| Size: |
8192
|
|
|
4B31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671962610.0000000004B31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B31000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329667641.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
2AA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1305856772.0000000002AA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2AA0000
|
| Size: |
53248
|
|
|
18D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000002.00000002.1404790335.000000000018D000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
18D000
|
| Size: |
4096
|
|
|
5150000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.2549452759.0000000005150000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5150000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670427207.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
6A81000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1336699495.0000000006A81000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6A81000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1333771687.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1332008770.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671424107.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1332065983.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
4B31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671682702.0000000004B31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B31000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1331380250.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
457E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369120904.000000000457E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
457E000
|
| Size: |
8192
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1331899367.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
1190000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2547536582.0000000001190000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1190000
|
| Size: |
4096
|
|
|
4B31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671835783.0000000004B31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B31000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1638571546.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
DE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2547461055.0000000000DE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DE0000
|
| Size: |
8192
|
|
|
D0C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2547407661.0000000000D0C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
D0C000
|
| Size: |
16384
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1638539228.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329252188.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
39FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368463688.00000000039FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
39FF000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329940953.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1649403932.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
9D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1366842340.00000000009D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9D4000
|
| Size: |
4096
|
|
|
3B7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368544925.0000000003B7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B7E000
|
| Size: |
8192
|
|
|
4680000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369157331.0000000004680000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4680000
|
| Size: |
45056
|
|
|
4D10000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1369484868.0000000004D10000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D10000
|
| Size: |
4096
|
|
|
4D70000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1406380011.0000000004D70000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D70000
|
| Size: |
4096
|
|
|
ED1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1337165557.0000000000ED1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
ED1000
|
| Size: |
73728
|
|
|
D6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1366611332.00000000000D6000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
D6000
|
| Size: |
16384
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1330659835.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670454412.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
376E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548231505.000000000376E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
376E000
|
| Size: |
8192
|
|
|
2AA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1304155135.0000000002AA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2AA0000
|
| Size: |
53248
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1653849760.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1669981482.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
EE7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1338372961.0000000000EE7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EE7000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1332567034.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1653869979.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
6A90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1336853855.0000000006A90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6A90000
|
| Size: |
8192
|
|
|
395F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405871427.000000000395F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
395F000
|
| Size: |
4096
|
|
|
540F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2549754881.000000000540F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
540F000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670063534.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
3B2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548395297.0000000003B2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B2E000
|
| Size: |
8192
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1333875378.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
331F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405707989.000000000331F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
331F000
|
| Size: |
4096
|
|
|
402E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548590646.000000000402E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
402E000
|
| Size: |
8192
|
|
|
380000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1366693480.0000000000380000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
380000
|
| Size: |
45056
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329435080.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
4D40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.1364894795.0000000004D40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D40000
|
| Size: |
4096
|
|
|
467F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369140737.000000000467F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
467F000
|
| Size: |
4096
|
|
|
4D10000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.1364988206.0000000004D10000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D10000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1332303686.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
4CFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406290252.0000000004CFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4CFF000
|
| Size: |
4096
|
|
|
3DAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548493840.0000000003DAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3DAE000
|
| Size: |
8192
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1330686595.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
48EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2549046731.00000000048EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
48EE000
|
| Size: |
8192
|
|
|
11A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1640058214.00000000011A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11A0000
|
| Size: |
53248
|
|
|
3DFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368639640.0000000003DFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3DFE000
|
| Size: |
8192
|
|
|
4B31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671802766.0000000004B31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B31000
|
| Size: |
4096
|
|
|
598D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2550154401.000000000598D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
598D000
|
| Size: |
12288
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1653519814.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329635758.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
30DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405662135.00000000030DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
30DE000
|
| Size: |
8192
|
|
|
E60000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405296189.0000000000E60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E60000
|
| Size: |
16384
|
|
|
4DA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1406438095.0000000004DA0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4DA0000
|
| Size: |
4096
|
|
|
13B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2547579887.00000000013B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13B0000
|
| Size: |
36864
|
|
|
49EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2549086962.00000000049EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
49EF000
|
| Size: |
4096
|
|
|
F0E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1333437175.0000000000F0E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F0E000
|
| Size: |
49152
|
|
|
E90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367494573.0000000000E90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E90000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1654477489.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
5110000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000003.1651577184.0000000005110000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5110000
|
| Size: |
4096
|
|
|
42BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368944831.00000000042BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
42BF000
|
| Size: |
4096
|
|
|
9A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405200271.00000000009A0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9A0000
|
| Size: |
4096
|
|
|
530E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2549715203.000000000530E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
530E000
|
| Size: |
8192
|
|
|
4720000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1359230744.0000000004720000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4720000
|
| Size: |
53248
|
|
|
3A3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368489991.0000000003A3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A3E000
|
| Size: |
8192
|
|
|
9D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1343645385.00000000009D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9D4000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1638499053.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4BC0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1363542561.0000000004BC0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4BC0000
|
| Size: |
53248
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1653735982.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1333329396.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671443508.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671054392.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
2E5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405597202.0000000002E5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E5E000
|
| Size: |
8192
|
|
|
EE5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1333268759.0000000000EE5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EE5000
|
| Size: |
81920
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1331655467.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
2A4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367802454.0000000002A4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2A4E000
|
| Size: |
8192
|
|
|
E90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1338538324.0000000000E90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E90000
|
| Size: |
114688
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671160011.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1331029276.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
403F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368708256.000000000403F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
403F000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1653490207.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1332366759.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
E3E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367383889.0000000000E3E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E3E000
|
| Size: |
274432
|
|
|
4DE0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1406541453.0000000004DE0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4DE0000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1322620921.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
39EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548350066.00000000039EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
39EE000
|
| Size: |
8192
|
|
|
3F9F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406035228.0000000003F9F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F9F000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1332336517.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
327F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368136842.000000000327F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
327F000
|
| Size: |
4096
|
|
|
430000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.2546879269.0000000000430000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
430000
|
| Size: |
45056
|
|
|
186000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.2546784713.0000000000186000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
186000
|
| Size: |
16384
|
|
|
449F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406165863.000000000449F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
449F000
|
| Size: |
4096
|
|
|
4B4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369240604.0000000004B4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4B4E000
|
| Size: |
8192
|
|
|
5170000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.2549508532.0000000005170000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5170000
|
| Size: |
4096
|
|
|
EB7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367578539.0000000000EB7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EB7000
|
| Size: |
90112
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671016343.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671392021.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4D30000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.1364970570.0000000004D30000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D30000
|
| Size: |
4096
|
|
|
5130000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.2549396725.0000000005130000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5130000
|
| Size: |
4096
|
|
|
2B9F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405516030.0000000002B9F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2B9F000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1326847048.0000000004C90000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C90000
|
| Size: |
4096
|
|
|
3CBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368594211.0000000003CBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3CBE000
|
| Size: |
8192
|
|
|
302F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2547993748.000000000302F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
302F000
|
| Size: |
4096
|
|
|
313F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368094827.000000000313F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
313F000
|
| Size: |
4096
|
|
|
31D000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1404808165.000000000031D000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
31D000
|
| Size: |
917504
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670687717.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4D90000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1406419990.0000000004D90000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D90000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1332194085.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
3F3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368681778.0000000003F3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F3E000
|
| Size: |
8192
|
|
|
466E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548912657.000000000466E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
466E000
|
| Size: |
8192
|
|
|
43EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548779127.00000000043EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
43EE000
|
| Size: |
8192
|
|
|
4D40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1369564943.0000000004D40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D40000
|
| Size: |
4096
|
|
|
3EEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548540902.0000000003EEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3EEE000
|
| Size: |
8192
|
|
|
2CDF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405548472.0000000002CDF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2CDF000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1326686210.0000000004C90000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C90000
|
| Size: |
4096
|
|
|
36DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405803966.00000000036DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
36DF000
|
| Size: |
4096
|
|
|
EF9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1333437175.0000000000EF9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EF9000
|
| Size: |
81920
|
|
|
4C60000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1326970154.0000000004C60000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C60000
|
| Size: |
4096
|
|
|
18D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000004.00000000.1633484005.000000000018D000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
18D000
|
| Size: |
4096
|
|
|
EAC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1337165557.0000000000EAC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EAC000
|
| Size: |
135168
|
|
|
4D20000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1369523848.0000000004D20000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D20000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670710184.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1331783163.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
39C000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000000.00000002.1367013065.000000000039C000.00000080.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
39C000
|
| Size: |
1740800
|
|
|
401000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1404808165.0000000000401000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
401000
|
| Size: |
122880
|
|
|
186000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1404730008.0000000000186000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
186000
|
| Size: |
16384
|
|
|
326E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548058463.000000000326E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
8192
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1322589065.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671094853.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
13A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1651166618.00000000013A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
13A0000
|
| Size: |
53248
|
|
|
8020000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369911554.0000000008020000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8020000
|
| Size: |
126976
|
|
|
471F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406234909.000000000471F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
471F000
|
| Size: |
4096
|
|
|
381F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405838663.000000000381F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
381F000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329099784.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1300593321.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1330730519.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
5110000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000003.1651676441.0000000005110000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5110000
|
| Size: |
4096
|
|
|
D50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367289618.0000000000D50000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D50000
|
| Size: |
16384
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670525844.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
11A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1649249784.00000000011A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11A0000
|
| Size: |
53248
|
|
|
9D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1343484698.00000000009D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9D4000
|
| Size: |
4096
|
|
|
33FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368205513.00000000033FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
33FE000
|
| Size: |
8192
|
|
|
2CBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367959824.0000000002CBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2CBF000
|
| Size: |
4096
|
|
|
345F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405738587.000000000345F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
345F000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1331721096.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
5B2D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2550256240.0000000005B2D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5B2D000
|
| Size: |
12288
|
|
|
44C000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000004.00000002.2547200217.000000000044C000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
44C000
|
| Size: |
1740800
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1332166746.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1332762069.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1649372802.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1330140778.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
51A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.2549588014.00000000051A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51A0000
|
| Size: |
4096
|
|
|
44B000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000004.00000000.1633506981.000000000044B000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
44B000
|
| Size: |
1761280
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329018693.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329653594.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
38BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368409364.00000000038BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38BF000
|
| Size: |
4096
|
|
|
4B31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671773676.0000000004B31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B31000
|
| Size: |
4096
|
|
|
EFF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1337997320.0000000000EFF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EFF000
|
| Size: |
131072
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329915885.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
353E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368252539.000000000353E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
353E000
|
| Size: |
8192
|
|
|
5F9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369602784.0000000005F9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5F9E000
|
| Size: |
8192
|
|
|
4B31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671576177.0000000004B31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B31000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1638556343.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671204651.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
2F9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405630671.0000000002F9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2F9E000
|
| Size: |
8192
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329318912.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1330034216.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
8192
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1300512095.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670001588.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4F70000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1643914968.0000000004F70000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4F70000
|
| Size: |
163840
|
|
|
4B31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671866596.0000000004B31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B31000
|
| Size: |
4096
|
|
|
9D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1362515064.00000000009D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9D4000
|
| Size: |
4096
|
|
|
2E1F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405581487.0000000002E1F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E1F000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1653795106.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
547000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000000.00000002.1367152514.0000000000547000.00000080.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
547000
|
| Size: |
8192
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1334172991.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
4720000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1360776931.0000000004720000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4720000
|
| Size: |
53248
|
|
|
4D40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.1364932745.0000000004D40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D40000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1322523205.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
120000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.1337154775.0000000000120000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
120000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1649440382.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1332865181.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
EED000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1337997320.0000000000EED000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EED000
|
| Size: |
69632
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329990429.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
9D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1343536097.00000000009D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9D4000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1332698687.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1332653048.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
303E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368075058.000000000303E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
303E000
|
| Size: |
8192
|
|
|
4B31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1649337628.0000000004B31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B31000
|
| Size: |
221184
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329715279.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
E0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405264986.0000000000E0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E0E000
|
| Size: |
8192
|
|
|
D3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367265780.0000000000D3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
D3E000
|
| Size: |
8192
|
|
|
4A2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2549122752.0000000004A2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A2E000
|
| Size: |
8192
|
|
|
ED1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367578539.0000000000ED1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
ED1000
|
| Size: |
73728
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1669930422.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
B8A000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367195685.0000000000B8A000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B8A000
|
| Size: |
24576
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670806908.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1331061590.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
4D30000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1369546553.0000000004D30000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D30000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1322497775.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
EE5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367633541.0000000000EE5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EE5000
|
| Size: |
8192
|
|
|
2AA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1310017568.0000000002AA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2AA0000
|
| Size: |
53248
|
|
|
3C6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548445060.0000000003C6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C6E000
|
| Size: |
8192
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329732608.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
363F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368274748.000000000363F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
363F000
|
| Size: |
4096
|
|
|
18D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000004.00000002.2546853285.000000000018D000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
18D000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1331608081.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1638449263.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4B31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1672018048.0000000004B31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B31000
|
| Size: |
4096
|
|
|
321E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405692516.000000000321E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
321E000
|
| Size: |
8192
|
|
|
5F5000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1405153956.00000000005F5000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
5F5000
|
| Size: |
8192
|
|
|
120000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1404708510.0000000000120000.00000004.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
120000
|
| Size: |
4096
|
|
|
3BDF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405934623.0000000003BDF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3BDF000
|
| Size: |
4096
|
|
|
18F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.2546879269.000000000018F000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
18F000
|
| Size: |
1622016
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1331353726.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1326769537.0000000004C90000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C90000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1654318451.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
9D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1362537149.00000000009D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9D4000
|
| Size: |
4096
|
|
|
5A8C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2550194708.0000000005A8C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5A8C000
|
| Size: |
16384
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1334203629.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329180820.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
3A9F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405902987.0000000003A9F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A9F000
|
| Size: |
4096
|
|
|
140D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2547579887.000000000140D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
140D000
|
| Size: |
4096
|
|
|
34AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548123235.00000000034AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34AF000
|
| Size: |
4096
|
|
|
4B10000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1325403693.0000000004B10000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4B10000
|
| Size: |
53248
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1322668292.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329213881.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
386F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548282816.000000000386F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
386F000
|
| Size: |
4096
|
|
|
2AB7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367876626.0000000002AB7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2AB7000
|
| Size: |
32768
|
|
|
2AA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1304973113.0000000002AA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2AA0000
|
| Size: |
53248
|
|
|
4B31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671934450.0000000004B31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B31000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1332731490.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
421F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406100869.000000000421F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
421F000
|
| Size: |
4096
|
|
|
31DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405678062.00000000031DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
31DF000
|
| Size: |
4096
|
|
|
9D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1343665232.00000000009D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9D4000
|
| Size: |
4096
|
|
|
13BB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2547579887.00000000013BB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
13BB000
|
| Size: |
221184
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329583781.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1654424797.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329116079.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
4D60000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1406323834.0000000004D60000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D60000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671224745.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1328953656.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329054905.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
11A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1647743891.00000000011A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11A0000
|
| Size: |
53248
|
|
|
4B75000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1326413160.0000000004B75000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4B75000
|
| Size: |
12288
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670494416.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329965938.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
2BBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367930600.0000000002BBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2BBF000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329287940.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670783222.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
2E10000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000003.1651731234.0000000002E10000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
2E10000
|
| Size: |
4096
|
|
|
9B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405215070.00000000009B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9B0000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1653689700.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1330631872.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1654126260.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
3D6F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548472620.0000000003D6F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3D6F000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670019669.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
118E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2547516842.000000000118E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
118E000
|
| Size: |
8192
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1300550289.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
2E27000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2547903116.0000000002E27000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E27000
|
| Size: |
12288
|
|
|
4FEB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2549314396.0000000004FEB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4FEB000
|
| Size: |
20480
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329419798.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
4CE0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1369417240.0000000004CE0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CE0000
|
| Size: |
4096
|
|
|
51B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.2549618839.00000000051B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
51B0000
|
| Size: |
4096
|
|
|
687B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369815712.000000000687B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
687B000
|
| Size: |
20480
|
|
|
143A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2547579887.000000000143A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
143A000
|
| Size: |
12288
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
4BFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406273136.0000000004BFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4BFE000
|
| Size: |
8192
|
|
|
412F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548623336.000000000412F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
412F000
|
| Size: |
4096
|
|
|
4D50000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1406306117.0000000004D50000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D50000
|
| Size: |
4096
|
|
|
44DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406183019.00000000044DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
44DE000
|
| Size: |
8192
|
|
|
11A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1641629060.00000000011A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11A0000
|
| Size: |
53248
|
|
|
57DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2549974827.00000000057DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
57DF000
|
| Size: |
4096
|
|
|
4B31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671717160.0000000004B31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B31000
|
| Size: |
4096
|
|
|
430000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1404808165.0000000000430000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
430000
|
| Size: |
45056
|
|
|
EE4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1337165557.0000000000EE4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EE4000
|
| Size: |
16384
|
|
|
116F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405407376.000000000116F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
116F000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671074951.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4720000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1358034596.0000000004720000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4720000
|
| Size: |
53248
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670043735.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
64AB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369735708.00000000064AB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
64AB000
|
| Size: |
20480
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1654268822.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4B04000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369204707.0000000004B04000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B04000
|
| Size: |
12288
|
|
|
4731000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1343433035.0000000004731000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4731000
|
| Size: |
49152
|
|
|
322F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548035631.000000000322F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
322F000
|
| Size: |
4096
|
|
|
142A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2547579887.000000000142A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
142A000
|
| Size: |
36864
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670731111.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
294E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405425566.000000000294E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
294E000
|
| Size: |
8192
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1649422246.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671371335.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
CD0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367243495.0000000000CD0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
CD0000
|
| Size: |
8192
|
|
|
351000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1366693480.0000000000351000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
351000
|
| Size: |
122880
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1331228276.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
112E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367736156.000000000112E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
112E000
|
| Size: |
8192
|
|
|
401000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.2546879269.0000000000401000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
401000
|
| Size: |
122880
|
|
|
2E2C000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2547903116.0000000002E2C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2E2C000
|
| Size: |
8192
|
|
|
3ADE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405917883.0000000003ADE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3ADE000
|
| Size: |
8192
|
|
|
372F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548212513.000000000372F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
372F000
|
| Size: |
4096
|
|
|
44B000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1404808165.000000000044B000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
44B000
|
| Size: |
4096
|
|
|
4731000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1366780844.0000000004731000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4731000
|
| Size: |
49152
|
|
|
33AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548103034.00000000033AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
33AE000
|
| Size: |
8192
|
|
|
102F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405374315.000000000102F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
102F000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1330172681.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
70000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.1294487363.0000000000070000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
70000
|
| Size: |
4096
|
|
|
2A8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405459717.0000000002A8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2A8E000
|
| Size: |
8192
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1330996229.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
EE4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1337997320.0000000000EE4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EE4000
|
| Size: |
16384
|
|
|
50F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000003.1651698351.00000000050F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
50F0000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1653827480.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
335E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405723524.000000000335E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
335E000
|
| Size: |
8192
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1653655701.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
18F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1404808165.000000000018F000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
18F000
|
| Size: |
1622016
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1321658885.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
233472
|
|
|
2A90000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405479305.0000000002A90000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2A90000
|
| Size: |
16384
|
|
|
43FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369018766.00000000043FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
43FF000
|
| Size: |
4096
|
|
|
4B31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671988761.0000000004B31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B31000
|
| Size: |
4096
|
|
|
57F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2550003582.00000000057F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
57F0000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1653905499.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1669887068.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670406848.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329819485.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1331272070.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1331297763.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
9D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405231410.00000000009D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9D0000
|
| Size: |
16384
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329401499.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
11A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1645593017.00000000011A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11A0000
|
| Size: |
53248
|
|
|
F11000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1333526182.0000000000F11000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F11000
|
| Size: |
36864
|
|
|
E3E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405296189.0000000000E3E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E3E000
|
| Size: |
135168
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1333106291.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
9D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1343626368.00000000009D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9D4000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1330600467.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671307803.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1326812209.0000000004C90000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C90000
|
| Size: |
4096
|
|
|
3C7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368572565.0000000003C7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C7F000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1649459888.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
461E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406217842.000000000461E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
461E000
|
| Size: |
8192
|
|
|
3D5D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405983854.0000000003D5D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3D5D000
|
| Size: |
12288
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670608196.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1653540211.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
643F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369700085.000000000643F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
643F000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1332139696.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1300455758.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
5C2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2550294952.0000000005C2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5C2E000
|
| Size: |
8192
|
|
|
4720000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1346070277.0000000004720000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4720000
|
| Size: |
53248
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671353191.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1653614723.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
E2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367363792.0000000000E2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
E2E000
|
| Size: |
8192
|
|
|
4D40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.1364749424.0000000004D40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D40000
|
| Size: |
8192
|
|
|
EED000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367655242.0000000000EED000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EED000
|
| Size: |
69632
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1331458915.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671330562.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
106E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405390552.000000000106E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
106E000
|
| Size: |
8192
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670381163.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
DD000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000000.00000000.1294570099.00000000000DD000.00000008.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
DD000
|
| Size: |
4096
|
|
|
568F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2549918264.000000000568F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
568F000
|
| Size: |
4096
|
|
|
2A8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367830472.0000000002A8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2A8E000
|
| Size: |
8192
|
|
|
4B31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1638424473.0000000004B31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B31000
|
| Size: |
49152
|
|
|
9D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1362473807.00000000009D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9D4000
|
| Size: |
4096
|
|
|
4720000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1348836480.0000000004720000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4720000
|
| Size: |
53248
|
|
|
3FEF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548566066.0000000003FEF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3FEF000
|
| Size: |
4096
|
|
|
34EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548145874.00000000034EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34EE000
|
| Size: |
8192
|
|
|
5F7000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000002.00000002.1405169240.00000000005F7000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
5F7000
|
| Size: |
8192
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1330507576.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
A8B000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367170659.0000000000A8B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A8B000
|
| Size: |
20480
|
|
|
E30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367383889.0000000000E30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E30000
|
| Size: |
36864
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1332495186.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1653779072.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
EFF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1337053171.0000000000EFF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EFF000
|
| Size: |
131072
|
|
|
43D000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.2546879269.000000000043D000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
43D000
|
| Size: |
36864
|
|
|
4CA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1369307549.0000000004CA0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CA0000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1654341142.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
D9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1367317951.0000000000D9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
D9E000
|
| Size: |
8192
|
|
|
5FDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369621940.0000000005FDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
5FDE000
|
| Size: |
8192
|
|
|
11A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1643841436.00000000011A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
11A0000
|
| Size: |
53248
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1331925675.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329619361.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
4D40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.1364834997.0000000004D40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D40000
|
| Size: |
4096
|
|
|
4B31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671747601.0000000004B31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B31000
|
| Size: |
4096
|
|
|
DF000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1366693480.00000000000DF000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
DF000
|
| Size: |
1622016
|
|
|
42FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1368976604.00000000042FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
42FE000
|
| Size: |
8192
|
|
|
3C1E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405951490.0000000003C1E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C1E000
|
| Size: |
8192
|
|
|
9D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1343578759.00000000009D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9D4000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1653810656.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
9D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1362491689.00000000009D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
9D4000
|
| Size: |
4096
|
|
|
4D40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.1364875905.0000000004D40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D40000
|
| Size: |
4096
|
|
|
F0E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1333202388.0000000000F0E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
F0E000
|
| Size: |
8192
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1654593717.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4720000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1347618351.0000000004720000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4720000
|
| Size: |
53248
|
|
|
5120000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.2549371312.0000000005120000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5120000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1330212564.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
4720000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1356413472.0000000004720000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4720000
|
| Size: |
53248
|
|
|
5190000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.2549563611.0000000005190000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5190000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1300612552.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
5110000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000003.1651542468.0000000005110000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5110000
|
| Size: |
4096
|
|
|
544E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2549792479.000000000544E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
544E000
|
| Size: |
8192
|
|
|
62FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369661174.00000000062FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
62FF000
|
| Size: |
4096
|
|
|
4D80000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.1406400966.0000000004D80000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D80000
|
| Size: |
4096
|
|
|
EF7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1333592076.0000000000EF7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
EF7000
|
| Size: |
8192
|
|
|
554F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2549829993.000000000554F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
554F000
|
| Size: |
4096
|
|
|
D54000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1300532314.0000000000D54000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D54000
|
| Size: |
4096
|
|
|
4B31000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671903164.0000000004B31000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4B31000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1654452447.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1671140349.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1329884118.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
4731000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1362423431.0000000004731000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4731000
|
| Size: |
233472
|
|
|
4C90000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.1326713687.0000000004C90000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C90000
|
| Size: |
4096
|
|
|
462F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548878763.000000000462F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
462F000
|
| Size: |
4096
|
|
|
545000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1367132418.0000000000545000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
545000
|
| Size: |
8192
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1333911626.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
39B000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000000.00000000.1294592188.000000000039B000.00000080.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
39B000
|
| Size: |
1761280
|
|
|
44EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548815847.00000000044EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
44EF000
|
| Size: |
4096
|
|
|
35DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405786471.00000000035DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
35DE000
|
| Size: |
8192
|
|
|
4720000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1361524312.0000000004720000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4720000
|
| Size: |
53248
|
|
|
120000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2546756150.0000000000120000.00000004.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
120000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1638591437.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
120000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000004.00000000.1633395764.0000000000120000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
120000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670547998.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1653592651.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
4730000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1406252293.0000000004730000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4730000
|
| Size: |
4096
|
|
|
312F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2548016073.000000000312F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
312F000
|
| Size: |
4096
|
|
|
4720000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.1344607674.0000000004720000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4720000
|
| Size: |
53248
|
|
|
4681000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.1333695416.0000000004681000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4681000
|
| Size: |
4096
|
|
|
4CD0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.1369379054.0000000004CD0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CD0000
|
| Size: |
4096
|
|
|
31D000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.2546879269.000000000031D000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
31D000
|
| Size: |
917504
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1670887746.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
66EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.1369793688.00000000066EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
66EE000
|
| Size: |
8192
|
|
|
11C4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000004.00000003.1669957051.00000000011C4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11C4000
|
| Size: |
4096
|
|
|
5180000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.2549537601.0000000005180000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5180000
|
| Size: |
4096
|
|
|
CFD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.1405249140.0000000000CFD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
CFD000
|
| Size: |
12288
|
|
|
48AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000004.00000002.2549012519.00000000048AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
48AF000
|
| Size: |
4096
|
|
|
5F5000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000004.00000002.2547347497.00000000005F5000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
4
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
5F5000
|
| Size: |
8192
|
|
