|
B91000
|
unkown
|
page execute and read and write
|
 |
|
|
| Name: |
00000003.00000002.975223437.0000000000B91000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B91000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Found malware configuration |
AV Detection |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
| Sample uses string decryption to hide its real strings |
AV Detection |
|
|
|
B91000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.965069438.0000000000B91000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B91000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
5190000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.934824587.0000000005190000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5190000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
2A1000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.924500851.00000000002A1000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
2A1000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
5380000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.924592214.0000000005380000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5380000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
B91000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.2096872355.0000000000B91000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
B91000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
4BF0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1331078876.0000000004BF0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4BF0000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
4AA0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.883491473.0000000004AA0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4AA0000
|
| Size: |
409600
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| Yara detected Amadeys Clipper DLL |
Stealing of Sensitive Information |
|
| Contains functionality to start a terminal service |
Remote Access Functionality |
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887065043.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
28F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1320875772.00000000028F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
28F0000
|
| Size: |
53248
|
|
|
4F6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2101225776.0000000004F6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4F6E000
|
| Size: |
8192
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886478467.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
D82000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.965140204.0000000000D82000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
D82000
|
| Size: |
892928
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
311E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926662920.000000000311E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
311E000
|
| Size: |
8192
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888568207.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887952744.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
5330000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.913393301.0000000005330000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5330000
|
| Size: |
176128
|
|
|
54E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.925660928.00000000054E0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
54E0000
|
| Size: |
4096
|
|
|
4DC0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.2100888210.0000000004DC0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4DC0000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1334405328.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889097847.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
3030000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.934724129.0000000003030000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3030000
|
| Size: |
53248
|
|
|
54F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.925685622.00000000054F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
54F0000
|
| Size: |
4096
|
|
|
4631000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927234109.0000000004631000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4631000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.885773054.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
752000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.925982485.0000000000752000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
752000
|
| Size: |
8192
|
|
|
5FE0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.893896490.0000000005FE0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5FE0000
|
| Size: |
8192
|
|
|
1520000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965523458.0000000001520000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1520000
|
| Size: |
4096
|
|
|
B60000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2096683627.0000000000B60000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B60000
|
| Size: |
4096
|
|
|
15D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.918680077.00000000015D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15D4000
|
| Size: |
4096
|
|
|
2BDF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926527507.0000000002BDF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2BDF000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1358937588.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
36CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976178171.00000000036CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
36CE000
|
| Size: |
8192
|
|
|
E10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.893960813.0000000000E10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E10000
|
| Size: |
143360
|
|
|
11FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.975750982.00000000011FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
11FE000
|
| Size: |
8192
|
|
|
15D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.918592733.00000000015D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15D4000
|
| Size: |
4096
|
|
|
29A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.870249718.00000000029A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
29A0000
|
| Size: |
53248
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886132623.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1358084395.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.874200506.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887104544.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4C3F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.967374883.0000000004C3F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C3F000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1358372934.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
295E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926456271.000000000295E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
295E000
|
| Size: |
8192
|
|
|
28F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1317596294.00000000028F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
28F0000
|
| Size: |
53248
|
|
|
5570000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.969502305.0000000005570000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5570000
|
| Size: |
4096
|
|
|
473F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.966308033.000000000473F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
473F000
|
| Size: |
4096
|
|
|
387E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965886881.000000000387E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
387E000
|
| Size: |
8192
|
|
|
5A6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.924972432.00000000005A6000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
5A6000
|
| Size: |
36864
|
|
|
3F4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976434980.0000000003F4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F4F000
|
| Size: |
4096
|
|
|
333F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965765647.000000000333F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
333F000
|
| Size: |
4096
|
|
|
D4A000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926183604.0000000000D4A000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D4A000
|
| Size: |
8192
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887760267.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
3AFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965944359.0000000003AFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3AFE000
|
| Size: |
8192
|
|
|
EA4000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.975295753.0000000000EA4000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
EA4000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1358484296.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1334092701.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
E96000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.975295753.0000000000E96000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
E96000
|
| Size: |
36864
|
|
|
EA4000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000003.00000000.913207779.0000000000EA4000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
EA4000
|
| Size: |
1703936
|
|
|
28F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1328659121.00000000028F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
28F0000
|
| Size: |
53248
|
|
|
2C2F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2098524641.0000000002C2F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2C2F000
|
| Size: |
4096
|
|
|
5380000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.977068417.0000000005380000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5380000
|
| Size: |
4096
|
|
|
62AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927665853.00000000062AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
62AE000
|
| Size: |
8192
|
|
|
7F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2096062089.00000000007F0000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7F0000
|
| Size: |
4096
|
|
|
E10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.894328413.0000000000E10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E10000
|
| Size: |
143360
|
|
|
BF6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.965069438.0000000000BF6000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
BF6000
|
| Size: |
16384
|
|
|
4EE0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.917391440.0000000004EE0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4EE0000
|
| Size: |
53248
|
|
|
4B05000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.883491473.0000000004B05000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4B05000
|
| Size: |
12288
|
|
|
3EDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927016446.0000000003EDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3EDE000
|
| Size: |
8192
|
|
|
EA4000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
0000000C.00000000.1307844427.0000000000EA4000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
EA4000
|
| Size: |
1703936
|
|
|
11A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.975734840.00000000011A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
11A0000
|
| Size: |
4096
|
|
|
D82000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.2097126875.0000000000D82000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
D82000
|
| Size: |
892928
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the Windows Explorer process (often used for injection) |
HIPS / PFW / Operating System Protection Evasion |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
4C40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.927325504.0000000004C40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C40000
|
| Size: |
4096
|
|
|
28F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1318497198.00000000028F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
28F0000
|
| Size: |
53248
|
|
|
E10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.894513772.0000000000E10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E10000
|
| Size: |
143360
|
|
|
3B1E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926921303.0000000003B1E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B1E000
|
| Size: |
8192
|
|
|
F3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926396415.0000000000F3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
F3E000
|
| Size: |
8192
|
|
|
4EE0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.918427754.0000000004EE0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4EE0000
|
| Size: |
53248
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886332439.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888341508.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4C0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976856573.0000000004C0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C0E000
|
| Size: |
8192
|
|
|
36FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965843211.00000000036FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
36FF000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1357246066.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886983220.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
D20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926130258.0000000000D20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D20000
|
| Size: |
4096
|
|
|
4DE0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.2100960678.0000000004DE0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4DE0000
|
| Size: |
4096
|
|
|
5300000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000003.935287911.0000000005300000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5300000
|
| Size: |
4096
|
|
|
498E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976772356.000000000498E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
498E000
|
| Size: |
8192
|
|
|
E1D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889986067.0000000000E1D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E1D000
|
| Size: |
49152
|
|
|
5360000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.977032171.0000000005360000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5360000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1359222982.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4BF0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.883892530.0000000004BF0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4BF0000
|
| Size: |
4096
|
|
|
4EF1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.927555568.0000000004EF1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4EF1000
|
| Size: |
49152
|
|
|
4EE0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.901318678.0000000004EE0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4EE0000
|
| Size: |
53248
|
|
|
5150000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.925840647.0000000005150000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
5150000
|
| Size: |
176128
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886877739.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
2D1F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926561863.0000000002D1F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D1F000
|
| Size: |
4096
|
|
|
372F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2099238530.000000000372F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
372F000
|
| Size: |
4096
|
|
|
4C10000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.883842903.0000000004C10000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C10000
|
| Size: |
4096
|
|
|
5300000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000003.935248845.0000000005300000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5300000
|
| Size: |
4096
|
|
|
439F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927122102.000000000439F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
439F000
|
| Size: |
4096
|
|
|
67CB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927777299.00000000067CB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
67CB000
|
| Size: |
20480
|
|
|
4EF1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.927600140.0000000004EF1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4EF1000
|
| Size: |
4096
|
|
|
4BB0000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1321858363.0000000004BB0000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4BB0000
|
| Size: |
180224
|
|
|
299E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926469678.000000000299E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
299E000
|
| Size: |
8192
|
|
|
51EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2101421492.00000000051EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
51EE000
|
| Size: |
8192
|
|
|
1042000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.965465157.0000000001042000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
1042000
|
| Size: |
8192
|
|
|
602E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927485829.000000000602E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
602E000
|
| Size: |
8192
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888143978.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
2FAF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2098684124.0000000002FAF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2FAF000
|
| Size: |
4096
|
|
|
B70000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2096741410.0000000000B70000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B70000
|
| Size: |
4096
|
|
|
3B8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976321611.0000000003B8F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B8F000
|
| Size: |
4096
|
|
|
15D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.975843598.00000000015D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15D0000
|
| Size: |
16384
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1358986737.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887984514.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
35EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2099109617.00000000035EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
35EF000
|
| Size: |
4096
|
|
|
4BDF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927285402.0000000004BDF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4BDF000
|
| Size: |
4096
|
|
|
3030000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.933604608.0000000003030000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
3030000
|
| Size: |
53248
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889862631.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
7EB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927833749.0000000007EB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7EB0000
|
| Size: |
16384
|
|
|
576D000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2101885889.000000000576D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
576D000
|
| Size: |
12288
|
|
|
28F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1316795091.00000000028F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
28F0000
|
| Size: |
53248
|
|
|
29D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926484665.00000000029D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29D0000
|
| Size: |
20480
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888500154.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.885965448.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
306000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.924500851.0000000000306000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
306000
|
| Size: |
16384
|
|
|
BFD000
|
unkown
|
page write copy
|
|
|
|
| Name: |
0000000C.00000002.2097070516.0000000000BFD000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
BFD000
|
| Size: |
4096
|
|
|
BF6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.975223437.0000000000BF6000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
BF6000
|
| Size: |
16384
|
|
|
BFD000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000002.00000000.893968368.0000000000BFD000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
BFD000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886062834.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4A60000
|
trusted library allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.865653562.0000000004A60000.00000004.00000800.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
trusted library allocation
|
| Protect: |
page read and write
|
| Base address: |
4A60000
|
| Size: |
176128
|
|
|
6B10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.893870522.0000000006B10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B10000
|
| Size: |
4096
|
|
|
1780000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.920613045.0000000001780000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1780000
|
| Size: |
53248
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1358267070.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1333575392.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
52E0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000003.935307501.00000000052E0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52E0000
|
| Size: |
4096
|
|
|
487F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.966943416.000000000487F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
487F000
|
| Size: |
4096
|
|
|
477E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.966320993.000000000477E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
477E000
|
| Size: |
8192
|
|
|
29A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.863206797.00000000029A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
29A0000
|
| Size: |
53248
|
|
|
34AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2098995715.00000000034AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34AF000
|
| Size: |
4096
|
|
|
4C10000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.883743524.0000000004C10000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C10000
|
| Size: |
4096
|
|
|
312E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2098779164.000000000312E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
312E000
|
| Size: |
8192
|
|
|
B90000
|
unkown
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2096806839.0000000000B90000.00000004.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B90000
|
| Size: |
4096
|
|
|
358E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976137673.000000000358E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
358E000
|
| Size: |
8192
|
|
|
4ADE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927268849.0000000004ADE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4ADE000
|
| Size: |
8192
|
|
|
28F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1327673155.00000000028F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
28F0000
|
| Size: |
53248
|
|
|
5300000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000003.935269574.0000000005300000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5300000
|
| Size: |
4096
|
|
|
3E4E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976415286.0000000003E4E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3E4E000
|
| Size: |
8192
|
|
|
29A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.864744245.00000000029A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
29A0000
|
| Size: |
53248
|
|
|
E60000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.2097126875.0000000000E60000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
E60000
|
| Size: |
114688
|
|
|
697E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927794232.000000000697E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
697E000
|
| Size: |
8192
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888819416.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1358137775.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4C20000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.927299356.0000000004C20000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C20000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886394422.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
2A1000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000000.00000000.854734728.00000000002A1000.00000080.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
2A1000
|
| Size: |
188416
|
|
|
4CC0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.927443378.0000000004CC0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CC0000
|
| Size: |
4096
|
|
|
3B2E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2099671837.0000000003B2E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3B2E000
|
| Size: |
8192
|
|
|
916000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2096177907.0000000000916000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
916000
|
| Size: |
4096
|
|
|
1780000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.919643511.0000000001780000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1780000
|
| Size: |
53248
|
|
|
6B20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.893870522.0000000006B20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B20000
|
| Size: |
8192
|
|
|
BFF000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.965140204.0000000000BFF000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
BFF000
|
| Size: |
1576960
|
|
|
54BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.968652587.00000000054BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
54BF000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1358397570.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
BFD000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000002.00000002.965126690.0000000000BFD000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
BFD000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1357970251.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889810547.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
DDB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.894819061.0000000000DDB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DDB000
|
| Size: |
4096
|
|
|
349F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926738007.000000000349F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
349F000
|
| Size: |
4096
|
|
|
890000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2096177907.0000000000890000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
890000
|
| Size: |
36864
|
|
|
4EE0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.913147717.0000000004EE0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4EE0000
|
| Size: |
53248
|
|
|
E03000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889561241.0000000000E03000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E03000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1357531979.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
44FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.966238623.00000000044FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
44FE000
|
| Size: |
8192
|
|
|
1780000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.928523271.0000000001780000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1780000
|
| Size: |
53248
|
|
|
3AEF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2099621922.0000000003AEF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3AEF000
|
| Size: |
4096
|
|
|
427E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.966181490.000000000427E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
427E000
|
| Size: |
8192
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1334833086.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
1780000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.926772661.0000000001780000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1780000
|
| Size: |
53248
|
|
|
55C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.969582415.00000000055C0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
55C0000
|
| Size: |
4096
|
|
|
3D7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.966008225.0000000003D7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3D7E000
|
| Size: |
8192
|
|
|
5500000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.925057815.0000000005500000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5500000
|
| Size: |
4096
|
|
|
E20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889548650.0000000000E20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E20000
|
| Size: |
36864
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1358561506.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
D10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926117531.0000000000D10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D10000
|
| Size: |
4096
|
|
|
4C60000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.927355331.0000000004C60000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C60000
|
| Size: |
4096
|
|
|
8D9000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2096177907.00000000008D9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8D9000
|
| Size: |
86016
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
| URLs found in memory or binary data |
Networking |
|
|
|
46CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976656185.00000000046CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
46CF000
|
| Size: |
4096
|
|
|
286E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2098293071.000000000286E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
286E000
|
| Size: |
8192
|
|
|
4D11000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.932166454.0000000004D11000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D11000
|
| Size: |
241664
|
|
|
17AB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.975878002.00000000017AB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17AB000
|
| Size: |
65536
|
|
|
3F8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976452344.0000000003F8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3F8E000
|
| Size: |
8192
|
|
|
5580000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.969518245.0000000005580000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5580000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886832155.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889339818.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
DFB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.894513772.0000000000DFB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DFB000
|
| Size: |
81920
|
|
|
344F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976100294.000000000344F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
344F000
|
| Size: |
4096
|
|
|
30EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2098749948.00000000030EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
30EF000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887045530.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
D40000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926183604.0000000000D40000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D40000
|
| Size: |
36864
|
|
|
154E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.975790488.000000000154E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
154E000
|
| Size: |
8192
|
|
|
40CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976489512.00000000040CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
40CE000
|
| Size: |
8192
|
|
|
4E20000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.2101105561.0000000004E20000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4E20000
|
| Size: |
4096
|
|
|
5370000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.977045815.0000000005370000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5370000
|
| Size: |
4096
|
|
|
2910000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1330969088.0000000002910000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2910000
|
| Size: |
53248
|
|
|
908000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2096177907.0000000000908000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
908000
|
| Size: |
49152
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
54D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.925705131.00000000054D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
54D0000
|
| Size: |
4096
|
|
|
413E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.966115969.000000000413E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
413E000
|
| Size: |
8192
|
|
|
51F5000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.934824587.00000000051F5000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
51F5000
|
| Size: |
12288
|
|
|
548D000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2101566103.000000000548D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
548D000
|
| Size: |
12288
|
|
|
4D60000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1331496789.0000000004D60000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D60000
|
| Size: |
8192
|
|
|
DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926291233.0000000000DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DA1000
|
| Size: |
94208
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.874127508.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
B90000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965052111.0000000000B90000.00000004.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B90000
|
| Size: |
4096
|
|
|
EA5000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
0000000C.00000002.2097860173.0000000000EA5000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
EA5000
|
| Size: |
1691648
|
|
|
4F2B000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2101157362.0000000004F2B000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4F2B000
|
| Size: |
20480
|
|
|
103E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926413244.000000000103E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
103E000
|
| Size: |
8192
|
|
|
EA4000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.965140204.0000000000EA4000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
EA4000
|
| Size: |
4096
|
|
|
15D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.918633445.00000000015D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15D4000
|
| Size: |
4096
|
|
|
DA1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.894619786.0000000000DA1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DA1000
|
| Size: |
106496
|
|
|
3FDF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927032836.0000000003FDF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3FDF000
|
| Size: |
4096
|
|
|
7EB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.925998607.00000000007EB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
7EB000
|
| Size: |
20480
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887123854.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
D8F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926183604.0000000000D8F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D8F000
|
| Size: |
4096
|
|
|
3DAD000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2099851647.0000000003DAD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3DAD000
|
| Size: |
12288
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1333984602.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
324F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976060686.000000000324F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
324F000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886264169.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
28F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1323870362.00000000028F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
28F0000
|
| Size: |
53248
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886783153.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
52F0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000003.935341859.00000000052F0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52F0000
|
| Size: |
4096
|
|
|
B91000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000003.00000000.908816901.0000000000B91000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
B91000
|
| Size: |
188416
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1359579975.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1357672042.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4D2F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2100702242.0000000004D2F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4D2F000
|
| Size: |
4096
|
|
|
448E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976602338.000000000448E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
448E000
|
| Size: |
8192
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1335320133.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
77D000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2095866328.000000000077D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
77D000
|
| Size: |
12288
|
|
|
415E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927076840.000000000415E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
415E000
|
| Size: |
8192
|
|
|
43BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.966210282.00000000043BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
43BE000
|
| Size: |
8192
|
|
|
D85000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926183604.0000000000D85000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D85000
|
| Size: |
20480
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1359094499.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
159E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965562121.000000000159E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
159E000
|
| Size: |
8192
|
|
|
4EF0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.968047807.0000000004EF0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4EF0000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888167420.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
30F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965700960.00000000030F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
30F0000
|
| Size: |
16384
|
|
|
361E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926787301.000000000361E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
361E000
|
| Size: |
8192
|
|
|
423F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.966163754.000000000423F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
423F000
|
| Size: |
4096
|
|
|
158E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.975808426.000000000158E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
158E000
|
| Size: |
8192
|
|
|
2E6F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2098619109.0000000002E6F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E6F000
|
| Size: |
4096
|
|
|
44DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927153426.00000000044DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
44DF000
|
| Size: |
4096
|
|
|
314F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976043202.000000000314F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
314F000
|
| Size: |
4096
|
|
|
5380000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.923348038.0000000005380000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5380000
|
| Size: |
53248
|
|
|
DBB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.894163520.0000000000DBB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DBB000
|
| Size: |
135168
|
|
|
EA5000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000002.00000002.965360257.0000000000EA5000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
EA5000
|
| Size: |
1691648
|
|
|
29D7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926484665.00000000029D7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
29D7000
|
| Size: |
32768
|
|
|
49BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.967286831.00000000049BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
49BF000
|
| Size: |
4096
|
|
|
11DD000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965497448.00000000011DD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
11DD000
|
| Size: |
12288
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1357874397.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
15D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.932414817.00000000015D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15D4000
|
| Size: |
4096
|
|
|
50AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2101345515.00000000050AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
50AE000
|
| Size: |
8192
|
|
|
452E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2100378359.000000000452E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
452E000
|
| Size: |
8192
|
|
|
2920000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2098386731.0000000002920000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2920000
|
| Size: |
16384
|
|
|
2A0000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.923909444.00000000002A0000.00000004.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
2A0000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888099566.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
CA0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926073681.0000000000CA0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
CA0000
|
| Size: |
16384
|
|
|
437F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.966195746.000000000437F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
437F000
|
| Size: |
4096
|
|
|
30DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926649571.00000000030DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
30DF000
|
| Size: |
4096
|
|
|
34EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2099036152.00000000034EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34EE000
|
| Size: |
8192
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889789583.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
5540000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.969347478.0000000005540000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5540000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889319243.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1359318816.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888258139.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
429E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927107405.000000000429E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
429E000
|
| Size: |
8192
|
|
|
63FB000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927713298.00000000063FB000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
63FB000
|
| Size: |
20480
|
|
|
4EE0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.904443111.0000000004EE0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4EE0000
|
| Size: |
53248
|
|
|
16DA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965599945.00000000016DA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16DA000
|
| Size: |
8192
|
|
|
D4E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926183604.0000000000D4E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D4E000
|
| Size: |
221184
|
|
|
4790000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2100521528.0000000004790000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4790000
|
| Size: |
32768
|
|
|
30D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000000.00000002.924722272.000000000030D000.00000008.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
30D000
|
| Size: |
4096
|
|
|
E96000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.2097126875.0000000000E96000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
E96000
|
| Size: |
36864
|
|
|
3E0F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976397070.0000000003E0F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3E0F000
|
| Size: |
4096
|
|
|
4EE0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.902205482.0000000004EE0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4EE0000
|
| Size: |
53248
|
|
|
29A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.866734408.00000000029A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
29A0000
|
| Size: |
53248
|
|
|
6B1E000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.893810879.0000000006B1E000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B1E000
|
| Size: |
4096
|
|
|
4C80000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.927385413.0000000004C80000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C80000
|
| Size: |
4096
|
|
|
3BCE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976337475.0000000003BCE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3BCE000
|
| Size: |
8192
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889744378.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
5530000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.968976048.0000000005530000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5530000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1358534214.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
D82000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.975295753.0000000000D82000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
D82000
|
| Size: |
892928
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
4EE0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.906859901.0000000004EE0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4EE0000
|
| Size: |
53248
|
|
|
7C5000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2095937022.00000000007C5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7C5000
|
| Size: |
8192
|
|
|
4D60000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1331600348.0000000004D60000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D60000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1357629770.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
1770000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.975861353.0000000001770000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1770000
|
| Size: |
4096
|
|
|
E08000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889527606.0000000000E08000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E08000
|
| Size: |
135168
|
|
|
4EE0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.919484461.0000000004EE0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4EE0000
|
| Size: |
53248
|
|
|
4D60000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1331708245.0000000004D60000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D60000
|
| Size: |
4096
|
|
|
2ADF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926514489.0000000002ADF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2ADF000
|
| Size: |
4096
|
|
|
28F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1320082328.00000000028F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
28F0000
|
| Size: |
53248
|
|
|
385F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926832129.000000000385F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
385F000
|
| Size: |
4096
|
|
|
EA4000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000002.00000000.893987405.0000000000EA4000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
EA4000
|
| Size: |
1703936
|
|
|
3C6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2099771791.0000000003C6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C6E000
|
| Size: |
8192
|
|
|
4D60000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1331665812.0000000004D60000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D60000
|
| Size: |
4096
|
|
|
42AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2100207111.00000000042AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
42AE000
|
| Size: |
8192
|
|
|
B90000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000003.00000000.907306695.0000000000B90000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B90000
|
| Size: |
4096
|
|
|
3EBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.966035543.0000000003EBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3EBE000
|
| Size: |
8192
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887805553.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
52EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2101459608.00000000052EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
52EF000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1358320499.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
444F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976581191.000000000444F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
444F000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1359139987.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
2E9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926605507.0000000002E9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E9E000
|
| Size: |
8192
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888280615.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
3EAF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2099899362.0000000003EAF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3EAF000
|
| Size: |
4096
|
|
|
394E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976257503.000000000394E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
394E000
|
| Size: |
8192
|
|
|
15D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.932243278.00000000015D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15D4000
|
| Size: |
4096
|
|
|
DFA000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.893960813.0000000000DFA000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DFA000
|
| Size: |
86016
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.885632229.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
49152
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886158663.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
E1D000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889385448.0000000000E1D000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E1D000
|
| Size: |
8192
|
|
|
5B4000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.924972432.00000000005B4000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
5B4000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1358295527.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
52CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976934053.00000000052CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
52CF000
|
| Size: |
4096
|
|
|
322F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2098818474.000000000322F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
322F000
|
| Size: |
4096
|
|
|
28AC000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2098321517.00000000028AC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
28AC000
|
| Size: |
16384
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887628053.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
43EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2100292611.00000000043EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
43EE000
|
| Size: |
8192
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887651735.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4C10000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.883820944.0000000004C10000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C10000
|
| Size: |
4096
|
|
|
362E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2099166731.000000000362E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
362E000
|
| Size: |
8192
|
|
|
35BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965817780.00000000035BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
35BF000
|
| Size: |
4096
|
|
|
616E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927619033.000000000616E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
616E000
|
| Size: |
8192
|
|
|
4EE0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.921539122.0000000004EE0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4EE0000
|
| Size: |
53248
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889033719.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
5310000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.976949176.0000000005310000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5310000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889360104.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
397F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965900020.000000000397F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
397F000
|
| Size: |
4096
|
|
|
466E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2100459481.000000000466E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
466E000
|
| Size: |
8192
|
|
|
DB9000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926308786.0000000000DB9000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DB9000
|
| Size: |
8192
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886573568.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4AFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.967320788.0000000004AFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4AFF000
|
| Size: |
4096
|
|
|
5500000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.925142523.0000000005500000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5500000
|
| Size: |
4096
|
|
|
6B20000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.893810879.0000000006B20000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B20000
|
| Size: |
8192
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889767071.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888523692.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
39EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2099573589.00000000039EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
39EE000
|
| Size: |
8192
|
|
|
10DC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965483020.00000000010DC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
10DC000
|
| Size: |
16384
|
|
|
53A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.977103236.00000000053A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53A0000
|
| Size: |
4096
|
|
|
D94000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926278339.0000000000D94000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D94000
|
| Size: |
32768
|
|
|
2FEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2098718664.0000000002FEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2FEE000
|
| Size: |
8192
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1357590257.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
EA4000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.2097126875.0000000000EA4000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
EA4000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888981471.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
2E5F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926592441.0000000002E5F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2E5F000
|
| Size: |
4096
|
|
|
4EE0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.900347189.0000000004EE0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4EE0000
|
| Size: |
53248
|
|
|
4EF1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.899472008.0000000004EF1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4EF1000
|
| Size: |
49152
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889451481.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
39AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2099487054.00000000039AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
39AF000
|
| Size: |
4096
|
|
|
5350000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.977015940.0000000005350000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5350000
|
| Size: |
4096
|
|
|
1780000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.929470927.0000000001780000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1780000
|
| Size: |
53248
|
|
|
15D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.932228987.00000000015D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15D4000
|
| Size: |
4096
|
|
|
29A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.868201421.00000000029A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
29A0000
|
| Size: |
53248
|
|
|
337E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965779168.000000000337E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
337E000
|
| Size: |
8192
|
|
|
17BC000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.975878002.00000000017BC000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17BC000
|
| Size: |
61440
|
|
|
2B2F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2098492163.0000000002B2F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2B2F000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888841619.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887784826.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1359345285.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
80D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.893941646.00000000080D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
80D4000
|
| Size: |
4096
|
|
|
3C1F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926936364.0000000003C1F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C1F000
|
| Size: |
4096
|
|
|
EA5000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000003.00000002.975553830.0000000000EA5000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
EA5000
|
| Size: |
1691648
|
|
|
14FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.975767424.00000000014FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
14FF000
|
| Size: |
4096
|
|
|
80AC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927866959.00000000080AC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
80AC000
|
| Size: |
16384
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1359614774.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
5340000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.977000444.0000000005340000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5340000
|
| Size: |
4096
|
|
|
43DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927137976.00000000043DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
43DE000
|
| Size: |
8192
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1333904635.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4EF1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.921650389.0000000004EF1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4EF1000
|
| Size: |
237568
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886809568.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887216503.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4EE0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.916418325.0000000004EE0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4EE0000
|
| Size: |
53248
|
|
|
334F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976080018.000000000334F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
334F000
|
| Size: |
4096
|
|
|
34BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965805175.00000000034BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34BE000
|
| Size: |
8192
|
|
|
4C10000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.883875246.0000000004C10000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C10000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888632747.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886301887.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1328859025.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
28F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1325827572.00000000028F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
28F0000
|
| Size: |
53248
|
|
|
BFD000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000003.00000000.908901752.0000000000BFD000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
BFD000
|
| Size: |
4096
|
|
|
4BCF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976832510.0000000004BCF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4BCF000
|
| Size: |
4096
|
|
|
39DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926889909.00000000039DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
39DE000
|
| Size: |
8192
|
|
|
4770000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2100521528.0000000004770000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4770000
|
| Size: |
12288
|
|
|
E8D000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.2097126875.0000000000E8D000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
E8D000
|
| Size: |
32768
|
|
|
3D5F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926965366.0000000003D5F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3D5F000
|
| Size: |
4096
|
|
|
4632000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.894410039.0000000004632000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4632000
|
| Size: |
4096
|
|
|
15D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.918612286.00000000015D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15D4000
|
| Size: |
4096
|
|
|
59D000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.924972432.000000000059D000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
59D000
|
| Size: |
32768
|
|
|
408F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976472393.000000000408F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
408F000
|
| Size: |
4096
|
|
|
28F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1321759712.00000000028F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
28F0000
|
| Size: |
53248
|
|
|
29C0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.881634627.00000000029C0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
29C0000
|
| Size: |
53248
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888433038.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1357760259.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
DBE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.894328413.0000000000DBE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DBE000
|
| Size: |
122880
|
|
|
292C000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2098386731.000000000292C000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
292C000
|
| Size: |
8192
|
|
|
4D40000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1331733289.0000000004D40000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D40000
|
| Size: |
4096
|
|
|
4EE0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.920462643.0000000004EE0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4EE0000
|
| Size: |
53248
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887496415.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1358023284.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
430F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976541507.000000000430F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
430F000
|
| Size: |
4096
|
|
|
416E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2100122259.000000000416E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
416E000
|
| Size: |
8192
|
|
|
354F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976118213.000000000354F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
354F000
|
| Size: |
4096
|
|
|
CA5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926073681.0000000000CA5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
CA5000
|
| Size: |
8192
|
|
|
4D10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976894799.0000000004D10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D10000
|
| Size: |
4096
|
|
|
37CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976196738.00000000037CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
37CF000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888547046.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
AFA000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926013852.0000000000AFA000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
AFA000
|
| Size: |
24576
|
|
|
492000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.924972432.0000000000492000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
492000
|
| Size: |
892928
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
4EB4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927457050.0000000004EB4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4EB4000
|
| Size: |
12288
|
|
|
5300000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000003.935037476.0000000005300000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5300000
|
| Size: |
8192
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1359442843.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
15D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.918648733.00000000015D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15D4000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1359171333.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
28F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1322996086.00000000028F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
28F0000
|
| Size: |
53248
|
|
|
40FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.966078511.00000000040FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
40FF000
|
| Size: |
4096
|
|
|
4DA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.2100824645.0000000004DA0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4DA0000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886940942.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
DB8000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.894858434.0000000000DB8000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DB8000
|
| Size: |
12288
|
|
|
1060000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.975699592.0000000001060000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1060000
|
| Size: |
4096
|
|
|
169E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965575313.000000000169E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
169E000
|
| Size: |
8192
|
|
|
6B11000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.893810879.0000000006B11000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
6B11000
|
| Size: |
4096
|
|
|
480F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976700950.000000000480F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
480F000
|
| Size: |
4096
|
|
|
4C50000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.927340067.0000000004C50000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C50000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1359013189.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1334025734.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
401E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927047449.000000000401E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
401E000
|
| Size: |
8192
|
|
|
52D0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000003.935385117.00000000052D0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
52D0000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887238673.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4C2C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2100665395.0000000004C2C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C2C000
|
| Size: |
16384
|
|
|
326E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2098860929.000000000326E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
326E000
|
| Size: |
8192
|
|
|
1780000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.930328131.0000000001780000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1780000
|
| Size: |
53248
|
|
|
29A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.869278604.00000000029A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
29A0000
|
| Size: |
53248
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1358598612.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
5500000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.925092400.0000000005500000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5500000
|
| Size: |
4096
|
|
|
3EEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2099950979.0000000003EEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3EEE000
|
| Size: |
8192
|
|
|
2910000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1330108499.0000000002910000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
2910000
|
| Size: |
53248
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.859880361.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
49152
|
|
|
17A0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.975878002.00000000017A0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
17A0000
|
| Size: |
36864
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1329020041.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889720532.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886179572.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
B90000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000002.00000000.893412206.0000000000B90000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B90000
|
| Size: |
4096
|
|
|
30EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965688593.00000000030EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
30EE000
|
| Size: |
8192
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888314692.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
15D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.932355908.00000000015D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15D4000
|
| Size: |
4096
|
|
|
390F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976232721.000000000390F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
390F000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886426243.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1357118315.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
29A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.867440581.00000000029A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
29A0000
|
| Size: |
53248
|
|
|
15D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.918694609.00000000015D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15D4000
|
| Size: |
4096
|
|
|
29C0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.883400206.00000000029C0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
29C0000
|
| Size: |
53248
|
|
|
16C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965587667.00000000016C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16C0000
|
| Size: |
4096
|
|
|
4E10000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.2101067420.0000000004E10000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4E10000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889917386.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
3C3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965979351.0000000003C3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C3E000
|
| Size: |
8192
|
|
|
462F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2100424909.000000000462F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
462F000
|
| Size: |
4096
|
|
|
44BF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.966225179.00000000044BF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
44BF000
|
| Size: |
4096
|
|
|
4D60000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1331689971.0000000004D60000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D60000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888863044.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4D11000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.939081381.0000000004D11000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D11000
|
| Size: |
49152
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886499186.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888362862.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886618058.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
DF4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889411338.0000000000DF4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DF4000
|
| Size: |
81920
|
|
|
15D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.939874184.00000000015D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15D4000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888771111.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
5B5000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000000.00000002.925882090.00000000005B5000.00000080.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
5B5000
|
| Size: |
1691648
|
|
|
1780000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.923625648.0000000001780000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1780000
|
| Size: |
53248
|
|
|
376E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2099291539.000000000376E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
376E000
|
| Size: |
8192
|
|
|
1780000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.924672410.0000000001780000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1780000
|
| Size: |
53248
|
|
|
16D0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965599945.00000000016D0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16D0000
|
| Size: |
32768
|
|
|
43AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2100250709.00000000043AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
43AF000
|
| Size: |
4096
|
|
|
35FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965829704.00000000035FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
35FE000
|
| Size: |
8192
|
|
|
4D60000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1331536637.0000000004D60000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D60000
|
| Size: |
4096
|
|
|
4A8F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976792154.0000000004A8F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4A8F000
|
| Size: |
4096
|
|
|
15D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.940310991.00000000015D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15D4000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1357378820.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
A3C000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.975174476.0000000000A3C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
A3C000
|
| Size: |
16384
|
|
|
41CF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976507116.00000000041CF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
41CF000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1333446069.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
49152
|
|
|
506F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2101310878.000000000506F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
506F000
|
| Size: |
4096
|
|
|
55CD000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2101700252.00000000055CD000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
55CD000
|
| Size: |
12288
|
|
|
29A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.863942077.00000000029A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
29A0000
|
| Size: |
53248
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1358186492.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1357720298.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
5300000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000003.935126656.0000000005300000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5300000
|
| Size: |
4096
|
|
|
D93000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.894871160.0000000000D93000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D93000
|
| Size: |
36864
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886920062.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4D60000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1331643668.0000000004D60000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D60000
|
| Size: |
4096
|
|
|
347F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965793071.000000000347F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
347F000
|
| Size: |
4096
|
|
|
53C0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.977133144.00000000053C0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53C0000
|
| Size: |
4096
|
|
|
4C70000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.927369890.0000000004C70000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C70000
|
| Size: |
4096
|
|
|
E10000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926357597.0000000000E10000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E10000
|
| Size: |
143360
|
|
|
2A0000
|
unkown
|
page readonly
|
|
|
|
| Name: |
00000000.00000000.854721215.00000000002A0000.00000002.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
2A0000
|
| Size: |
4096
|
|
|
4ACE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976808899.0000000004ACE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4ACE000
|
| Size: |
8192
|
|
|
3ABF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965926737.0000000003ABF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3ABF000
|
| Size: |
4096
|
|
|
2EAE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2098653655.0000000002EAE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2EAE000
|
| Size: |
8192
|
|
|
3C2F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2099735942.0000000003C2F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C2F000
|
| Size: |
4096
|
|
|
5500000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.924991192.0000000005500000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5500000
|
| Size: |
4096
|
|
|
4E00000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.2101028200.0000000004E00000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4E00000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1340066530.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
B90000
|
unkown
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.975209751.0000000000B90000.00000004.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page read and write
|
| Base address: |
B90000
|
| Size: |
4096
|
|
|
B50000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926027944.0000000000B50000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
B50000
|
| Size: |
4096
|
|
|
4B3E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.967358924.0000000004B3E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4B3E000
|
| Size: |
8192
|
|
|
D91000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926183604.0000000000D91000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D91000
|
| Size: |
8192
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1359510554.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1315962757.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
49152
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1359408988.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4D7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.967465550.0000000004D7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4D7F000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1328768794.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
241664
|
|
|
2927000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2098386731.0000000002927000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
2927000
|
| Size: |
12288
|
|
|
B90000
|
unkown
|
page readonly
|
|
|
|
| Name: |
0000000C.00000000.1307761023.0000000000B90000.00000002.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page readonly
|
| Base address: |
B90000
|
| Size: |
4096
|
|
|
5320000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.976968727.0000000005320000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5320000
|
| Size: |
4096
|
|
|
B91000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
0000000C.00000000.1307777006.0000000000B91000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
B91000
|
| Size: |
188416
|
|
|
5500000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.924904724.0000000005500000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5500000
|
| Size: |
8192
|
|
|
4EE0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.903155865.0000000004EE0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4EE0000
|
| Size: |
53248
|
|
|
494F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976748287.000000000494F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
494F000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1333719835.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4DF0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.2100991624.0000000004DF0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4DF0000
|
| Size: |
4096
|
|
|
3D6F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2099809254.0000000003D6F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3D6F000
|
| Size: |
4096
|
|
|
4780000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2100521528.0000000004780000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4780000
|
| Size: |
36864
|
|
|
653D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927744052.000000000653D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
653D000
|
| Size: |
12288
|
|
|
38AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2099407101.00000000038AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
38AE000
|
| Size: |
8192
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1333615834.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888667561.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1358629388.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
484E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976724380.000000000484E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
484E000
|
| Size: |
8192
|
|
|
29A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.862261074.00000000029A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
29A0000
|
| Size: |
53248
|
|
|
5300000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000003.935171611.0000000005300000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5300000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1358754386.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4D60000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1331566569.0000000004D60000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D60000
|
| Size: |
4096
|
|
|
4CA0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.927415874.0000000004CA0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CA0000
|
| Size: |
4096
|
|
|
389E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926845740.000000000389E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
389E000
|
| Size: |
8192
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1357060647.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
80B1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.890776138.00000000080B1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
80B1000
|
| Size: |
53248
|
|
|
3E9F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927001247.0000000003E9F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3E9F000
|
| Size: |
4096
|
|
|
323E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965746149.000000000323E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
323E000
|
| Size: |
8192
|
|
|
626F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927649169.000000000626F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
626F000
|
| Size: |
4096
|
|
|
5500000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.925119000.0000000005500000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5500000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1358452389.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
1780000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.932084977.0000000001780000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1780000
|
| Size: |
53248
|
|
|
49FE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.967305664.00000000049FE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
49FE000
|
| Size: |
8192
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1334300118.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887004582.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1357463838.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
5510000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.968881954.0000000005510000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5510000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887164903.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
339E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926721960.000000000339E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
339E000
|
| Size: |
8192
|
|
|
29A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.871921915.00000000029A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
29A0000
|
| Size: |
53248
|
|
|
399F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926860903.000000000399F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
399F000
|
| Size: |
4096
|
|
|
2FAF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.975946149.0000000002FAF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2FAF000
|
| Size: |
4096
|
|
|
28F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1319294185.00000000028F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
28F0000
|
| Size: |
53248
|
|
|
15CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.975826045.00000000015CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
15CE000
|
| Size: |
8192
|
|
|
2D6E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2098587483.0000000002D6E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D6E000
|
| Size: |
8192
|
|
|
28F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1326759418.00000000028F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
28F0000
|
| Size: |
53248
|
|
|
4C10000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.883787189.0000000004C10000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C10000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887185661.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4C10000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.883699809.0000000004C10000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C10000
|
| Size: |
8192
|
|
|
4DD0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.2100925474.0000000004DD0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4DD0000
|
| Size: |
4096
|
|
|
458F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976620195.000000000458F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
458F000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.873848298.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
237568
|
|
|
4EC0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.967927146.0000000004EC0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4EC0000
|
| Size: |
4096
|
|
|
425F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927091751.000000000425F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
425F000
|
| Size: |
4096
|
|
|
29A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.873778488.00000000029A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
29A0000
|
| Size: |
53248
|
|
|
30F7000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965700960.00000000030F7000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
30F7000
|
| Size: |
8192
|
|
|
29A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.865537848.00000000029A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
29A0000
|
| Size: |
53248
|
|
|
53BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.968335015.00000000053BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
53BE000
|
| Size: |
8192
|
|
|
1780000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.927636327.0000000001780000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1780000
|
| Size: |
53248
|
|
|
373E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965855867.000000000373E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
373E000
|
| Size: |
8192
|
|
|
8F0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2096177907.00000000008F0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8F0000
|
| Size: |
90112
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| URLs found in memory or binary data |
Networking |
|
|
|
335F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926705646.000000000335F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
335F000
|
| Size: |
4096
|
|
|
BFD000
|
unkown
|
page write copy
|
|
|
|
| Name: |
0000000C.00000000.1307813332.0000000000BFD000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
BFD000
|
| Size: |
4096
|
|
|
BF6000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.2096872355.0000000000BF6000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
BF6000
|
| Size: |
16384
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886961549.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4BE0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.883918165.0000000004BE0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4BE0000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1334148940.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1358347715.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
5500000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.925634561.0000000005500000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5500000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887867999.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887084801.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
1042000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.975681070.0000000001042000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
1042000
|
| Size: |
8192
|
|
|
4C00000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.883905331.0000000004C00000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C00000
|
| Size: |
4096
|
|
|
386F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2099353283.000000000386F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
386F000
|
| Size: |
4096
|
|
|
4C55000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1331078876.0000000004C55000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4C55000
|
| Size: |
12288
|
|
|
DC6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926322045.0000000000DC6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DC6000
|
| Size: |
86016
|
| Signature Hits |
Behavior Group |
Mitre Attack |
|
| May try to detect the virtual machine to hinder analysis (VM artifact strings found in memory) |
Malware Analysis System Evasion |
Security Software Discovery
|
|
|
D9F000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.894619786.0000000000D9F000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
D9F000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887738646.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4CB0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.927429550.0000000004CB0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4CB0000
|
| Size: |
4096
|
|
|
281E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926428572.000000000281E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
281E000
|
| Size: |
8192
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886364896.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886022144.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
3D0E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976373594.0000000003D0E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3D0E000
|
| Size: |
8192
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887527873.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
1780000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.922611200.0000000001780000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1780000
|
| Size: |
53248
|
|
|
3047000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976005274.0000000003047000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3047000
|
| Size: |
8192
|
|
|
E60000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.975295753.0000000000E60000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
E60000
|
| Size: |
114688
|
|
|
3E7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.966021769.0000000003E7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3E7F000
|
| Size: |
4096
|
|
|
476F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2100496776.000000000476F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
476F000
|
| Size: |
4096
|
|
|
4EF1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.922059318.0000000004EF1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4EF1000
|
| Size: |
4096
|
|
|
53E5000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.924592214.00000000053E5000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
53E5000
|
| Size: |
12288
|
|
|
30F000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.924972432.000000000030F000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
30F000
|
| Size: |
1576960
|
|
|
B3D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.975194184.0000000000B3D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
B3D000
|
| Size: |
12288
|
|
|
55A0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.969550917.00000000055A0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
55A0000
|
| Size: |
4096
|
|
|
336F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2098890692.000000000336F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
336F000
|
| Size: |
4096
|
|
|
5300000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000003.935209964.0000000005300000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5300000
|
| Size: |
4096
|
|
|
5560000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.969487534.0000000005560000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5560000
|
| Size: |
4096
|
|
|
4DB0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.2100856074.0000000004DB0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4DB0000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1357298902.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
325E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926690735.000000000325E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
325E000
|
| Size: |
8192
|
|
|
DFB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.894328413.0000000000DFB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DFB000
|
| Size: |
81920
|
|
|
4D50000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1331749482.0000000004D50000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D50000
|
| Size: |
4096
|
|
|
119E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.975718734.000000000119E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
119E000
|
| Size: |
8192
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1359546434.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886899843.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
45FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.966254027.00000000045FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
45FF000
|
| Size: |
4096
|
|
|
402E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2100044402.000000000402E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
402E000
|
| Size: |
8192
|
|
|
368F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976161710.000000000368F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
368F000
|
| Size: |
4096
|
|
|
45CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976638411.00000000045CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
45CE000
|
| Size: |
8192
|
|
|
434E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976558992.000000000434E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
434E000
|
| Size: |
8192
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889008242.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
C30000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926042227.0000000000C30000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
C30000
|
| Size: |
8192
|
|
|
E08000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889385448.0000000000E08000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E08000
|
| Size: |
57344
|
|
|
E06000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889561241.0000000000E06000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
E06000
|
| Size: |
8192
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887024258.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
35DF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926766700.00000000035DF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
35DF000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887674725.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
44EF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2100339730.00000000044EF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
44EF000
|
| Size: |
4096
|
|
|
3FBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.966049804.0000000003FBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3FBF000
|
| Size: |
4096
|
|
|
5300000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000003.935075573.0000000005300000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5300000
|
| Size: |
4096
|
|
|
31FF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965729019.00000000031FF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
31FF000
|
| Size: |
4096
|
|
|
29A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.860663640.00000000029A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
29A0000
|
| Size: |
53248
|
|
|
2D5E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926576829.0000000002D5E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D5E000
|
| Size: |
8192
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888937560.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4BEC000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2100627661.0000000004BEC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4BEC000
|
| Size: |
16384
|
|
|
15D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.932209148.00000000015D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15D4000
|
| Size: |
4096
|
|
|
4C10000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.883859866.0000000004C10000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C10000
|
| Size: |
4096
|
|
|
7C0000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2095937022.00000000007C0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
7C0000
|
| Size: |
16384
|
|
|
380E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976213663.000000000380E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
380E000
|
| Size: |
8192
|
|
|
5520000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.968959465.0000000005520000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5520000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1358510323.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886526434.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
3A8E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976303264.0000000003A8E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A8E000
|
| Size: |
8192
|
|
|
4C10000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.883724890.0000000004C10000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C10000
|
| Size: |
4096
|
|
|
411F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927062621.000000000411F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
411F000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888718949.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
5500000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.925612687.0000000005500000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5500000
|
| Size: |
4096
|
|
|
BFD000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000003.00000002.975280886.0000000000BFD000.00000008.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
BFD000
|
| Size: |
4096
|
|
|
1440000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965510002.0000000001440000.00000004.00000020.00040000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1440000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889889560.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
461F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927217664.000000000461F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
461F000
|
| Size: |
4096
|
|
|
51CE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976915513.00000000051CE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
51CE000
|
| Size: |
8192
|
|
|
371F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926802771.000000000371F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
371F000
|
| Size: |
4096
|
|
|
63AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927683666.00000000063AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
63AF000
|
| Size: |
4096
|
|
|
2FDE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926634869.0000000002FDE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2FDE000
|
| Size: |
8192
|
|
|
4D0F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976874965.0000000004D0F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4D0F000
|
| Size: |
4096
|
|
|
3A4F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976285395.0000000003A4F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3A4F000
|
| Size: |
4096
|
|
|
463E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.966291786.000000000463E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
463E000
|
| Size: |
8192
|
|
|
80B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927888778.00000000080B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
80B0000
|
| Size: |
147456
|
|
|
860000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2096118149.0000000000860000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
860000
|
| Size: |
8192
|
|
|
8CE000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2096177907.00000000008CE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
8CE000
|
| Size: |
16384
|
|
|
2D2F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2098550356.0000000002D2F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2D2F000
|
| Size: |
4096
|
|
|
420E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976522959.000000000420E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
420E000
|
| Size: |
8192
|
|
|
3FEF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2099999696.0000000003FEF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3FEF000
|
| Size: |
4096
|
|
|
321F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926677807.000000000321F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
321F000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1359375554.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
C9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926058250.0000000000C9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
C9E000
|
| Size: |
8192
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888042110.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
3D3F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965994000.0000000003D3F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3D3F000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888410671.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
BFF000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.2097126875.0000000000BFF000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
BFF000
|
| Size: |
1576960
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887564667.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
DDF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.894328413.0000000000DDF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DDF000
|
| Size: |
77824
|
|
|
56CC000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2101835690.00000000056CC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
56CC000
|
| Size: |
16384
|
|
|
426F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2100163455.000000000426F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
426F000
|
| Size: |
4096
|
|
|
4D80000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.2100762563.0000000004D80000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D80000
|
| Size: |
4096
|
|
|
4D90000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.2100790100.0000000004D90000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D90000
|
| Size: |
4096
|
|
|
190F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965676037.000000000190F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
190F000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888693047.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
15D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.918457408.00000000015D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15D4000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1358656575.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
533E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2101500946.000000000533E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
533E000
|
| Size: |
8192
|
|
|
CEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926103689.0000000000CEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
CEE000
|
| Size: |
8192
|
|
|
28EE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2098351547.00000000028EE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
28EE000
|
| Size: |
8192
|
|
|
DDF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.894163520.0000000000DDF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DDF000
|
| Size: |
77824
|
|
|
64FC000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927729097.00000000064FC000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
64FC000
|
| Size: |
16384
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889838247.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
67C000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2095716161.000000000067C000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
67C000
|
| Size: |
16384
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1359291994.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
3FFE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.966063128.0000000003FFE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3FFE000
|
| Size: |
8192
|
|
|
302E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.975987128.000000000302E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
302E000
|
| Size: |
8192
|
|
|
4D60000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1331623555.0000000004D60000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D60000
|
| Size: |
4096
|
|
|
1780000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.921648092.0000000001780000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1780000
|
| Size: |
53248
|
|
|
5500000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000003.925584044.0000000005500000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5500000
|
| Size: |
4096
|
|
|
2FEE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.975964127.0000000002FEE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2FEE000
|
| Size: |
8192
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887143169.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4EF1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.922103346.0000000004EF1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4EF1000
|
| Size: |
4096
|
|
|
291F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926442703.000000000291F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
291F000
|
| Size: |
4096
|
|
|
4EB0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927457050.0000000004EB0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4EB0000
|
| Size: |
8192
|
|
|
E8D000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.975295753.0000000000E8D000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
E8D000
|
| Size: |
32768
|
|
|
375E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926817258.000000000375E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
375E000
|
| Size: |
8192
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.885926005.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4D70000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.2100727417.0000000004D70000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D70000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889688658.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.885991004.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887465736.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886854051.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
34DE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926752187.00000000034DE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
34DE000
|
| Size: |
8192
|
|
|
4C30000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.927312426.0000000004C30000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C30000
|
| Size: |
4096
|
|
|
5380000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.924479160.0000000005380000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
5380000
|
| Size: |
53248
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1357191977.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889298559.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
3D9E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926979150.0000000003D9E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3D9E000
|
| Size: |
8192
|
|
|
5550000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.969469380.0000000005550000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5550000
|
| Size: |
4096
|
|
|
BFF000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.975295753.0000000000BFF000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
BFF000
|
| Size: |
1576960
|
|
|
30D000
|
unkown
|
page write copy
|
|
|
|
| Name: |
00000000.00000000.854764973.000000000030D000.00000008.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page write copy
|
| Base address: |
30D000
|
| Size: |
4096
|
|
|
48BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.967268208.00000000048BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
48BE000
|
| Size: |
8192
|
|
|
DDF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926322045.0000000000DDF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DDF000
|
| Size: |
77824
|
|
|
E96000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.965140204.0000000000E96000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
E96000
|
| Size: |
36864
|
|
|
3BFF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965958302.0000000003BFF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3BFF000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888383033.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
89B000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2096177907.000000000089B000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
89B000
|
| Size: |
204800
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1357802756.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.885676421.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4DBE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.967572404.0000000004DBE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4DBE000
|
| Size: |
8192
|
|
|
55B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.969567676.00000000055B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
55B0000
|
| Size: |
4096
|
|
|
28F0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1324913489.00000000028F0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
28F0000
|
| Size: |
53248
|
|
|
16DE000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965599945.00000000016DE000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
16DE000
|
| Size: |
155648
|
|
|
5330000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.976983222.0000000005330000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5330000
|
| Size: |
4096
|
|
|
4EE0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.915078638.0000000004EE0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
4EE0000
|
| Size: |
53248
|
|
|
570000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.924972432.0000000000570000.00000040.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
570000
|
| Size: |
114688
|
|
|
2C1E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926545285.0000000002C1E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2C1E000
|
| Size: |
8192
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888477308.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4D11000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.918385552.0000000004D11000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4D11000
|
| Size: |
49152
|
|
|
3C5D000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926949999.0000000003C5D000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3C5D000
|
| Size: |
12288
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887585898.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1358424577.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
470E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976681452.000000000470E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
470E000
|
| Size: |
8192
|
|
|
39BE000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965913713.00000000039BE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
39BE000
|
| Size: |
8192
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1359475571.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886597163.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
5FE6000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.893896490.0000000005FE6000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5FE6000
|
| Size: |
4096
|
|
|
586E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2101910755.000000000586E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
586E000
|
| Size: |
8192
|
|
|
4EBF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.967772721.0000000004EBF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4EBF000
|
| Size: |
4096
|
|
|
6A7F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927816555.0000000006A7F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
6A7F000
|
| Size: |
4096
|
|
|
558E000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2101621604.000000000558E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
558E000
|
| Size: |
8192
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1357917612.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
3ADF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926905862.0000000003ADF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3ADF000
|
| Size: |
4096
|
|
|
B91000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000002.00000000.893753440.0000000000B91000.00000080.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
B91000
|
| Size: |
188416
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886457035.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
4D30000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000003.1331766625.0000000004D30000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4D30000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1359264035.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1328945762.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
412F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2100083926.000000000412F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
412F000
|
| Size: |
4096
|
|
|
451E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927169991.000000000451E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
451E000
|
| Size: |
8192
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.874584754.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
1535000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965535932.0000000001535000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1535000
|
| Size: |
8192
|
|
|
383F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965873549.000000000383F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
383F000
|
| Size: |
4096
|
|
|
5300000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000003.935096690.0000000005300000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5300000
|
| Size: |
4096
|
|
|
DDF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.894819061.0000000000DDF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DDF000
|
| Size: |
77824
|
|
|
80BF000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.890776138.00000000080BF000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
80BF000
|
| Size: |
204800
|
|
|
1042000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
0000000C.00000002.2098265963.0000000001042000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
1042000
|
| Size: |
8192
|
|
|
663E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927761203.000000000663E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
663E000
|
| Size: |
8192
|
|
|
1780000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.925744157.0000000001780000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1780000
|
| Size: |
53248
|
|
|
5FE5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.893857702.0000000005FE5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
5FE5000
|
| Size: |
8192
|
|
|
53B0000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.977117814.00000000053B0000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
53B0000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1358886115.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4771000
|
heap
|
page read and write
|
|
|
|
| Name: |
0000000C.00000003.1338366838.0000000004771000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4771000
|
| Size: |
4096
|
|
|
4620000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927234109.0000000004620000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4620000
|
| Size: |
40960
|
|
|
543F000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2101536364.000000000543F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
543F000
|
| Size: |
4096
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.889275364.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
1530000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965535932.0000000001530000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
1530000
|
| Size: |
16384
|
|
|
33AE000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2098935376.00000000033AE000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
33AE000
|
| Size: |
8192
|
|
|
180E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.965662112.000000000180E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
180E000
|
| Size: |
8192
|
|
|
DF5000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.893960813.0000000000DF5000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DF5000
|
| Size: |
4096
|
|
|
1780000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.931186085.0000000001780000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
1780000
|
| Size: |
53248
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.886550294.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
51AF000
|
stack
|
page read and write
|
|
|
|
| Name: |
0000000C.00000002.2101387216.00000000051AF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
12
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
51AF000
|
| Size: |
4096
|
|
|
DFB000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926357597.0000000000DFB000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
DFB000
|
| Size: |
81920
|
|
|
5B4000
|
unkown
|
page execute and write copy
|
|
|
|
| Name: |
00000000.00000000.854792858.00000000005B4000.00000080.00000001.01000000.00000003.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process new
|
| Regiontype: |
unkown
|
| Protect: |
page execute and write copy
|
| Base address: |
5B4000
|
| Size: |
1703936
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.887714877.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
5590000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.969536145.0000000005590000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5590000
|
| Size: |
4096
|
|
|
E8D000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.965140204.0000000000E8D000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
E8D000
|
| Size: |
32768
|
|
|
3CCF000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976357350.0000000003CCF000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
3CCF000
|
| Size: |
4096
|
|
|
5390000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000003.00000002.977085651.0000000005390000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
5390000
|
| Size: |
4096
|
|
|
4C7E000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000002.00000002.967421867.0000000004C7E000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
4C7E000
|
| Size: |
8192
|
|
|
4621000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.888884948.0000000004621000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4621000
|
| Size: |
4096
|
|
|
E60000
|
unkown
|
page execute and read and write
|
|
|
|
| Name: |
00000002.00000002.965140204.0000000000E60000.00000040.00000001.01000000.00000007.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
process exit
|
| Regiontype: |
unkown
|
| Protect: |
page execute and read and write
|
| Base address: |
E60000
|
| Size: |
114688
|
|
|
29A0000
|
direct allocation
|
page read and write
|
|
|
|
| Name: |
00000000.00000003.861434814.00000000029A0000.00000004.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page read and write
|
| Base address: |
29A0000
|
| Size: |
53248
|
|
|
612F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927578842.000000000612F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
612F000
|
| Size: |
4096
|
|
|
2F9F000
|
stack
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.926619713.0000000002F9F000.00000004.00000010.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
stack
|
| Protect: |
page read and write
|
| Base address: |
2F9F000
|
| Size: |
4096
|
|
|
3040000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000002.976005274.0000000003040000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
3040000
|
| Size: |
16384
|
|
|
4EF1000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000002.00000003.922030203.0000000004EF1000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
2
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
4EF1000
|
| Size: |
4096
|
|
|
15D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.918661936.00000000015D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15D4000
|
| Size: |
4096
|
|
|
15D4000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000003.00000003.932382012.00000000015D4000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
3
|
| Dumpstage: |
free memory
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
15D4000
|
| Size: |
4096
|
|
|
4C10000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000003.883803709.0000000004C10000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
free memory
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C10000
|
| Size: |
4096
|
|
|
4C90000
|
direct allocation
|
page execute and read and write
|
|
|
|
| Name: |
00000000.00000002.927401635.0000000004C90000.00000040.00001000.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
direct allocation
|
| Protect: |
page execute and read and write
|
| Base address: |
4C90000
|
| Size: |
4096
|
|
|
63B0000
|
heap
|
page read and write
|
|
|
|
| Name: |
00000000.00000002.927697298.00000000063B0000.00000004.00000020.00020000.00000000.sdmp
|
| TargetID: |
0
|
| Dumpstage: |
process exit
|
| Regiontype: |
heap
|
| Protect: |
page read and write
|
| Base address: |
63B0000
|
| Size: |
4096
|
|
